Examples with KerberosPrincipal javax.security.auth.kerberos.KerberosPrincipal used on opensource projects

Search in sources :

Example 6 with KerberosPrincipal

use of javax.security.auth.kerberos.KerberosPrincipal in project hadoop by apache.

the class TestMiniKdc method testKerberosLogin.

@Test
public void testKerberosLogin() throws Exception {
    MiniKdc kdc = getKdc();
    File workDir = getWorkDir();
    LoginContext loginContext = null;
    try {
        String principal = "foo";
        File keytab = new File(workDir, "foo.keytab");
        kdc.createPrincipal(keytab, principal);
        Set<Principal> principals = new HashSet<Principal>();
        principals.add(new KerberosPrincipal(principal));
        //client login
        Subject subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
        loginContext = new LoginContext("", subject, null, KerberosConfiguration.createClientConfig(principal, keytab));
        loginContext.login();
        subject = loginContext.getSubject();
        Assert.assertEquals(1, subject.getPrincipals().size());
        Assert.assertEquals(KerberosPrincipal.class, subject.getPrincipals().iterator().next().getClass());
        Assert.assertEquals(principal + "@" + kdc.getRealm(), subject.getPrincipals().iterator().next().getName());
        loginContext.logout();
        //server login
        subject = new Subject(false, principals, new HashSet<Object>(), new HashSet<Object>());
        loginContext = new LoginContext("", subject, null, KerberosConfiguration.createServerConfig(principal, keytab));
        loginContext.login();
        subject = loginContext.getSubject();
        Assert.assertEquals(1, subject.getPrincipals().size());
        Assert.assertEquals(KerberosPrincipal.class, subject.getPrincipals().iterator().next().getClass());
        Assert.assertEquals(principal + "@" + kdc.getRealm(), subject.getPrincipals().iterator().next().getName());
        loginContext.logout();
    } finally {
        if (loginContext != null) {
            loginContext.logout();
        }
    }
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) LoginContext(javax.security.auth.login.LoginContext) File(java.io.File) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(java.security.Principal) Subject(javax.security.auth.Subject) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 7 with KerberosPrincipal

use of javax.security.auth.kerberos.KerberosPrincipal in project hadoop by apache.

the class TestKerberosAuthenticationHandler method testInit.

@Test(timeout = 60000)
public void testInit() throws Exception {
    Assert.assertEquals(KerberosTestUtils.getKeytabFile(), handler.getKeytab());
    Set<KerberosPrincipal> principals = handler.getPrincipals();
    Principal expectedPrincipal = new KerberosPrincipal(KerberosTestUtils.getServerPrincipal());
    Assert.assertTrue(principals.contains(expectedPrincipal));
    Assert.assertEquals(1, principals.size());
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(java.security.Principal) Test(org.junit.Test)

Example 8 with KerberosPrincipal

use of javax.security.auth.kerberos.KerberosPrincipal in project ddf by codice.

the class AuthNStatementProvider method getStatement.

/*
     * (non-Javadoc)
     * 
     * @see
     * org.apache.cxf.sts.token.provider.AuthenticationStatementProvider#getStatement(org.apache
     * .cxf.sts.token.provider.TokenProviderParameters)
     */
@Override
public AuthenticationStatementBean getStatement(TokenProviderParameters providerParameters) {
    AuthenticationStatementBean authBean = new AuthenticationStatementBean();
    authBean.setSessionIndex(Integer.toString(secureRandom.nextInt()));
    TokenRequirements tokenRequirements = providerParameters.getTokenRequirements();
    ReceivedToken receivedToken = null;
    if (tokenRequirements.getValidateTarget() != null) {
        receivedToken = tokenRequirements.getValidateTarget();
    } else if (tokenRequirements.getOnBehalfOf() != null) {
        receivedToken = tokenRequirements.getOnBehalfOf();
    } else if (tokenRequirements.getActAs() != null) {
        receivedToken = tokenRequirements.getActAs();
    } else if (tokenRequirements.getRenewTarget() != null) {
        receivedToken = tokenRequirements.getRenewTarget();
    }
    if (receivedToken != null) {
        Principal principal = receivedToken.getPrincipal();
        if (principal instanceof UsernameTokenPrincipal) {
            authBean.setAuthenticationMethod(SAML2Constants.AUTH_CONTEXT_CLASS_REF_PASSWORD_PROTECTED_TRANSPORT);
        } else if (principal instanceof X500Principal) {
            authBean.setAuthenticationMethod(SAML2Constants.AUTH_CONTEXT_CLASS_REF_X509);
        } else if (principal instanceof KerberosPrincipal) {
            authBean.setAuthenticationMethod(SAML2Constants.AUTH_CONTEXT_CLASS_REF_KERBEROS);
        } else {
            authBean.setAuthenticationMethod(SAML2Constants.AUTH_CONTEXT_CLASS_REF_UNSPECIFIED);
        }
    } else {
        authBean.setAuthenticationMethod(SAML2Constants.AUTH_CONTEXT_CLASS_REF_UNSPECIFIED);
    }
    return authBean;
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) TokenRequirements(org.apache.cxf.sts.request.TokenRequirements) UsernameTokenPrincipal(org.apache.wss4j.common.principal.UsernameTokenPrincipal) AuthenticationStatementBean(org.apache.wss4j.common.saml.bean.AuthenticationStatementBean) X500Principal(javax.security.auth.x500.X500Principal) ReceivedToken(org.apache.cxf.sts.request.ReceivedToken) Principal(java.security.Principal) X500Principal(javax.security.auth.x500.X500Principal) UsernameTokenPrincipal(org.apache.wss4j.common.principal.UsernameTokenPrincipal) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)

