org.apache.ws.security.spnego
Class SpnegoTokenContext

java.lang.Object
  extended by org.apache.ws.security.spnego.SpnegoTokenContext

public class SpnegoTokenContext
extends Object

This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.


Constructor Summary
SpnegoTokenContext()
           
 
Method Summary
 void clear()
           
 GSSCredential getDelegationCredential()
           
 Principal getSpnegoPrincipal()
           
 byte[] getToken()
          Get the SPNEGO token that was created.
 boolean isEstablished()
          Whether a connection has been established (at the service side)
 void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
          Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
 void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
          Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
 void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential)
          Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
 void setMutualAuth(boolean mutualAuthentication)
          Whether to enable mutual authentication or not.
 void setSpnegoClientAction(SpnegoClientAction spnegoClientAction)
          Set a custom SpnegoClientAction implementation to use
 void setSpnegoServiceAction(SpnegoServiceAction spnegoServiceAction)
          Set a custom SpnegoServiceAction implementation to use
 byte[] unwrapKey(byte[] secret)
          Unwrap a key
 void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket)
          Validate a service ticket.
 void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket, boolean isUsernameServiceNameForm)
           
 byte[] wrapKey(byte[] secret)
          Wrap a key
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SpnegoTokenContext

public SpnegoTokenContext()
Method Detail

retrieveServiceTicket

public void retrieveServiceTicket(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName)
                           throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.

Parameters:
jaasLoginModuleName - the JAAS Login Module name to use
callbackHandler - a CallbackHandler instance to retrieve a password (optional)
serviceName - the desired Kerberized service
Throws:
WSSecurityException

retrieveServiceTicket

public void retrieveServiceTicket(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  boolean isUsernameServiceNameForm)
                           throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.

Parameters:
jaasLoginModuleName - the JAAS Login Module name to use
callbackHandler - a CallbackHandler instance to retrieve a password (optional)
serviceName - the desired Kerberized service
serviceNameForm -
Throws:
WSSecurityException

retrieveServiceTicket

public void retrieveServiceTicket(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  boolean isUsernameServiceNameForm,
                                  boolean requestCredDeleg,
                                  GSSCredential delegationCredential)
                           throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.

Parameters:
jaasLoginModuleName - the JAAS Login Module name to use
callbackHandler - a CallbackHandler instance to retrieve a password (optional)
serviceName - the desired Kerberized service
serviceNameForm -
requestCredDeleg - Whether to request credential delegation or not
delegationCredential - The delegation credential to use
Throws:
WSSecurityException

validateServiceTicket

public void validateServiceTicket(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  byte[] ticket)
                           throws WSSecurityException
Validate a service ticket.

Parameters:
jaasLoginModuleName -
callbackHandler -
serviceName -
ticket -
Throws:
WSSecurityException

validateServiceTicket

public void validateServiceTicket(String jaasLoginModuleName,
                                  CallbackHandler callbackHandler,
                                  String serviceName,
                                  byte[] ticket,
                                  boolean isUsernameServiceNameForm)
                           throws WSSecurityException
Throws:
WSSecurityException

setMutualAuth

public void setMutualAuth(boolean mutualAuthentication)
Whether to enable mutual authentication or not. This only applies to retrieve service ticket.


getToken

public byte[] getToken()
Get the SPNEGO token that was created.


isEstablished

public boolean isEstablished()
Whether a connection has been established (at the service side)


unwrapKey

public byte[] unwrapKey(byte[] secret)
                 throws WSSecurityException
Unwrap a key

Throws:
WSSecurityException

wrapKey

public byte[] wrapKey(byte[] secret)
               throws WSSecurityException
Wrap a key

Throws:
WSSecurityException

setSpnegoClientAction

public void setSpnegoClientAction(SpnegoClientAction spnegoClientAction)
Set a custom SpnegoClientAction implementation to use


setSpnegoServiceAction

public void setSpnegoServiceAction(SpnegoServiceAction spnegoServiceAction)
Set a custom SpnegoServiceAction implementation to use


clear

public void clear()

getDelegationCredential

public GSSCredential getDelegationCredential()

getSpnegoPrincipal

public Principal getSpnegoPrincipal()


Copyright © 2004–2015 The Apache Software Foundation. All rights reserved.