com.sun.security.jgss.InquireType Java Examples

The following examples show how to use com.sun.security.jgss.InquireType. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Krb5Context.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #2
Source File: Krb5Context.java    From jdk8u-dev-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #3
Source File: Krb5Context.java    From jdk8u-jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #4
Source File: Krb5Context.java    From jdk8u_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #5
Source File: Krb5Context.java    From openjdk-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #6
Source File: Krb5Context.java    From openjdk-8-source with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #7
Source File: Krb5Context.java    From hottub with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #8
Source File: NewInquireTypes.java    From openjdk-jdk9 with GNU General Public License v2.0 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, GSSUtil.GSS_KRB5_MECH_OID);
        s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);

        Context.handshake(c, s);

        ExtendedGSSContext ctxt = (ExtendedGSSContext)c.x();
        EncryptionKey key = (EncryptionKey)
                ctxt.inquireSecContext(InquireType.KRB5_GET_SESSION_KEY_EX);
        KerberosCredMessage cred = (KerberosCredMessage)
                ctxt.inquireSecContext(InquireType.KRB5_GET_KRB_CRED);
        c.status();

        // Confirm the KRB_CRED message is encrypted with the session key.
        new KRBCred(cred.getEncoded()).encPart.decrypt(
                new sun.security.krb5.EncryptionKey(key.getKeyType(), key.getEncoded()),
                KeyUsage.KU_ENC_KRB_CRED_PART);
    }
 
Example #9
Source File: Krb5Context.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #10
Source File: Krb5Context.java    From openjdk-jdk8u with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #11
Source File: Krb5Context.java    From jdk8u60 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #12
Source File: Krb5Context.java    From TencentKona-8 with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #13
Source File: Krb5Context.java    From dragonwell8_jdk with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the mechanism-specific attribute associated with {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (!isEstablished()) {
         throw new GSSException(GSSException.NO_CONTEXT, -1,
                 "Security context not established.");
    }
    switch (type) {
        case KRB5_GET_SESSION_KEY:
            return new KerberosSessionKey(key);
        case KRB5_GET_TKT_FLAGS:
            return tktFlags.clone();
        case KRB5_GET_AUTHZ_DATA:
            if (isInitiator()) {
                throw new GSSException(GSSException.UNAVAILABLE, -1,
                        "AuthzData not available on initiator side.");
            } else {
                return (authzData==null)?null:authzData.clone();
            }
        case KRB5_GET_AUTHTIME:
            return authTime;
    }
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #14
Source File: SpNegoContext.java    From hottub with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #15
Source File: SpNegoContext.java    From jdk8u_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #16
Source File: SpNegoContext.java    From TencentKona-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #17
Source File: SpNegoContext.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #18
Source File: SpNegoContext.java    From openjdk-8 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #19
Source File: SpNegoContext.java    From openjdk-8-source with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #20
Source File: SpNegoContext.java    From jdk8u60 with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #21
Source File: SpNegoContext.java    From dragonwell8_jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #22
Source File: SpNegoContext.java    From jdk8u-dev-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #23
Source File: SpNegoContext.java    From jdk8u-jdk with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #24
Source File: GssKrb5Base.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
@Override
public Object getNegotiatedProperty(String propName) {
    if (!completed) {
        throw new IllegalStateException("Authentication incomplete");
    }
    String xprefix = "com.sun.security.jgss.inquiretype.";
    if (propName.startsWith(xprefix)) {
        String type = propName.substring(xprefix.length());
        if (logger.isLoggable(Level.FINEST)) {
            logger.logp(Level.FINE, "GssKrb5Base",
                    "getNegotiatedProperty", propName);
        }
        for (InquireType t: InquireType.values()) {
            if (t.name().toLowerCase(Locale.US).equals(type)) {
                try {
                    return ((ExtendedGSSContext)secCtx).inquireSecContext(t);
                } catch (GSSException e) {
                    if (logger.isLoggable(Level.FINEST)) {
                        logger.log(Level.WARNING, "inquireSecContext error", e);
                    }
                    return null;
                }
            }
        }
        // No such InquireType. Although not likely to be defined
        // as a property in a parent class, still try it.
    }
    return super.getNegotiatedProperty(propName);
}
 
Example #25
Source File: SpNegoContext.java    From openjdk-jdk8u-backup with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #26
Source File: SpNegoContext.java    From openjdk-jdk8u with GNU General Public License v2.0 5 votes vote down vote up
/**
 * Retrieve attribute of the context for {@code type}.
 */
public Object inquireSecContext(InquireType type)
        throws GSSException {
    if (mechContext == null) {
        throw new GSSException(GSSException.NO_CONTEXT, -1,
                "Underlying mech not established.");
    }
    if (mechContext instanceof ExtendedGSSContext) {
        return ((ExtendedGSSContext)mechContext).inquireSecContext(type);
    } else {
        throw new GSSException(GSSException.BAD_MECH, -1,
                "inquireSecContext not supported by underlying mech.");
    }
}
 
Example #27
Source File: NativeGSSContext.java    From dragonwell8_jdk with GNU General Public License v2.0 4 votes vote down vote up
public Object inquireSecContext(InquireType type)
        throws GSSException {
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #28
Source File: NativeGSSContext.java    From jdk8u-jdk with GNU General Public License v2.0 4 votes vote down vote up
public Object inquireSecContext(InquireType type)
        throws GSSException {
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #29
Source File: NativeGSSContext.java    From jdk8u-dev-jdk with GNU General Public License v2.0 4 votes vote down vote up
public Object inquireSecContext(InquireType type)
        throws GSSException {
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}
 
Example #30
Source File: NativeGSSContext.java    From openjdk-jdk8u with GNU General Public License v2.0 4 votes vote down vote up
public Object inquireSecContext(InquireType type)
        throws GSSException {
    throw new GSSException(GSSException.UNAVAILABLE, -1,
            "Inquire type not supported.");
}