Java Code Examples for org.ietf.jgss.GSSContext#initSecContext()
The following examples show how to use
org.ietf.jgss.GSSContext#initSecContext() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: KeycloakSPNegoSchemeFactory.java From keycloak with Apache License 2.0 | 6 votes |
@Override public ByteArrayHolder run() throws Exception { byte[] token = input; if (token == null) { token = new byte[0]; } GSSManager manager = getManager(); String httPrincipal = kerberosConfig.getServerPrincipal().replaceFirst("/.*@", "/" + authServer + "@"); GSSName serverName = manager.createName(httPrincipal, null); GSSContext gssContext = manager.createContext( serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME); gssContext.requestMutualAuth(true); gssContext.requestCredDeleg(true); byte[] outputToken = gssContext.initSecContext(token, 0, token.length); ByteArrayHolder result = new ByteArrayHolder(); result.bytes = outputToken; return result; }
Example 2
Source File: HTTPKerberosAuthInterceptor.java From java-client-api with Apache License 2.0 | 6 votes |
@Override public Object run() { try { Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2"); Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1"); final GSSManager manager = GSSManager.getInstance(); final GSSName clientName = manager.createName(clientPrincipalName, krb5PrincipalNameType); final GSSCredential clientCred = manager.createCredential(clientName, 8 * 3600, krb5Mechanism, GSSCredential.INITIATE_ONLY); final GSSName serverName = manager.createName(serverPrincipalName, krb5PrincipalNameType); final GSSContext context = manager.createContext(serverName, krb5Mechanism, clientCred, GSSContext.DEFAULT_LIFETIME); byte[] inToken = new byte[0]; byte[] outToken = context.initSecContext(inToken, 0, inToken.length); if (outToken == null) { throw new FailedRequestException("could not initialize the security context"); } context.requestMutualAuth(true); outputToken.append(new String(Base64.getEncoder().encode(outToken))); context.dispose(); } catch (GSSException exception) { throw new FailedRequestException(exception.getMessage(), exception); } return null; }
Example 3
Source File: SpnegoAuthInterceptor.java From knox with Apache License 2.0 | 5 votes |
private byte[] generateToken(String servicePrincipal) { GSSContext context = null; try { GSSCredentialSession GSSCredentialSession = getCredentialSession(); context = doAs(subject, () -> { GSSContext result = GSS_MANAGER.createContext(GSS_MANAGER.createName(servicePrincipal, NT_HOSTBASED_SERVICE), SPNEGO_OID, GSSCredentialSession.getClientCredential(), INDEFINITE_LIFETIME); result.requestMutualAuth(true); result.requestConf(true); result.requestInteg(true); result.requestCredDeleg(false); return result; }); byte[] token = context.initSecContext(new byte[0], 0, 0); if (token == null) { throw new LoginException("No token generated from GSS context"); } return token; } catch (GSSException | LoginException e) { throw new RuntimeException(format(Locale.getDefault(), "Kerberos error for [%s]: %s", servicePrincipal, e.getMessage()), e); } finally { try { if (context != null) { context.dispose(); } } catch (GSSException ignored) { } } }
Example 4
Source File: HttpDoAsClient.java From hbase with Apache License 2.0 | 5 votes |
private String generateTicket() throws GSSException { final GSSManager manager = GSSManager.getInstance(); // Oid for kerberos principal name Oid krb5PrincipalOid = new Oid("1.2.840.113554.1.2.2.1"); Oid KERB_V5_OID = new Oid("1.2.840.113554.1.2.2"); final GSSName clientName = manager.createName(principal, krb5PrincipalOid); final GSSCredential clientCred = manager.createCredential(clientName, 8 * 3600, KERB_V5_OID, GSSCredential.INITIATE_ONLY); final GSSName serverName = manager.createName(principal, krb5PrincipalOid); final GSSContext context = manager.createContext(serverName, KERB_V5_OID, clientCred, GSSContext.DEFAULT_LIFETIME); context.requestMutualAuth(true); context.requestConf(false); context.requestInteg(true); final byte[] outToken = context.initSecContext(new byte[0], 0, 0); StringBuffer outputBuffer = new StringBuffer(); outputBuffer.append("Negotiate "); outputBuffer.append(Bytes.toString(Base64.getEncoder().encode(outToken))); System.out.print("Ticket is: " + outputBuffer); return outputBuffer.toString(); }
Example 5
Source File: SpnegoHandler.java From presto with Apache License 2.0 | 5 votes |
private byte[] generateToken(String servicePrincipal) { GSSContext context = null; try { Session session = getSession(); context = doAs(session.getLoginContext().getSubject(), () -> { GSSContext result = GSS_MANAGER.createContext( GSS_MANAGER.createName(servicePrincipal, NT_HOSTBASED_SERVICE), SPNEGO_OID, session.getClientCredential(), INDEFINITE_LIFETIME); result.requestMutualAuth(true); result.requestConf(true); result.requestInteg(true); result.requestCredDeleg(true); return result; }); byte[] token = context.initSecContext(new byte[0], 0, 0); if (token == null) { throw new LoginException("No token generated from GSS context"); } return token; } catch (GSSException | LoginException e) { throw new ClientException(format("Kerberos error for [%s]: %s", servicePrincipal, e.getMessage()), e); } finally { try { if (context != null) { context.dispose(); } } catch (GSSException ignored) { } } }
Example 6
Source File: Test5653.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 7
Source File: AbstractSpnegoAuthSupplier.java From cxf with Apache License 2.0 | 4 votes |
