Search in sources :

Example 1 with GSSCredentialSpi

use of sun.security.jgss.spi.GSSCredentialSpi in project jdk8u_jdk by JetBrains.

the class GSSUtil method searchSubject.

/**
     * Searches the private credentials of current Subject with the
     * specified criteria and returns the matching GSSCredentialSpi
     * object out of Sun's impl of GSSCredential. Returns null if
     * no Subject present or a Vector which contains 0 or more
     * matching GSSCredentialSpi objects.
     */
public static <T extends GSSCredentialSpi> Vector<T> searchSubject(final GSSNameSpi name, final Oid mech, final boolean initiate, final Class<? extends T> credCls) {
    debug("Search Subject for " + getMechStr(mech) + (initiate ? " INIT" : " ACCEPT") + " cred (" + (name == null ? "<<DEF>>" : name.toString()) + ", " + credCls.getName() + ")");
    final AccessControlContext acc = AccessController.getContext();
    try {
        Vector<T> creds = AccessController.doPrivileged(new PrivilegedExceptionAction<Vector<T>>() {

            public Vector<T> run() throws Exception {
                Subject accSubj = Subject.getSubject(acc);
                Vector<T> result = null;
                if (accSubj != null) {
                    result = new Vector<T>();
                    Iterator<GSSCredentialImpl> iterator = accSubj.getPrivateCredentials(GSSCredentialImpl.class).iterator();
                    while (iterator.hasNext()) {
                        GSSCredentialImpl cred = iterator.next();
                        debug("...Found cred" + cred);
                        try {
                            GSSCredentialSpi ce = cred.getElement(mech, initiate);
                            debug("......Found element: " + ce);
                            if (ce.getClass().equals(credCls) && (name == null || name.equals((Object) ce.getName()))) {
                                result.add(credCls.cast(ce));
                            } else {
                                debug("......Discard element");
                            }
                        } catch (GSSException ge) {
                            debug("...Discard cred (" + ge + ")");
                        }
                    }
                } else
                    debug("No Subject");
                return result;
            }
        });
        return creds;
    } catch (PrivilegedActionException pae) {
        debug("Unexpected exception when searching Subject:");
        if (DEBUG)
            pae.printStackTrace();
        return null;
    }
}
Also used : AccessControlContext(java.security.AccessControlContext) GSSCredentialSpi(sun.security.jgss.spi.GSSCredentialSpi) PrivilegedActionException(java.security.PrivilegedActionException) Iterator(java.util.Iterator) Vector(java.util.Vector) LoginException(javax.security.auth.login.LoginException) PrivilegedActionException(java.security.PrivilegedActionException) Subject(javax.security.auth.Subject)

Example 2 with GSSCredentialSpi

use of sun.security.jgss.spi.GSSCredentialSpi in project jdk8u_jdk by JetBrains.

the class GSSUtil method getSubject.

/**
     * Note: The current impl only works with Sun's impl of
     * GSSName and GSSCredential since it depends on package
     * private APIs.
     */
public static Subject getSubject(GSSName name, GSSCredential creds) {
    HashSet<Object> privCredentials = null;
    // empty Set
    HashSet<Object> pubCredentials = new HashSet<Object>();
    Set<GSSCredentialSpi> gssCredentials = null;
    Set<KerberosPrincipal> krb5Principals = new HashSet<KerberosPrincipal>();
    if (name instanceof GSSNameImpl) {
        try {
            GSSNameSpi ne = ((GSSNameImpl) name).getElement(GSS_KRB5_MECH_OID);
            String krbName = ne.toString();
            if (ne instanceof Krb5NameElement) {
                krbName = ((Krb5NameElement) ne).getKrb5PrincipalName().getName();
            }
            KerberosPrincipal krbPrinc = new KerberosPrincipal(krbName);
            krb5Principals.add(krbPrinc);
        } catch (GSSException ge) {
            debug("Skipped name " + name + " due to " + ge);
        }
    }
    if (creds instanceof GSSCredentialImpl) {
        gssCredentials = ((GSSCredentialImpl) creds).getElements();
        privCredentials = new HashSet<Object>(gssCredentials.size());
        populateCredentials(privCredentials, gssCredentials);
    } else {
        // empty Set
        privCredentials = new HashSet<Object>();
    }
    debug("Created Subject with the following");
    debug("principals=" + krb5Principals);
    debug("public creds=" + pubCredentials);
    debug("private creds=" + privCredentials);
    return new Subject(false, krb5Principals, pubCredentials, privCredentials);
}
Also used : KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) Krb5NameElement(sun.security.jgss.krb5.Krb5NameElement) Subject(javax.security.auth.Subject) GSSNameSpi(sun.security.jgss.spi.GSSNameSpi) GSSCredentialSpi(sun.security.jgss.spi.GSSCredentialSpi) HashSet(java.util.HashSet)

Aggregations

Subject (javax.security.auth.Subject)2 GSSCredentialSpi (sun.security.jgss.spi.GSSCredentialSpi)2 AccessControlContext (java.security.AccessControlContext)1 PrivilegedActionException (java.security.PrivilegedActionException)1 HashSet (java.util.HashSet)1 Iterator (java.util.Iterator)1 Vector (java.util.Vector)1 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)1 LoginException (javax.security.auth.login.LoginException)1 Krb5NameElement (sun.security.jgss.krb5.Krb5NameElement)1 GSSNameSpi (sun.security.jgss.spi.GSSNameSpi)1