Examples with Realm sun.security.krb5.Realm used on opensource projects

Example 1 with Realm

use of sun.security.krb5.Realm in project jdk8u_jdk by JetBrains.

the class ConfigWithQuotations method main.

public static void main(String[] args) throws Exception {
    // This config file is generated using Kerberos.app on a Mac
    System.setProperty("java.security.krb5.conf", System.getProperty("test.src", ".") + "/edu.mit.Kerberos");
    Config config = Config.getInstance();
    System.out.println(config);
    if (!config.getDefaultRealm().equals("MAC.LOCAL")) {
        throw new Exception("Realm error");
    }
    if (!config.getKDCList("MAC.LOCAL").equals("kdc.mac.local:88")) {
        throw new Exception("KDC error");
    }
}

Example 2 with Realm

use of sun.security.krb5.Realm in project jdk8u_jdk by JetBrains.

the class PrincipalName method asn1Encode.

/**
     * Encodes a <code>PrincipalName</code> object. Note that only the type and
     * names are encoded. To encode the realm, call getRealm().asn1Encode().
     * @return the byte array of the encoded PrncipalName object.
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
     * @exception IOException if an I/O error occurs while reading encoded data.
     *
     */
public byte[] asn1Encode() throws Asn1Exception, IOException {
    DerOutputStream bytes = new DerOutputStream();
    DerOutputStream temp = new DerOutputStream();
    BigInteger bint = BigInteger.valueOf(this.nameType);
    temp.putInteger(bint);
    bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x00), temp);
    temp = new DerOutputStream();
    DerValue[] der = new DerValue[nameStrings.length];
    for (int i = 0; i < nameStrings.length; i++) {
        der[i] = new KerberosString(nameStrings[i]).toDerValue();
    }
    temp.putSequence(der);
    bytes.write(DerValue.createTag(DerValue.TAG_CONTEXT, true, (byte) 0x01), temp);
    temp = new DerOutputStream();
    temp.write(DerValue.tag_Sequence, bytes);
    return temp.toByteArray();
}

Example 3 with Realm

use of sun.security.krb5.Realm in project jdk8u_jdk by JetBrains.

the class Realm method parseCapaths.

/**
     * Parses the [capaths] stanza of the configuration file for a
     * list of realms to traverse to obtain credentials from the
     * initiating realm cRealm to the target realm sRealm.
     *
     * For a given client realm C there is a tag C in [capaths] whose
     * subtag S has a value which is a (possibly partial) path from C
     * to S. When the path is partial, it contains only the tail of the
     * full path. Values of other subtags will be used to build the full
     * path. The value "." means a direct path from C to S. If realm S
     * does not appear as a subtag, there is no path defined here.
     *
     * The implementation ignores all values which equals to C or S, or
     * a "." in multiple values, or any duplicated realm names.
     *
     * When a path value has more than two realms, they can be specified
     * with multiple key-value pairs each having a single value, but the
     * order must not change.
     *
     * For example:
     *
     * [capaths]
     *    TIVOLI.COM = {
     *        IBM.COM = IBM_LDAPCENTRAL.COM MOONLITE.ORG
     *        IBM_LDAPCENTRAL.COM = LDAPCENTRAL.NET
     *        LDAPCENTRAL.NET = .
     *    }
     *
     * TIVOLI.COM has a direct path to LDAPCENTRAL.NET, which has a direct
     * path to IBM_LDAPCENTRAL.COM. It also has a partial path to IBM.COM
     * being "IBM_LDAPCENTRAL.COM MOONLITE.ORG". Merging these info together,
     * a full path from TIVOLI.COM to IBM.COM will be
     *
     *   TIVOLI.COM -> LDAPCENTRAL.NET -> IBM_LDAPCENTRAL.COM
     *              -> IBM_LDAPCENTRAL.COM -> MOONLITE.ORG
     *
     * Please note the sRealm IBM.COM does not appear in the path.
     *
     * @param cRealm the initiating realm
     * @param sRealm the target realm, not the same as cRealm
     * @returns array of realms including at least cRealm as the first
     *          element
     * @throws KrbException if the config does not contain a sub-stanza
     *          for cRealm in [capaths] or the sub-stanza does not contain
     *          sRealm as a tag
     */
private static String[] parseCapaths(String cRealm, String sRealm) throws KrbException {
    // This line could throw a KrbException
    Config cfg = Config.getInstance();
    if (!cfg.exists("capaths", cRealm, sRealm)) {
        throw new KrbException("No conf");
    }
    LinkedList<String> path = new LinkedList<>();
    String head = sRealm;
    while (true) {
        String value = cfg.getAll("capaths", cRealm, head);
        if (value == null) {
            break;
        }
        String[] more = value.split("\\s+");
        boolean changed = false;
        for (int i = more.length - 1; i >= 0; i--) {
            if (path.contains(more[i]) || more[i].equals(".") || more[i].equals(cRealm) || more[i].equals(sRealm) || more[i].equals(head)) {
                // Ignore invalid values
                continue;
            }
            changed = true;
            path.addFirst(more[i]);
        }
        if (!changed)
            break;
        head = path.getFirst();
    }
    path.addFirst(cRealm);
    return path.toArray(new String[path.size()]);
}