/** * Create and return a service ticket token for a given service principal * name * * @param authPolicy * @param spn * @return service ticket token * @throws GSSException * @throws LoginException */ private byte[] getToken(AuthorizationPolicy authPolicy, String spn, Oid oid, Message message) throws GSSException, LoginException { GSSCredential delegatedCred = (GSSCredential)message.getContextualProperty(GSSCredential.class.getName()); Subject subject = null; if (authPolicy != null && delegatedCred == null) { String contextName = authPolicy.getAuthorization(); if (contextName == null) { contextName = ""; } if (!(StringUtils.isEmpty(authPolicy.getUserName()) && StringUtils.isEmpty(contextName) && loginConfig == null)) { CallbackHandler callbackHandler = getUsernamePasswordHandler( authPolicy.getUserName(), authPolicy.getPassword()); LoginContext lc = new LoginContext(contextName, null, callbackHandler, loginConfig); lc.login(); subject = lc.getSubject(); } } GSSManager manager = GSSManager.getInstance(); GSSName serverName = manager.createName(spn, serviceNameType); GSSContext context = manager .createContext(serverName.canonicalize(oid), oid, delegatedCred, GSSContext.DEFAULT_LIFETIME); context.requestCredDeleg(isCredDelegationRequired(message)); // If the delegated cred is not null then we only need the context to // immediately return a ticket based on this credential without attempting // to log on again final byte[] token = new byte[0]; if (delegatedCred != null) { return context.initSecContext(token, 0, token.length); } decorateSubject(subject); try { return Subject.doAs(subject, new CreateServiceTicketAction(context, token)); } catch (PrivilegedActionException e) { if (e.getCause() instanceof GSSException) { throw (GSSException) e.getCause(); } LOG.log(Level.SEVERE, "initSecContext", e); return null; } }
Example 8
Source File: Test5653.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 9
Source File: Test5653.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 10
Source File: Test5653.java From jdk8u_jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 11
Source File: Test5653.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 12
Source File: Test5653.java From hottub with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 13
Source File: Test5653.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 14
Source File: Test5653.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 15
Source File: Test5653.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 16
Source File: Socks5LogicHandler.java From neoscada with Eclipse Public License 1.0 | 4 votes |
/** * Encodes the authentication packet for supported authentication methods. * * @param request the socks proxy request data * @return the encoded buffer * @throws GSSException when something fails while using GSSAPI */ private IoBuffer encodeGSSAPIAuthenticationPacket(final SocksProxyRequest request) throws GSSException { GSSContext ctx = (GSSContext) getSession().getAttribute(GSS_CONTEXT); if (ctx == null) { // first step in the authentication process GSSManager manager = GSSManager.getInstance(); GSSName serverName = manager.createName(request.getServiceKerberosName(), null); Oid krb5OID = new Oid(SocksProxyConstants.KERBEROS_V5_OID); if (LOGGER.isDebugEnabled()) { LOGGER.debug("Available mechs:"); for (Oid o : manager.getMechs()) { if (o.equals(krb5OID)) { LOGGER.debug("Found Kerberos V OID available"); } LOGGER.debug("{} with oid = {}", manager.getNamesForMech(o), o); } } ctx = manager.createContext(serverName, krb5OID, null, GSSContext.DEFAULT_LIFETIME); ctx.requestMutualAuth(true); // Mutual authentication ctx.requestConf(false); ctx.requestInteg(false); getSession().setAttribute(GSS_CONTEXT, ctx); } byte[] token = (byte[]) getSession().getAttribute(GSS_TOKEN); if (token != null) { LOGGER.debug(" Received Token[{}] = {}", token.length, ByteUtilities.asHex(token)); } IoBuffer buf = null; if (!ctx.isEstablished()) { // token is ignored on the first call if (token == null) { token = new byte[32]; } token = ctx.initSecContext(token, 0, token.length); // Send a token to the server if one was generated by // initSecContext if (token != null) { LOGGER.debug(" Sending Token[{}] = {}", token.length, ByteUtilities.asHex(token)); getSession().setAttribute(GSS_TOKEN, token); buf = IoBuffer.allocate(4 + token.length); buf.put(new byte[] { SocksProxyConstants.GSSAPI_AUTH_SUBNEGOTIATION_VERSION, SocksProxyConstants.GSSAPI_MSG_TYPE }); buf.put(ByteUtilities.intToNetworkByteOrder(token.length, 2)); buf.put(token); } } return buf; }
Example 17
Source File: Test5653.java From openjdk-jdk8u with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 18
Source File: Test5653.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 19
Source File: Test5653.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }
Example 20
Source File: Test5653.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
public static void main(String[] args) throws Exception { Oid oldOid = new Oid("1.3.6.1.5.6.2"); new OneKDC(null).writeJAASConf(); System.setProperty("javax.security.auth.useSubjectCredsOnly", "false"); GSSManager m = GSSManager.getInstance(); boolean found = false; // Test 1: the getMechsForName() method accepts it. for (Oid tmp: m.getMechsForName(oldOid)) { if (tmp.equals(GSSUtil.GSS_KRB5_MECH_OID)) { found = true; break; } } if (!found) { throw new Exception("Cannot found krb5 mech for old name type"); } // Test 2: the createName() method accepts it. GSSName name = m.createName("server@host.rabbit.hole", oldOid); // Test 3: its getStringNameType() output is correct if (!name.getStringNameType().equals(GSSName.NT_HOSTBASED_SERVICE)) { throw new Exception("GSSName not correct name type"); } // Test 4: everything still works. GSSContext c1 = m.createContext( name, GSSUtil.GSS_KRB5_MECH_OID, null, GSSContext.DEFAULT_LIFETIME); byte[] token = c1.initSecContext(new byte[0], 0, 0); Context s; s = Context.fromJAAS("server"); s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID); s.x().acceptSecContext(token, 0, token.length); }