Java Code Examples for org.ietf.jgss.Oid

The following are top voted examples for showing how to use org.ietf.jgss.Oid. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: jdk8u-dev-jdk   File: Context.java   View source code 8 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = (ExtendedGSSContext)m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 2
Project: monarch   File: KerberosTicketOperations.java   View source code 7 votes vote down vote up
public static String validateServiceTicket(Subject subject, final byte[] serviceTicket)
    throws GSSException, IllegalAccessException, NoSuchFieldException, ClassNotFoundException,
    PrivilegedActionException {
  // Kerberos version 5 OID
  Oid krb5Oid = KerberosUtils.getOidInstance("GSS_KRB5_MECH_OID");


  // Accept the context and return the client principal name.
  return Subject.doAs(subject, new PrivilegedExceptionAction<String>() {

    @Override
    public String run() throws Exception {
      String clientName = null;
      // Identify the server that communications are being made to.
      GSSManager manager = GSSManager.getInstance();
      GSSContext context = manager.createContext((GSSCredential) null);
      context.acceptSecContext(serviceTicket, 0, serviceTicket.length);
      clientName = context.getSrcName().toString();
      return clientName;
    }
  });
}
 
Example 3
Project: lookaside_java-1.8.0-openjdk   File: Context.java   View source code 7 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = (ExtendedGSSContext)m.createContext(me.cred);
            return null;
        }
    }, null);
}
 
Example 4
Project: lookaside_java-1.8.0-openjdk   File: OidFormat.java   View source code 7 votes vote down vote up
static void testBad(String s) throws Exception {
    System.err.println("Trying " + s);
    try {
        new ObjectIdentifier(s);
        throw new Exception("should be invalid ObjectIdentifier");
    } catch (IOException ioe) {
        System.err.println(ioe);
    }

    try {
        new Oid(s);
        throw new Exception("should be invalid Oid");
    } catch (GSSException gsse) {
        ;
    }

    try {
        new EncryptedPrivateKeyInfo(s, new byte[8]);
        throw new Exception("should be invalid algorithm");
    } catch (NoSuchAlgorithmException e) {
        ;
    }
}
 
Example 5
Project: ats-framework   File: SPNegoSchemeFactory.java   View source code 6 votes vote down vote up
private Oid getOidForType(
                           String type ) {

    if ("NT_USER_NAME".equals(type)) {
        return GSSName.NT_USER_NAME;
    } else if ("NT_HOSTBASED_SERVICE".equals(type)) {
        return GSSName.NT_HOSTBASED_SERVICE;
    } else if ("NT_MACHINE_UID_NAME".equals(type)) {
        return GSSName.NT_MACHINE_UID_NAME;
    } else if ("NT_STRING_UID_NAME".equals(type)) {
        return GSSName.NT_STRING_UID_NAME;
    } else if ("NT_ANONYMOUS".equals(type)) {
        return GSSName.NT_ANONYMOUS;
    } else if ("NT_EXPORT_NAME".equals(type)) {
        return GSSName.NT_EXPORT_NAME;
    }
    return GSSName.NT_USER_NAME;
}
 
Example 6
Project: ats-framework   File: GGSSchemeBase.java   View source code 6 votes vote down vote up
protected byte[] generateGSSToken(
                                   final byte[] input,
                                   final Oid oid ) throws GSSException {

    byte[] token = input;
    if (token == null) {
        token = new byte[0];
    }
    GSSManager manager = getManager();

    GSSName serverName = manager.createName(servicePrincipalName, servicePrincipalOid);

    GSSContext gssContext = manager.createContext(serverName.canonicalize(oid),
                                                  oid,
                                                  null,
                                                  GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    // Get client to login if not already done
    return gssClient.negotiate(gssContext, token);
}
 
