Examples with PrincipalName sun.security.krb5.PrincipalName used on opensource projects

Search in sources :

Example 21 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class Immutable method main.

public static void main(String[] args) throws Exception {
    PrincipalName pn1 = new PrincipalName("host/service@REALM");
    PrincipalName pn2 = (PrincipalName) pn1.clone();
    pn1.getNameStrings()[0] = "http";
    if (!pn1.equals(pn2)) {
        throw new Exception();
    }
}
Also used : PrincipalName(sun.security.krb5.PrincipalName)

Example 22 with PrincipalName

use of sun.security.krb5.PrincipalName in project jdk8u_jdk by JetBrains.

the class SSL method main.

public static void main(String[] args) throws Exception {
    // reset the security property to make sure that the algorithms
    // and keys used in this test are not disabled.
    Security.setProperty("jdk.tls.disabledAlgorithms", "");
    krb5Cipher = args[0];
    boolean unbound = args.length > 1;
    System.setSecurityManager(new SSL());
    KDC kdc = KDC.create(OneKDC.REALM);
    server = "host." + OneKDC.REALM.toLowerCase(Locale.US);
    if (args.length > 2) {
        sniHostname = "test." + server;
        sniMatcherPattern = ".*";
    }
    kdc.addPrincipal(OneKDC.USER, OneKDC.PASS);
    kdc.addPrincipalRandKey("krbtgt/" + OneKDC.REALM);
    KDC.saveConfig(OneKDC.KRB5_CONF, kdc);
    System.setProperty("java.security.krb5.conf", OneKDC.KRB5_CONF);
    // Add 3 versions of keys into keytab
    KeyTab ktab = KeyTab.create(OneKDC.KTAB);
    String serviceName = null;
    if (sniHostname != null) {
        serviceName = "host/" + sniHostname;
    } else {
        serviceName = "host/" + server;
    }
    PrincipalName service = new PrincipalName(serviceName, PrincipalName.KRB_NT_SRV_HST);
    ktab.addEntry(service, "pass1".toCharArray(), 1, true);
    ktab.addEntry(service, "pass2".toCharArray(), 2, true);
    ktab.addEntry(service, "pass3".toCharArray(), 3, true);
    ktab.save();
    // and use the middle one as the real key
    kdc.addPrincipal(serviceName, "pass2".toCharArray());
    // JAAS config entry name ssl
    System.setProperty("java.security.auth.login.config", OneKDC.JAAS_CONF);
    File f = new File(OneKDC.JAAS_CONF);
    FileOutputStream fos = new FileOutputStream(f);
    fos.write(("ssl {\n" + "    com.sun.security.auth.module.Krb5LoginModule required\n" + (unbound ? "    principal=*\n" : "    principal=\"" + serviceName + "\"\n") + "    useKeyTab=true\n" + "    keyTab=" + OneKDC.KTAB + "\n" + "    isInitiator=false\n" + "    storeKey=true;\n};\n").getBytes());
    fos.close();
    Context c;
    final Context s = Context.fromJAAS("ssl");
    s.startAsServer(GSSUtil.GSS_KRB5_MECH_OID);
    Thread server = new Thread(new Runnable() {

        public void run() {
            try {
                s.doAs(new JsseServerAction(), null);
            } catch (Exception e) {
                e.printStackTrace();
                serverState = 2;
            }
        }
    });
    server.setDaemon(true);
    server.start();
    while (serverState == 0) {
        Thread.sleep(50);
    }
    if (serverState == 2) {
        throw new Exception("Server already failed");
    }
    c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
    c.startAsClient(serviceName, GSSUtil.GSS_KRB5_MECH_OID);
    c.doAs(new JsseClientAction(), null);
    // Add another version of key, make sure it can be loaded
    Thread.sleep(2000);
    ktab = KeyTab.getInstance(OneKDC.KTAB);
    ktab.addEntry(service, "pass4".toCharArray(), 4, true);
    ktab.save();
    kdc.addPrincipal(serviceName, "pass4".toCharArray());
    c = Context.fromUserPass(OneKDC.USER, OneKDC.PASS, false);
    c.startAsClient(serviceName, GSSUtil.GSS_KRB5_MECH_OID);
    c.doAs(new JsseClientAction(), null);
    // implementation related.
    if (unbound) {
        // and checks "accept". Second connection resume.
        if (!permChecks.equals("IA")) {
            throw new Exception();
        }
    } else {
        // client then checks "initiate". Second connection resume.
        if (!permChecks.equals("AAI")) {
            throw new Exception();
        }
    }
}
Also used : PrincipalName(sun.security.krb5.PrincipalName) KeyTab(sun.security.krb5.internal.ktab.KeyTab)

Aggregations

PrincipalName (sun.security.krb5.PrincipalName)17 KeyTab (sun.security.krb5.internal.ktab.KeyTab)7 KrbException (sun.security.krb5.KrbException)6 EncryptionKey (sun.security.krb5.EncryptionKey)3 CredentialsCache (sun.security.krb5.internal.ccache.CredentialsCache)3 File (java.io.File)2 IOException (java.io.IOException)2 PrivilegedActionException (java.security.PrivilegedActionException)2 KerberosKey (javax.security.auth.kerberos.KerberosKey)2 KerberosPrincipal (javax.security.auth.kerberos.KerberosPrincipal)2 KerberosTicket (javax.security.auth.kerberos.KerberosTicket)2 ServicePermission (javax.security.auth.kerberos.ServicePermission)2 Realm (sun.security.krb5.Realm)2 RealmException (sun.security.krb5.RealmException)2 InvocationTargetException (java.lang.reflect.InvocationTargetException)1 BigInteger (java.math.BigInteger)1 UnknownHostException (java.net.UnknownHostException)1 LoginException (javax.security.auth.login.LoginException)1 GSSException (org.ietf.jgss.GSSException)1 ServiceCreds (sun.security.jgss.krb5.ServiceCreds)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial