use of sun.security.jgss.krb5.Krb5NameElement in project jdk8u_jdk by JetBrains.
the class SpNegoMechFactory method getCredFromSubject.
private static SpNegoCredElement getCredFromSubject(GSSNameSpi name, boolean initiate) throws GSSException {
Vector<SpNegoCredElement> creds = GSSUtil.searchSubject(name, GSS_SPNEGO_MECH_OID, initiate, SpNegoCredElement.class);
SpNegoCredElement result = ((creds == null || creds.isEmpty()) ? null : creds.firstElement());
// Force permission check before returning the cred to caller
if (result != null) {
GSSCredentialSpi cred = result.getInternalCred();
if (GSSUtil.isKerberosMech(cred.getMechanism())) {
if (initiate) {
Krb5InitCredential krbCred = (Krb5InitCredential) cred;
Krb5MechFactory.checkInitCredPermission((Krb5NameElement) krbCred.getName());
} else {
Krb5AcceptCredential krbCred = (Krb5AcceptCredential) cred;
Krb5MechFactory.checkAcceptCredPermission((Krb5NameElement) krbCred.getName(), name);
}
}
}
return result;
}
use of sun.security.jgss.krb5.Krb5NameElement in project jdk8u_jdk by JetBrains.
the class GSSUtil method getSubject.
/**
* Note: The current impl only works with Sun's impl of
* GSSName and GSSCredential since it depends on package
* private APIs.
*/
public static Subject getSubject(GSSName name, GSSCredential creds) {
HashSet<Object> privCredentials = null;
// empty Set
HashSet<Object> pubCredentials = new HashSet<Object>();
Set<GSSCredentialSpi> gssCredentials = null;
Set<KerberosPrincipal> krb5Principals = new HashSet<KerberosPrincipal>();
if (name instanceof GSSNameImpl) {
try {
GSSNameSpi ne = ((GSSNameImpl) name).getElement(GSS_KRB5_MECH_OID);
String krbName = ne.toString();
if (ne instanceof Krb5NameElement) {
krbName = ((Krb5NameElement) ne).getKrb5PrincipalName().getName();
}
KerberosPrincipal krbPrinc = new KerberosPrincipal(krbName);
krb5Principals.add(krbPrinc);
} catch (GSSException ge) {
debug("Skipped name " + name + " due to " + ge);
}
}
if (creds instanceof GSSCredentialImpl) {
gssCredentials = ((GSSCredentialImpl) creds).getElements();
privCredentials = new HashSet<Object>(gssCredentials.size());
populateCredentials(privCredentials, gssCredentials);
} else {
// empty Set
privCredentials = new HashSet<Object>();
}
debug("Created Subject with the following");
debug("principals=" + krb5Principals);
debug("public creds=" + pubCredentials);
debug("private creds=" + privCredentials);
return new Subject(false, krb5Principals, pubCredentials, privCredentials);
}
Aggregations