Example 7
Project: OpenJSharp   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param oid defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 8
Project: hadoop   File: KerberosUtil.java   View source code 6 votes vote down vote up
public static Oid getOidInstance(String oidName) 
    throws ClassNotFoundException, GSSException, NoSuchFieldException,
    IllegalAccessException {
  Class<?> oidClass;
  if (IBM_JAVA) {
    if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
      // IBM JDK GSSUtil class does not have field for krb5 principal oid
      return new Oid("1.2.840.113554.1.2.2.1");
    }
    oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
  } else {
    oidClass = Class.forName("sun.security.jgss.GSSUtil");
  }
  Field oidField = oidClass.getDeclaredField(oidName);
  return (Oid)oidField.get(oidClass);
}
 
Example 9
Project: jdk8u-jdk   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param oid defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 10
Project: jdk8u-jdk   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 11
Project: jdk8u-jdk   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = (ExtendedGSSContext)m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 12
Project: jdk8u-jdk   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = (ExtendedGSSContext)m.createContext(me.cred);
            return null;
        }
    }, null);
}
 
Example 13
Project: jdk8u-jdk   File: OidFormat.java   View source code 6 votes vote down vote up
static void testBad(String s) throws Exception {
    System.err.println("Trying " + s);
    try {
        new ObjectIdentifier(s);
        throw new Exception("should be invalid ObjectIdentifier");
    } catch (IOException ioe) {
        System.err.println(ioe);
    }

    try {
        new Oid(s);
        throw new Exception("should be invalid Oid");
    } catch (GSSException gsse) {
        ;
    }

    try {
        new EncryptedPrivateKeyInfo(s, new byte[8]);
        throw new Exception("should be invalid algorithm");
    } catch (NoSuchAlgorithmException e) {
        ;
    }
}
 
Example 14
Project: openjdk-jdk10   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param mech defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 15
Project: openjdk-jdk10   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 16
Project: openjdk-jdk10   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 17
Project: openjdk-jdk10   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = m.createContext(me.cred);
            return null;
        }
    }, null);
}
 
Example 18
Project: openjdk-jdk10   File: OidFormat.java   View source code 6 votes vote down vote up
static void testBad(String s) throws Exception {
    System.err.println("Trying " + s);
    try {
        new ObjectIdentifier(s);
        throw new Exception("should be invalid ObjectIdentifier");
    } catch (IOException ioe) {
        System.err.println(ioe);
    }

    try {
        new Oid(s);
        throw new Exception("should be invalid Oid");
    } catch (GSSException gsse) {
        ;
    }

    try {
        new EncryptedPrivateKeyInfo(s, new byte[8]);
        throw new Exception("should be invalid algorithm");
    } catch (NoSuchAlgorithmException e) {
        ;
    }
}
 
Example 19
Project: openjdk9   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param mech defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 20
Project: openjdk9   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 21
Project: openjdk9   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 22
Project: openjdk9   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = m.createContext(me.cred);
            return null;
        }
    }, null);
}
 
Example 23
Project: openjdk9   File: OidFormat.java   View source code 6 votes vote down vote up
static void testBad(String s) throws Exception {
    System.err.println("Trying " + s);
    try {
        new ObjectIdentifier(s);
        throw new Exception("should be invalid ObjectIdentifier");
    } catch (IOException ioe) {
        System.err.println(ioe);
    }

    try {
        new Oid(s);
        throw new Exception("should be invalid Oid");
    } catch (GSSException gsse) {
        ;
    }

    try {
        new EncryptedPrivateKeyInfo(s, new byte[8]);
        throw new Exception("should be invalid algorithm");
    } catch (NoSuchAlgorithmException e) {
        ;
    }
}
 
Example 24
Project: aliyun-oss-hadoop-fs   File: KerberosUtil.java   View source code 6 votes vote down vote up
public static Oid getOidInstance(String oidName) 
    throws ClassNotFoundException, GSSException, NoSuchFieldException,
    IllegalAccessException {
  Class<?> oidClass;
  if (IBM_JAVA) {
    if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
      // IBM JDK GSSUtil class does not have field for krb5 principal oid
      return new Oid("1.2.840.113554.1.2.2.1");
    }
    oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
  } else {
    oidClass = Class.forName("sun.security.jgss.GSSUtil");
  }
  Field oidField = oidClass.getDeclaredField(oidName);
  return (Oid)oidField.get(oidClass);
}
 
