Examples with GSSName - org.ietf.jgss.GSSName

Example 31 with GSSName

use of org.ietf.jgss.GSSName in project voltdb by VoltDB.

the class HTTPClientInterface method spnegoLogin.

private String spnegoLogin(String encodedToken) {
    byte[] token = B64Code.decode(encodedToken);
    try {
        if (encodedToken == null || encodedToken.isEmpty()) {
            return null;
        }
        final Oid spnegoOid = new Oid("1.3.6.1.5.5.2");
        GSSManager manager = GSSManager.getInstance();
        GSSName name = manager.createName(m_servicePrincipal, null);
        GSSContext ctx = manager.createContext(name.canonicalize(spnegoOid), spnegoOid, null, GSSContext.INDEFINITE_LIFETIME);
        if (ctx == null) {
            m_rate_limited_log.log(EstTime.currentTimeMillis(), Level.ERROR, null, "Failed to establish security context for SPNEGO authentication");
            return null;
        }
        while (!ctx.isEstablished()) {
            token = ctx.acceptSecContext(token, 0, token.length);
        }
        if (ctx.isEstablished()) {
            if (ctx.getSrcName() == null) {
                m_rate_limited_log.log(EstTime.currentTimeMillis(), Level.ERROR, null, "Failed to read source name from established SPNEGO security context");
                return null;
            }
            String user = ctx.getSrcName().toString();
            if (m_log.isDebugEnabled()) {
                m_log.debug("established SPNEGO security context for " + user);
            }
            return user;
        }
        return null;
    } catch (GSSException e) {
        m_rate_limited_log.log(EstTime.currentTimeMillis(), Level.ERROR, e, "failed SPNEGO authentication");
        return null;
    }
}

Also used : GSSName(org.ietf.jgss.GSSName) GSSException(org.ietf.jgss.GSSException) GSSManager(org.ietf.jgss.GSSManager) GSSContext(org.ietf.jgss.GSSContext) Oid(org.ietf.jgss.Oid)

Aggregations

GSSName (org.ietf.jgss.GSSName)31 GSSManager (org.ietf.jgss.GSSManager)24 Oid (org.ietf.jgss.Oid)20 GSSException (org.ietf.jgss.GSSException)19 GSSContext (org.ietf.jgss.GSSContext)16 GSSCredential (org.ietf.jgss.GSSCredential)13 Subject (javax.security.auth.Subject)9 Principal (java.security.Principal)7 PrivilegedActionException (java.security.PrivilegedActionException)6 IOException (java.io.IOException)4 Test (org.junit.Test)4 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)3 KrbException (org.apache.kerby.kerberos.kerb.KrbException)3 ExtendedGSSContext (com.sun.security.jgss.ExtendedGSSContext)2 LoginContext (javax.security.auth.login.LoginContext)2 LoginException (javax.security.auth.login.LoginException)2 SaslException (javax.security.sasl.SaslException)2 SaslServer (javax.security.sasl.SaslServer)2 AvaticaCommonsHttpClientSpnegoImpl (org.apache.calcite.avatica.remote.AvaticaCommonsHttpClientSpnegoImpl)2 AuthenticationException (org.apache.hadoop.security.authentication.client.AuthenticationException)2