Example 4 with Realm

use of sun.security.krb5.Realm in project jdk8u_jdk by JetBrains.

the class KRBSafe method init.

/**
     * Initializes an KRBSafe object.
     * @param encoding a single DER-encoded value.
     * @exception Asn1Exception if an error occurs while decoding an ASN1 encoded data.
     * @exception IOException if an I/O error occurs while reading encoded data.
     * @exception RealmException if an error occurs while parsing a Realm object.
     * @exception KrbApErrException if the value read from the DER-encoded data
     *  stream does not match the pre-defined value.
     */
private void init(DerValue encoding) throws Asn1Exception, RealmException, KrbApErrException, IOException {
    DerValue der, subDer;
    if (((encoding.getTag() & (byte) 0x1F) != (byte) 0x14) || (encoding.isApplication() != true) || (encoding.isConstructed() != true))
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    der = encoding.getData().getDerValue();
    if (der.getTag() != DerValue.tag_Sequence)
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & 0x1F) == 0x00) {
        pvno = subDer.getData().getBigInteger().intValue();
        if (pvno != Krb5.PVNO)
            throw new KrbApErrException(Krb5.KRB_AP_ERR_BADVERSION);
    } else
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    subDer = der.getData().getDerValue();
    if ((subDer.getTag() & 0x1F) == 0x01) {
        msgType = subDer.getData().getBigInteger().intValue();
        if (msgType != Krb5.KRB_SAFE)
            throw new KrbApErrException(Krb5.KRB_AP_ERR_MSG_TYPE);
    } else
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
    safeBody = KRBSafeBody.parse(der.getData(), (byte) 0x02, false);
    cksum = Checksum.parse(der.getData(), (byte) 0x03, false);
    if (der.getData().available() > 0)
        throw new Asn1Exception(Krb5.ASN1_BAD_ID);
}

Example 5 with Realm

use of sun.security.krb5.Realm in project jdk8u_jdk by JetBrains.

the class KerberosPrincipal method readObject.

/**
     * Reads this object from a stream (i.e., deserializes it)
     */
private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
    byte[] asn1EncPrincipal = (byte[]) ois.readObject();
    byte[] encRealm = (byte[]) ois.readObject();
    try {
        Realm realmObject = new Realm(new DerValue(encRealm));
        PrincipalName krb5Principal = new PrincipalName(new DerValue(asn1EncPrincipal), realmObject);
        realm = realmObject.toString();
        fullName = krb5Principal.toString();
        nameType = krb5Principal.getNameType();
    } catch (Exception e) {
        throw new IOException(e);
    }
}