Example 25
Project: big-c   File: KerberosUtil.java   View source code 6 votes vote down vote up
public static Oid getOidInstance(String oidName) 
    throws ClassNotFoundException, GSSException, NoSuchFieldException,
    IllegalAccessException {
  Class<?> oidClass;
  if (IBM_JAVA) {
    if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
      // IBM JDK GSSUtil class does not have field for krb5 principal oid
      return new Oid("1.2.840.113554.1.2.2.1");
    }
    oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
  } else {
    oidClass = Class.forName("sun.security.jgss.GSSUtil");
  }
  Field oidField = oidClass.getDeclaredField(oidName);
  return (Oid)oidField.get(oidClass);
}
 
Example 26
Project: registry   File: KerberosUtil.java   View source code 6 votes vote down vote up
public static Oid getOidInstance(String oidName)
        throws ClassNotFoundException, GSSException, NoSuchFieldException,
        IllegalAccessException {
    Class<?> oidClass;
    if (IBM_JAVA) {
        if ("NT_GSS_KRB5_PRINCIPAL".equals(oidName)) {
            // IBM JDK GSSUtil class does not have field for krb5 principal oid
            return new Oid("1.2.840.113554.1.2.2.1");
        }
        oidClass = Class.forName("com.ibm.security.jgss.GSSUtil");
    } else {
        oidClass = Class.forName("sun.security.jgss.GSSUtil");
    }
    Field oidField = oidClass.getDeclaredField(oidName);
    return (Oid) oidField.get(oidClass);
}
 
Example 27
Project: jdk8u_jdk   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param oid defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 28
Project: jdk8u_jdk   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 29
Project: jdk8u_jdk   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = (ExtendedGSSContext)m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 30
Project: jdk8u_jdk   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = (ExtendedGSSContext)m.createContext(me.cred);
            return null;
        }
    }, null);
}
 
Example 31
Project: jdk8u_jdk   File: OidFormat.java   View source code 6 votes vote down vote up
static void testBad(String s) throws Exception {
    System.err.println("Trying " + s);
    try {
        new ObjectIdentifier(s);
        throw new Exception("should be invalid ObjectIdentifier");
    } catch (IOException ioe) {
        System.err.println(ioe);
    }

    try {
        new Oid(s);
        throw new Exception("should be invalid Oid");
    } catch (GSSException gsse) {
        ;
    }

    try {
        new EncryptedPrivateKeyInfo(s, new byte[8]);
        throw new Exception("should be invalid algorithm");
    } catch (NoSuchAlgorithmException e) {
        ;
    }
}
 
Example 32
Project: lookaside_java-1.8.0-openjdk   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param oid defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 33
Project: lookaside_java-1.8.0-openjdk   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 34
Project: lookaside_java-1.8.0-openjdk   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = (ExtendedGSSContext)m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 35
Project: purecloud-iot   File: GGSSchemeBase.java   View source code 6 votes vote down vote up
/**
 * @since 4.4
 */
protected byte[] generateGSSToken(
        final byte[] input, final Oid oid, final String authServer,
        final Credentials credentials) throws GSSException {
    byte[] inputBuff = input;
    if (inputBuff == null) {
        inputBuff = new byte[0];
    }
    final GSSManager manager = getManager();
    final GSSName serverName = manager.createName(service + "@" + authServer, GSSName.NT_HOSTBASED_SERVICE);

    final GSSCredential gssCredential;
    if (credentials instanceof KerberosCredentials) {
        gssCredential = ((KerberosCredentials) credentials).getGSSCredential();
    } else {
        gssCredential = null;
    }

    final GSSContext gssContext = manager.createContext(
            serverName.canonicalize(oid), oid, gssCredential, GSSContext.DEFAULT_LIFETIME);
    gssContext.requestMutualAuth(true);
    gssContext.requestCredDeleg(true);
    return gssContext.initSecContext(inputBuff, 0, inputBuff.length);
}
 
