Package org.apache.wss4j.common.spnego

Class SpnegoTokenContext

  • public class SpnegoTokenContext
extends Object
    This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.

    • Constructor Detail

      • SpnegoTokenContext

        public SpnegoTokenContext()

    • Method Detail

      • retrieveServiceTicket

        public void retrieveServiceTicket​(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName)
                           throws WSSecurityException
        Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
        Parameters:
        jaasLoginModuleName - the JAAS Login Module name to use
        callbackHandler - a CallbackHandler instance to retrieve a password (optional)
        serviceName - the desired Kerberized service
        Throws:
        WSSecurityException

      • retrieveServiceTicket

        public void retrieveServiceTicket​(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  boolean isUsernameServiceNameForm)
                           throws WSSecurityException
        Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
        Parameters:
        jaasLoginModuleName - the JAAS Login Module name to use
        callbackHandler - a CallbackHandler instance to retrieve a password (optional)
        serviceName - the desired Kerberized service
        isUsernameServiceNameForm -
        Throws:
        WSSecurityException

      • retrieveServiceTicket

        public void retrieveServiceTicket​(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  boolean isUsernameServiceNameForm,
                                  boolean requestCredDeleg,
                                  GSSCredential delegationCredential)
                           throws WSSecurityException
        Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
        Parameters:
        jaasLoginModuleName - the JAAS Login Module name to use
        callbackHandler - a CallbackHandler instance to retrieve a password (optional)
        serviceName - the desired Kerberized service
        isUsernameServiceNameForm -
        requestCredDeleg - Whether to request credential delegation or not
        delegationCredential - The delegation credential to use
        Throws:
        WSSecurityException

      • validateServiceTicket

        public void validateServiceTicket​(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  boolean isUsernameServiceNameForm,
                                  byte[] ticket)
                           throws WSSecurityException
        Validate a service ticket.
        Parameters:
        jaasLoginModuleName -
        callbackHandler -
        serviceName -
        ticket -
        Throws:
        WSSecurityException

      • setMutualAuth

        public void setMutualAuth​(boolean mutualAuthentication)
        Whether to enable mutual authentication or not. This only applies to retrieve service ticket.

      • getToken

        public byte[] getToken()
        Get the SPNEGO token that was created.

      • isEstablished

        public boolean isEstablished()
        Whether a connection has been established (at the service side)

      • setSpnegoClientAction

        public void setSpnegoClientAction​(SpnegoClientAction spnegoClientAction)
        Set a custom SpnegoClientAction implementation to use

      • setSpnegoServiceAction

        public void setSpnegoServiceAction​(SpnegoServiceAction spnegoServiceAction)
        Set a custom SpnegoServiceAction implementation to use

      • clear

        public void clear()

      • getDelegationCredential

        public GSSCredential getDelegationCredential()

      • getSpnegoPrincipal

        public Principal getSpnegoPrincipal()