Example 9 with KerberosPrincipal

use of javax.security.auth.kerberos.KerberosPrincipal in project ddf by codice.

the class TestPropertyFileClaimsHandler method testGetUser.

@Test
public void testGetUser() {
    PropertyFileClaimsHandler propertyFileClaimsHandler = new PropertyFileClaimsHandler();
    Principal principal = mock(Principal.class);
    when(principal.getName()).thenReturn("mydude");
    String user = propertyFileClaimsHandler.getUser(principal);
    assertEquals("mydude", user);
    principal = new X500Principal("cn=myxman,ou=someunit,o=someorg");
    user = propertyFileClaimsHandler.getUser(principal);
    assertEquals("myxman", user);
    principal = new KerberosPrincipal("mykman@SOMEDOMAIN.COM");
    user = propertyFileClaimsHandler.getUser(principal);
    assertEquals("mykman", user);
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) X500Principal(javax.security.auth.x500.X500Principal) X500Principal(javax.security.auth.x500.X500Principal) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Principal(java.security.Principal) Test(org.junit.Test)

Example 10 with KerberosPrincipal

use of javax.security.auth.kerberos.KerberosPrincipal in project jdk8u_jdk by JetBrains.

the class ServiceCreds method getEKeys.

/**
     * Gets EKeys for a principal.
     * @param princ the target name initiator requests. Not null.
     * @return keys for the princ, never null, might be empty
     */
public EncryptionKey[] getEKeys(PrincipalName princ) {
    if (destroyed) {
        throw new IllegalStateException("This object is destroyed");
    }
    KerberosKey[] kkeys = getKKeys(new KerberosPrincipal(princ.getName()));
    if (kkeys.length == 0) {
        // Fallback: old JDK does not perform real name checking. If the
        // acceptor has host.sun.com but initiator requests for host,
        // as long as their keys match (i.e. keys for one can decrypt
        // the other's service ticket), the authentication is OK.
        // There are real customers depending on this to use different
        // names for a single service.
        kkeys = getKKeys();
    }
    EncryptionKey[] ekeys = new EncryptionKey[kkeys.length];
    for (int i = 0; i < ekeys.length; i++) {
        ekeys[i] = new EncryptionKey(kkeys[i].getEncoded(), kkeys[i].getKeyType(), new Integer(kkeys[i].getVersionNumber()));
    }
    return ekeys;
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) KerberosKey(javax.security.auth.kerberos.KerberosKey) EncryptionKey(sun.security.krb5.EncryptionKey)

Aggregations

KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)71 Principal (java.security.Principal)36 Subject (javax.security.auth.Subject)31 HashSet (java.util.HashSet)21 LoginContext (javax.security.auth.login.LoginContext)20 Test (org.junit.Test)14 X500Principal (javax.security.auth.x500.X500Principal)13 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)11 IOException (java.io.IOException)10 File (java.io.File)9 KerberosKey (javax.security.auth.kerberos.KerberosKey)9 PrivilegedActionException (java.security.PrivilegedActionException)8 StringTokenizer (java.util.StringTokenizer)6 PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)3 ArrayList (java.util.ArrayList)3 Date (java.util.Date)3 HashMap (java.util.HashMap)3 Properties (java.util.Properties)3 CallbackHandler (javax.security.auth.callback.CallbackHandler)3 KeyTab (javax.security.auth.kerberos.KeyTab)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial