Package org.apache.wss4j.common.spnego
Class SpnegoTokenContext
- java.lang.Object
-
- org.apache.wss4j.common.spnego.SpnegoTokenContext
-
public class SpnegoTokenContext extends Object
This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.
-
-
Constructor Summary
Constructors Constructor Description SpnegoTokenContext()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
clear()
GSSCredential
getDelegationCredential()
Principal
getSpnegoPrincipal()
byte[]
getToken()
Get the SPNEGO token that was created.boolean
isEstablished()
Whether a connection has been established (at the service side)void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
setMutualAuth(boolean mutualAuthentication)
Whether to enable mutual authentication or not.void
setSpnegoClientAction(SpnegoClientAction spnegoClientAction)
Set a custom SpnegoClientAction implementation to usevoid
setSpnegoServiceAction(SpnegoServiceAction spnegoServiceAction)
Set a custom SpnegoServiceAction implementation to usebyte[]
unwrapKey(byte[] secret)
Unwrap a keyvoid
validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, byte[] ticket)
Validate a service ticket.void
validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket)
Validate a service ticket.byte[]
wrapKey(byte[] secret)
Wrap a key
-
-
-
Method Detail
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.- Parameters:
jaasLoginModuleName
- the JAAS Login Module name to usecallbackHandler
- a CallbackHandler instance to retrieve a password (optional)serviceName
- the desired Kerberized service- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.- Parameters:
jaasLoginModuleName
- the JAAS Login Module name to usecallbackHandler
- a CallbackHandler instance to retrieve a password (optional)serviceName
- the desired Kerberized serviceisUsernameServiceNameForm
-- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential) throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.- Parameters:
jaasLoginModuleName
- the JAAS Login Module name to usecallbackHandler
- a CallbackHandler instance to retrieve a password (optional)serviceName
- the desired Kerberized serviceisUsernameServiceNameForm
-requestCredDeleg
- Whether to request credential delegation or notdelegationCredential
- The delegation credential to use- Throws:
WSSecurityException
-
validateServiceTicket
public void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket) throws WSSecurityException
Validate a service ticket.- Parameters:
jaasLoginModuleName
-callbackHandler
-serviceName
-ticket
-- Throws:
WSSecurityException
-
validateServiceTicket
public void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, byte[] ticket) throws WSSecurityException
Validate a service ticket.- Parameters:
jaasLoginModuleName
-callbackHandler
-serviceName
-ticket
-- Throws:
WSSecurityException
-
setMutualAuth
public void setMutualAuth(boolean mutualAuthentication)
Whether to enable mutual authentication or not. This only applies to retrieve service ticket.
-
getToken
public byte[] getToken()
Get the SPNEGO token that was created.
-
isEstablished
public boolean isEstablished()
Whether a connection has been established (at the service side)
-
unwrapKey
public byte[] unwrapKey(byte[] secret) throws WSSecurityException
Unwrap a key- Throws:
WSSecurityException
-
wrapKey
public byte[] wrapKey(byte[] secret) throws WSSecurityException
Wrap a key- Throws:
WSSecurityException
-
setSpnegoClientAction
public void setSpnegoClientAction(SpnegoClientAction spnegoClientAction)
Set a custom SpnegoClientAction implementation to use
-
setSpnegoServiceAction
public void setSpnegoServiceAction(SpnegoServiceAction spnegoServiceAction)
Set a custom SpnegoServiceAction implementation to use
-
clear
public void clear()
-
getDelegationCredential
public GSSCredential getDelegationCredential()
-
getSpnegoPrincipal
public Principal getSpnegoPrincipal()
-
-