Example 36
Project: TGS-REP   File: Server.java   View source code 6 votes vote down vote up
private String acceptSecurityContext( final byte[] serviceTicket)
    throws GSSException {
  krb5Oid = new Oid( "1.2.840.113554.1.2.2");

  // Accept the context and return the client principal name.
  return Subject.doAs( subject, new PrivilegedAction<String>() {
    public String run() {
      try {
        // Identify the server that communications are being made to.
        GSSManager manager = GSSManager.getInstance();
        GSSContext context = manager.createContext( (GSSCredential) null);
        context.acceptSecContext( serviceTicket, 0, serviceTicket.length);
        return context.getSrcName().toString();
      }
      catch ( Exception e) {
        e.printStackTrace();
        return null;
      }
    }
  });
}
 
Example 37
Project: infobip-open-jdk-8   File: LoginConfigImpl.java   View source code 6 votes vote down vote up
/**
 * A new instance of LoginConfigImpl must be created for each login request
 * since it's only used by a single (caller, mech) pair
 * @param caller defined in GSSUtil as CALLER_XXX final fields
 * @param oid defined in GSSUtil as XXX_MECH_OID final fields
 */
public LoginConfigImpl(GSSCaller caller, Oid mech) {

    this.caller = caller;

    if (mech.equals(GSSUtil.GSS_KRB5_MECH_OID)) {
        mechName = "krb5";
    } else {
        throw new IllegalArgumentException(mech.toString() + " not supported");
    }
    config = java.security.AccessController.doPrivileged
            (new java.security.PrivilegedAction <Configuration> () {
        public Configuration run() {
            return Configuration.getConfiguration();
        }
    });
}
 
Example 38
Project: infobip-open-jdk-8   File: SpnegoLifeTime.java   View source code 6 votes vote down vote up
public static void main(String[] args) throws Exception {

        Oid oid = GSSUtil.GSS_SPNEGO_MECH_OID;
        new OneKDC(null).writeJAASConf();

        Context c, s;
        c = Context.fromJAAS("client");
        s = Context.fromJAAS("server");

        c.startAsClient(OneKDC.SERVER, oid);
        c.x().requestCredDeleg(true);
        s.startAsServer(oid);

        Context.handshake(c, s);

        GSSCredential cred = s.delegated().cred();
        cred.getRemainingInitLifetime(oid);
        cred.getUsage(oid);
    }
 
Example 39
Project: infobip-open-jdk-8   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a client
 * @param target communication peer
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsClient(final String target, final Oid mech) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.x = (ExtendedGSSContext)m.createContext(
                      target.indexOf('@') < 0 ?
                        m.createName(target, null) :
                        m.createName(target, GSSName.NT_HOSTBASED_SERVICE),
                    mech,
                    cred,
                    GSSContext.DEFAULT_LIFETIME);
            return null;
        }
    }, null);
}
 
Example 40
Project: infobip-open-jdk-8   File: Context.java   View source code 6 votes vote down vote up
/**
 * Starts as a server with the specified service name
 * @param name the service name
 * @param mech GSS mech
 * @throws java.lang.Exception
 */
public void startAsServer(final String name, final Oid mech, final boolean asInitiator) throws Exception {
    doAs(new Action() {
        @Override
        public byte[] run(Context me, byte[] dummy) throws Exception {
            GSSManager m = GSSManager.getInstance();
            me.cred = m.createCredential(
                    name == null ? null :
                      (name.indexOf('@') < 0 ?
                        m.createName(name, null) :
                        m.createName(name, GSSName.NT_HOSTBASED_SERVICE)),
                    GSSCredential.INDEFINITE_LIFETIME,
                    mech,
                    asInitiator?
                            GSSCredential.INITIATE_AND_ACCEPT:
                            GSSCredential.ACCEPT_ONLY);
            me.x = (ExtendedGSSContext)m.createContext(me.cred);
            return null;
        }
    }, null);
}