Java Code Examples for org.ietf.jgss.GSSContext#dispose()
The following examples show how to use
org.ietf.jgss.GSSContext#dispose() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: HTTPKerberosAuthInterceptor.java From java-client-api with Apache License 2.0 | 6 votes |
@Override public Object run() { try { Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2"); Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1"); final GSSManager manager = GSSManager.getInstance(); final GSSName clientName = manager.createName(clientPrincipalName, krb5PrincipalNameType); final GSSCredential clientCred = manager.createCredential(clientName, 8 * 3600, krb5Mechanism, GSSCredential.INITIATE_ONLY); final GSSName serverName = manager.createName(serverPrincipalName, krb5PrincipalNameType); final GSSContext context = manager.createContext(serverName, krb5Mechanism, clientCred, GSSContext.DEFAULT_LIFETIME); byte[] inToken = new byte[0]; byte[] outToken = context.initSecContext(inToken, 0, inToken.length); if (outToken == null) { throw new FailedRequestException("could not initialize the security context"); } context.requestMutualAuth(true); outputToken.append(new String(Base64.getEncoder().encode(outToken))); context.dispose(); } catch (GSSException exception) { throw new FailedRequestException(exception.getMessage(), exception); } return null; }
Example 2
Source File: SpnegoHandler.java From presto with Apache License 2.0 | 5 votes |
private byte[] generateToken(String servicePrincipal) { GSSContext context = null; try { Session session = getSession(); context = doAs(session.getLoginContext().getSubject(), () -> { GSSContext result = GSS_MANAGER.createContext( GSS_MANAGER.createName(servicePrincipal, NT_HOSTBASED_SERVICE), SPNEGO_OID, session.getClientCredential(), INDEFINITE_LIFETIME); result.requestMutualAuth(true); result.requestConf(true); result.requestInteg(true); result.requestCredDeleg(true); return result; }); byte[] token = context.initSecContext(new byte[0], 0, 0); if (token == null) { throw new LoginException("No token generated from GSS context"); } return token; } catch (GSSException | LoginException e) { throw new ClientException(format("Kerberos error for [%s]: %s", servicePrincipal, e.getMessage()), e); } finally { try { if (context != null) { context.dispose(); } } catch (GSSException ignored) { } } }
Example 3
Source File: Socks5LogicHandler.java From neoscada with Eclipse Public License 1.0 | 5 votes |
/** * Closes the session. If any {@link GSSContext} is present in the session * then it is closed. * * @param message the error message */ @Override protected void closeSession(String message) { GSSContext ctx = (GSSContext) getSession().getAttribute(GSS_CONTEXT); if (ctx != null) { try { ctx.dispose(); } catch (GSSException e) { e.printStackTrace(); super.closeSession(message, e); return; } } super.closeSession(message); }
Example 4
Source File: KerberosToken.java From athenz with Apache License 2.0 | 5 votes |
@Override public String run() throws Exception { GSSContext context = GSSManager.getInstance().createContext((GSSCredential) null); context.acceptSecContext(kerberosTicket, 0, kerberosTicket.length); ///CLOVER:OFF String user = context.getSrcName().toString(); context.dispose(); return user; ///CLOVER:ON }
Example 5
Source File: SpnegoAuthInterceptor.java From knox with Apache License 2.0 | 5 votes |
private byte[] generateToken(String servicePrincipal) { GSSContext context = null; try { GSSCredentialSession GSSCredentialSession = getCredentialSession(); context = doAs(subject, () -> { GSSContext result = GSS_MANAGER.createContext(GSS_MANAGER.createName(servicePrincipal, NT_HOSTBASED_SERVICE), SPNEGO_OID, GSSCredentialSession.getClientCredential(), INDEFINITE_LIFETIME); result.requestMutualAuth(true); result.requestConf(true); result.requestInteg(true); result.requestCredDeleg(false); return result; }); byte[] token = context.initSecContext(new byte[0], 0, 0); if (token == null) { throw new LoginException("No token generated from GSS context"); } return token; } catch (GSSException | LoginException e) { throw new RuntimeException(format(Locale.getDefault(), "Kerberos error for [%s]: %s", servicePrincipal, e.getMessage()), e); } finally { try { if (context != null) { context.dispose(); } } catch (GSSException ignored) { } } }
Example 6
Source File: SPNEGOAuthenticator.java From keycloak with Apache License 2.0 | 5 votes |
@Override public Boolean run() throws Exception { GSSContext gssContext = null; try { if (log.isTraceEnabled()) { log.trace("Going to establish security context"); } gssContext = establishContext(); logAuthDetails(gssContext); if (gssContext.isEstablished()) { if (gssContext.getSrcName() == null) { log.warn("GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration"); return false; } authenticatedKerberosPrincipal = gssContext.getSrcName().toString(); if (gssContext.getCredDelegState()) { delegationCredential = gssContext.getDelegCred(); } return true; } else { return false; } } finally { if (gssContext != null) { gssContext.dispose(); } } }