📄 krb5loginauthaction.java
字号:
/**
* KerberosAuthAction.java
*
* Copyright 2009 Tidal Software. All rights reserved.
*
* Revision History:
* Date Name Action
* ------------------------------------------------
* Feb 12, 2009 wayne Created
*/
package com.tidalsoft.webconsole.sso.filter;
import java.io.*;
import java.security.*;
import org.apache.commons.logging.*;
import org.ietf.jgss.*;
import com.tidalsoft.webconsole.sso.*;
import com.tidalsoft.webconsole.sso.UserAuthResult.*;
public class Krb5LoginAuthAction implements
PrivilegedExceptionAction<UserAuthResult> {
final static Log logger = LogFactory.getLog(Krb5LoginAuthAction.class);
public static final String SPNEGO_OID = "1.3.6.1.5.5.2";
public static final String KRB5_OID = "1.2.840.113554.1.2.2";
private byte[] token;
private String oidString;
Krb5LoginAuthAction(byte[] token, String oid) {
this.token = token;
this.oidString = oid;
}
/**
* @see java.security.PrivilegedExceptionAction#run()
*/
@Override
public UserAuthResult run() throws GSSException, IOException {
UserAuthResult result = new UserAuthResult();
Oid spnegoOid = new Oid(oidString);
GSSManager manager = GSSManager.getInstance();
GSSCredential cred = manager.createCredential(null,
GSSCredential.INDEFINITE_LIFETIME, spnegoOid,
GSSCredential.ACCEPT_ONLY);
GSSContext context = manager.createContext(cred);
context.requestCredDeleg(true);
token = context.acceptSecContext(token, 0, token.length);
if (token == null) {
result.setState(State.FAILED);
return result;
}
logger.debug("Client principal is " + context.getSrcName());
logger.debug("Server principal is " + context.getTargName());
result.setSrcName(context.getSrcName().toString());
logger.debug("Delegate state:" + context.getCredDelegState());
if (context.getCredDelegState()) {
result.setDeleCred(context.getDelegCred());
result.setState(State.ESTABLISHED);
} else {
result.setState(State.FAILED_NODELE);
}
result.setReplyToken(token);
return result;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -