Java Code Examples for org.ietf.jgss.GSSContext#getSrcName()
The following examples show how to use
org.ietf.jgss.GSSContext#getSrcName() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: LockOutRealm.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
Example 2
| Source File: HTTPSpnegoAuthenticator.java From deprecated-security-advanced-modules with Apache License 2.0 | 6 votes |
|
private static String getUsernameFromGSSContext(final GSSContext gssContext, final boolean strip, final Logger logger) {
if (gssContext.isEstablished()) {
GSSName gssName = null;
try {
gssName = gssContext.getSrcName();
} catch (final GSSException e) {
logger.error("Unable to get src name from gss context", e);
}
if (gssName != null) {
String name = gssName.toString();
return stripRealmName(name, strip);
} else {
logger.error("GSS name is null");
}
} else {
logger.error("GSS context not established");
}
return null;
}
Example 3
| Source File: LockOutRealm.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
Principal authenticatedUser = super.authenticate(gssContext, storeCreds);
return filterLockedAccounts(username, authenticatedUser);
}
// Fail in all other cases
return null;
}
Example 4
| Source File: KerberosRealm.java From elasticsearch-shield-kerberos-realm with Apache License 2.0 | 6 votes |
|
private static String getUsernameFromGSSContext(final GSSContext gssContext, final boolean strip, final ESLogger logger) {
if (gssContext.isEstablished()) {
GSSName gssName = null;
try {
gssName = gssContext.getSrcName();
} catch (final GSSException e) {
logger.error("Unable to get src name from gss context", e);
}
if (gssName != null) {
String name = gssName.toString();
return stripRealmName(name, strip);
}
}
return null;
}
Example 5
| Source File: LockOutRealm.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
if (isLocked(username)) {
// Trying to authenticate a locked user is an automatic failure
registerAuthFailure(username);
log.warn(sm.getString("lockOutRealm.authLockedUser", username));
return null;
}
Principal authenticatedUser =
super.authenticate(gssContext, storeCreds);
if (authenticatedUser == null) {
registerAuthFailure(username);
} else {
registerAuthSuccess(username);
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
Example 6
| Source File: SPNEGOAuthenticator.java From keycloak with Apache License 2.0 | 5 votes |
|
@Override
public Boolean run() throws Exception {
GSSContext gssContext = null;
try {
if (log.isTraceEnabled()) {
log.trace("Going to establish security context");
}
gssContext = establishContext();
logAuthDetails(gssContext);
if (gssContext.isEstablished()) {
if (gssContext.getSrcName() == null) {
log.warn("GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration");
return false;
}
authenticatedKerberosPrincipal = gssContext.getSrcName().toString();
if (gssContext.getCredDelegState()) {
delegationCredential = gssContext.getDelegCred();
}
return true;
} else {
return false;
}
} finally {
if (gssContext != null) {
gssContext.dispose();
}
}
}
Example 7
| Source File: CombinedRealm.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCred) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getClass().getName()));
}
authenticatedUser = realm.authenticate(gssContext, storeCred);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getClass().getName()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getClass().getName()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
Example 8
| Source File: CombinedRealm.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(gssContext, storeCreds);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
Example 9
| Source File: CombinedRealm.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* {@inheritDoc}
*/
@Override
public Principal authenticate(GSSContext gssContext, boolean storeCreds) {
if (gssContext.isEstablished()) {
Principal authenticatedUser = null;
String username = null;
GSSName name = null;
try {
name = gssContext.getSrcName();
} catch (GSSException e) {
log.warn(sm.getString("realmBase.gssNameFail"), e);
return null;
}
username = name.toString();
for (Realm realm : realms) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authStart",
username, realm.getInfo()));
}
authenticatedUser = realm.authenticate(gssContext, storeCreds);
if (authenticatedUser == null) {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authFail",
username, realm.getInfo()));
}
} else {
if (log.isDebugEnabled()) {
log.debug(sm.getString("combinedRealm.authSuccess",
username, realm.getInfo()));
}
break;
}
}
return authenticatedUser;
}
// Fail in all other cases
return null;
}
