Context.java revision 2362
1879N/A * Copyright (c) 2008, 2009, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 0N/A * published by the Free Software Foundation. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 1472N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 1472N/A * or visit www.oracle.com if you need additional information or have any 0N/A * Context of a JGSS subject, encapsulating Subject and GSSContext. 0N/A * Three "constructors", which acquire the (private) credentials and fill 0N/A * it into the Subject: 0N/A * 1. static fromJAAS(): Creates a Context using a JAAS login config entry 0N/A * 2. static fromUserPass(): Creates a Context using a username and a password 0N/A * 3. delegated(): A new context which uses the delegated credentials from a 0N/A * previously established acceptor Context 0N/A * Two context initiators, which create the GSSContext object inside: 0N/A * 1. startAsClient() 0N/A * 2. startAsServer() 0N/A * Privileged action: 0N/A * doAs(): Performs an action in the name of the Subject 0N/A * Handshake process: 0N/A * static handShake(initiator, acceptor) 0N/A * A four-phase typical data communication which includes all four GSS 0N/A * actions (wrap, unwrap, getMic and veryfyMiC): 0N/A * static transmit(message, from, to) 0N/A private boolean f;
// context established? 0N/A * Using the delegated credentials from a previous acceptor 0N/A * Logins with a JAAS login config entry name 0N/A * Logins with a username and a password, using Krb5LoginModule directly 0N/A * @param storeKey true if key should be saved, used on acceptor side 0N/A * Starts as a client 0N/A * @param target communication peer 1879N/A * @throws java.lang.Exception * @throws java.lang.Exception * Accesses the internal GSSContext object. Currently it's used for -- * 1. calling requestXXX() before handshake * 2. accessing source name * Note: If the application needs to do any privileged call on this * object, please use doAs(). Otherwise, it can be done directly. The * methods listed above are all non-privileged calls. * @return the GSSContext object * Disposes the GSSContext within * @throws org.ietf.jgss.GSSException * Does something using the Subject inside * @param action the action * @param in the input byte * @return the output byte * @throws java.lang.Exception * Prints status of GSSContext and Subject * @throws java.lang.Exception }
else if (o
instanceof Map) {
throw new Exception(
"Session key cannot be null");
throw new Exception(
"Ticket flags cannot be null");
throw new Exception(
"Auth time cannot be null");
* Transmits a message from one Context to another. The sender wraps the * message and sends it to the receiver. The receiver unwraps it, creates * a MIC of the clear text and sends it back to the sender. The sender * verifies the MIC against the message sent earlier. * @param message the message * @throws java.lang.Exception If anything goes wrong System.
out.
printf(
"-------------------- TRANSMIT from %s to %s------------------------\n",
// Re-unwrap should make p2.isDuplicateToken() returns true * Returns a string description of a MessageProp object * @return the description * Handshake (security context establishment process) between two Contexts * @throws java.lang.Exception throw new Exception(
"Context established but " +
"still receive token at " + c.
name);
throw new Exception(
"Context established but " +
"still receive token at " + s.
name);