Package org.apache.wss4j.common.spnego

Class SpnegoTokenContext

java.lang.Object
org.apache.wss4j.common.spnego.SpnegoTokenContext
public class SpnegoTokenContext extends Object
This class wraps a GSSContext and provides some functionality to obtain and validate spnego tokens.

  • Constructor Details

    • SpnegoTokenContext

      public SpnegoTokenContext()

  • Method Details

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) throws WSSecurityException
      Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
      Parameters:
      jaasLoginModuleName - the JAAS Login Module name to use
      callbackHandler - a CallbackHandler instance to retrieve a password (optional)
      serviceName - the desired Kerberized service
      Throws:
      WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) throws WSSecurityException
      Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
      Parameters:
      jaasLoginModuleName - the JAAS Login Module name to use
      callbackHandler - a CallbackHandler instance to retrieve a password (optional)
      serviceName - the desired Kerberized service
      isUsernameServiceNameForm -
      Throws:
      WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegationCredential) throws WSSecurityException
      Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
      Parameters:
      jaasLoginModuleName - the JAAS Login Module name to use
      callbackHandler - a CallbackHandler instance to retrieve a password (optional)
      serviceName - the desired Kerberized service
      isUsernameServiceNameForm -
      requestCredDeleg - Whether to request credential delegation or not
      delegationCredential - The delegation credential to use
      Throws:
      WSSecurityException

    • validateServiceTicket

      public void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, byte[] ticket) throws WSSecurityException
      Validate a service ticket.
      Parameters:
      jaasLoginModuleName -
      callbackHandler -
      serviceName -
      ticket -
      Throws:
      WSSecurityException

    • validateServiceTicket

      public void validateServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, byte[] ticket) throws WSSecurityException
      Validate a service ticket.
      Parameters:
      jaasLoginModuleName -
      callbackHandler -
      serviceName -
      ticket -
      Throws:
      WSSecurityException

    • setMutualAuth

      public void setMutualAuth(boolean mutualAuthentication)
      Whether to enable mutual authentication or not. This only applies to retrieve service ticket.

    • getToken

      public byte[] getToken()
      Get the SPNEGO token that was created.

    • isEstablished

      public boolean isEstablished()
      Whether a connection has been established (at the service side)

    • unwrapKey

      public byte[] unwrapKey(byte[] secret) throws WSSecurityException
      Unwrap a key
      Throws:
      WSSecurityException

    • wrapKey

      public byte[] wrapKey(byte[] secret) throws WSSecurityException
      Wrap a key
      Throws:
      WSSecurityException

    • setSpnegoClientAction

      public void setSpnegoClientAction(SpnegoClientAction spnegoClientAction)
      Set a custom SpnegoClientAction implementation to use

    • setSpnegoServiceAction

      public void setSpnegoServiceAction(SpnegoServiceAction spnegoServiceAction)
      Set a custom SpnegoServiceAction implementation to use

    • clear

      public void clear()

    • getDelegationCredential

      public GSSCredential getDelegationCredential()

    • getSpnegoPrincipal

      public Principal getSpnegoPrincipal()