1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.wss4j.common.spnego;
21
22 import org.ietf.jgss.GSSContext;
23 import org.ietf.jgss.GSSException;
24 import org.ietf.jgss.GSSManager;
25 import org.ietf.jgss.GSSName;
26 import org.ietf.jgss.Oid;
27
28
29
30
31
32 public class DefaultSpnegoClientAction implements SpnegoClientAction {
33 private static final org.slf4j.Logger LOG =
34 org.slf4j.LoggerFactory.getLogger(DefaultSpnegoClientAction.class);
35
36 private String serviceName;
37 private GSSContext secContext;
38 private boolean mutualAuth;
39 private boolean isUsernameServiceNameForm;
40
41
42
43
44 public void setMutualAuth(boolean mutualAuthentication) {
45 mutualAuth = mutualAuthentication;
46 }
47
48
49
50
51 public void setServiceName(String serviceName) {
52 this.serviceName = serviceName;
53 }
54
55
56
57
58 public byte[] run() {
59 try {
60 GSSManager gssManager = GSSManager.getInstance();
61 Oid oid = new Oid("1.3.6.1.5.5.2");
62
63 GSSName gssService = gssManager.createName(serviceName, isUsernameServiceNameForm
64 ? GSSName.NT_USER_NAME : GSSName.NT_HOSTBASED_SERVICE);
65 secContext = gssManager.createContext(gssService, oid, null, GSSContext.DEFAULT_LIFETIME);
66
67 secContext.requestMutualAuth(mutualAuth);
68 secContext.requestCredDeleg(Boolean.FALSE);
69
70 byte[] token = new byte[0];
71 return secContext.initSecContext(token, 0, token.length);
72 } catch (GSSException e) {
73 LOG.debug("Error in obtaining a Kerberos token", e);
74 }
75
76 return new byte[0];
77 }
78
79
80
81
82 public GSSContext getContext() {
83 return secContext;
84 }
85
86 @Override
87 public void setUserNameServiceForm(boolean isUsernameServiceNameForm) {
88 this.isUsernameServiceNameForm = isUsernameServiceNameForm;
89 }
90
91 }