Java Code Examples for org.ietf.jgss.GSSName#toString()

The following examples show how to use org.ietf.jgss.GSSName#toString() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: LockOutRealm.java    From Tomcat8-Source-Read with MIT License 6 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
    if (gssContext.isEstablished()) {
        String username = null;
        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }

        username = name.toString();

        Principal authenticatedUser = super.authenticate(gssContext, storeCreds);

        return filterLockedAccounts(username, authenticatedUser);
    }

    // Fail in all other cases
    return null;
}
 
Example 2
Source File: HTTPSpnegoAuthenticator.java    From deprecated-security-advanced-modules with Apache License 2.0 6 votes vote down vote up
private static String getUsernameFromGSSContext(final GSSContext gssContext, final boolean strip, final Logger logger) {
    if (gssContext.isEstablished()) {
        GSSName gssName = null;
        try {
            gssName = gssContext.getSrcName();
        } catch (final GSSException e) {
            logger.error("Unable to get src name from gss context", e);
        }

        if (gssName != null) {
            String name = gssName.toString();
            return stripRealmName(name, strip);
        } else {
            logger.error("GSS name is null");
        }
    } else {
        logger.error("GSS context not established");
    }

    return null;
}
 
Example 3
Source File: LockOutRealm.java    From tomcatsrc with Apache License 2.0 6 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
    if (gssContext.isEstablished()) {
        String username = null;
        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }
        
        username = name.toString();
        
        Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
            
        return filterLockedAccounts(username, authenticatedUser);
    }
    
    // Fail in all other cases
    return null;
}
 
Example 4
Source File: KerberosRealm.java    From elasticsearch-shield-kerberos-realm with Apache License 2.0 6 votes vote down vote up
private static String getUsernameFromGSSContext(final GSSContext gssContext, final boolean strip, final ESLogger logger) {
    if (gssContext.isEstablished()) {
        GSSName gssName = null;
        try {
            gssName = gssContext.getSrcName();
        } catch (final GSSException e) {
            logger.error("Unable to get src name from gss context", e);
        }

        if (gssName != null) {
            String name = gssName.toString();

            return stripRealmName(name, strip);

        }
    }

    return null;
}
 
Example 5
Source File: LockOutRealm.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
    if (gssContext.isEstablished()) {
        String username = null;
        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }
        
        username = name.toString();
        
        if (isLocked(username)) {
            // Trying to authenticate a locked user is an automatic failure
            registerAuthFailure(username);
            
            log.warn(sm.getString("lockOutRealm.authLockedUser", username));
            return null;
        }

        Principal authenticatedUser =
                super.authenticate(gssContext, storeCreds);
        
        if (authenticatedUser == null) {
            registerAuthFailure(username);
        } else {
            registerAuthSuccess(username);
        }
        return authenticatedUser;
    }
    
    // Fail in all other cases
    return null;
}
 
Example 6
Source File: Braindump.java    From pegasus with Apache License 2.0 5 votes vote down vote up
/**
 * Returns the distinguished name from the proxy
 *
 * @return the DN else null if proxy file not found.
 */
protected String getGridDN() {
    String dn = null;
    // load and intialize the CredentialHandler Factory
    CredentialHandlerFactory factory = new CredentialHandlerFactory();
    factory.initialize(mBag);
    CredentialHandler handler = factory.loadInstance(CredentialHandler.TYPE.x509);
    String proxy = handler.getPath("local");
    mLogger.log(
            "Proxy whose DN will be logged in the braindump file " + proxy,
            LogManager.DEBUG_MESSAGE_LEVEL);

    try {
        String defaultProxy = CoGProperties.getDefault().getProxyFile();
        if (!defaultProxy.equalsIgnoreCase(proxy)) {
            // the user specified proxy, somewhere in Pegasus configuration
            // can be properties, site catalog or environment.
            mLogger.log(
                    "X509_USER_PROXY system property is set to " + proxy,
                    LogManager.CONFIG_MESSAGE_LEVEL);
            System.setProperty(Proxy.X509_USER_PROXY_KEY, proxy);
        }
        GSSManager manager = ExtendedGSSManager.getInstance();
        GSSCredential credential = manager.createCredential(GSSCredential.INITIATE_AND_ACCEPT);
        GSSName name = credential.getName();
        if (name != null) {
            dn = name.toString();
        }
    } catch (GSSException gsse) {
        mLogger.log("Unable to determine GRID DN", gsse, LogManager.DEBUG_MESSAGE_LEVEL);
    } catch (Exception e) {
        mLogger.log(
                "Unknown exception caught while determining the DN",
                e,
                LogManager.DEBUG_MESSAGE_LEVEL);
    }
    return dn;
}
 
Example 7
Source File: CombinedRealm.java    From Tomcat8-Source-Read with MIT License 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCred) {
    if (gssContext.isEstablished()) {
        Principal authenticatedUser = null;
        String username = null;

        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }

        username = name.toString();

        for (Realm realm : realms) {
            if (log.isDebugEnabled()) {
                log.debug(sm.getString("combinedRealm.authStart",
                        username, realm.getClass().getName()));
            }

            authenticatedUser = realm.authenticate(gssContext, storeCred);

            if (authenticatedUser == null) {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authFail",
                            username, realm.getClass().getName()));
                }
            } else {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authSuccess",
                            username, realm.getClass().getName()));
                }
                break;
            }
        }
        return authenticatedUser;
    }

    // Fail in all other cases
    return null;
}
 
Example 8
Source File: CombinedRealm.java    From Tomcat7.0.67 with Apache License 2.0 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
    if (gssContext.isEstablished()) {
        Principal authenticatedUser = null;
        String username = null;
        
        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }
        
        username = name.toString();

        for (Realm realm : realms) {
            if (log.isDebugEnabled()) {
                log.debug(sm.getString("combinedRealm.authStart",
                        username, realm.getInfo()));
            }

            authenticatedUser = realm.authenticate(gssContext, storeCreds);

            if (authenticatedUser == null) {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authFail",
                            username, realm.getInfo()));
                }
            } else {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authSuccess",
                            username, realm.getInfo()));
                }
                break;
            }
        }
        return authenticatedUser;
    }
    
    // Fail in all other cases
    return null;
}
 
Example 9
Source File: CombinedRealm.java    From tomcatsrc with Apache License 2.0 4 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
    if (gssContext.isEstablished()) {
        Principal authenticatedUser = null;
        String username = null;
        
        GSSName name = null;
        try {
            name = gssContext.getSrcName();
        } catch (GSSException e) {
            log.warn(sm.getString("realmBase.gssNameFail"), e);
            return null;
        }
        
        username = name.toString();

        for (Realm realm : realms) {
            if (log.isDebugEnabled()) {
                log.debug(sm.getString("combinedRealm.authStart",
                        username, realm.getInfo()));
            }

            authenticatedUser = realm.authenticate(gssContext, storeCreds);

            if (authenticatedUser == null) {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authFail",
                            username, realm.getInfo()));
                }
            } else {
                if (log.isDebugEnabled()) {
                    log.debug(sm.getString("combinedRealm.authSuccess",
                            username, realm.getInfo()));
                }
                break;
            }
        }
        return authenticatedUser;
    }
    
    // Fail in all other cases
    return null;
}