Refine search
negotiationOid = new Oid(SPNEGO_OID); if (ex.getMajor() == GSSException.BAD_MECH) { log.debug("GSSException BAD_MECH, retry with Kerberos MECH"); tryKerberos = true; if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token); } catch (GSSException gsse) { log.error("generateToken", gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new SpnegoEngineException(gsse.getMessage(), gsse); throw new SpnegoEngineException(gsse.getMessage()); } catch (IOException | LoginException | PrivilegedActionException ex) { throw new SpnegoEngineException(ex.getMessage());
decoder.startSequence(); String decodedOid = decoder.decodeObjectIdentifier(); if (! mechanism.equals(new Oid(decodedOid))) { throw new GSSException(GSSException.DEFECTIVE_TOKEN);
static GSSException unavailable() throws GSSException { GSSException e = new GSSException(GSSException.UNAVAILABLE); log.error(e.getMessage(), e); throw e; } }
public void create(String user, String host) throws JSchException{ try{ Oid krb5=new Oid("1.2.840.113554.1.2.2"); Oid principalName=new Oid("1.2.840.113554.1.2.2.1"); context.requestMutualAuth(true); context.requestConf(true); context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false); throw new JSchException(ex.toString());
public Object run() { Object result; GSSContext context = null; try { GSSManager manager = GSSManager.getInstance(); GSSName serverName = manager.createName(protocol + '@' + host, GSSName.NT_HOSTBASED_SERVICE); // Kerberos v5 OID Oid krb5Oid = new Oid("1.2.840.113554.1.2.2"); context = manager.createContext(serverName, krb5Oid, delegatedCredentials, GSSContext.DEFAULT_LIFETIME); //context.requestMutualAuth(true); // TODO: used by IIS to pass token to Exchange ? context.requestCredDeleg(true); result = context.initSecContext(token, 0, token.length); } catch (GSSException e) { result = e; } finally { if (context != null) { try { context.dispose(); } catch (GSSException e) { LOGGER.debug("KerberosHelper.internalInitSecContext " + e + ' ' + e.getMessage()); } } } return result; } });
Oid krb5oid = new Oid("1.2.840.113554.1.2.2"); securityContext.token = context.acceptSecContext(token, 0, token.length); if (context.isEstablished()) { securityContext.principal = context.getSrcName().toString(); LOGGER.debug("Authenticated user: " + securityContext.principal); if (!context.getCredDelegState()) { context.dispose(); } catch (GSSException e) { LOGGER.debug("KerberosHelper.acceptSecurityContext " + e + ' ' + e.getMessage());
LOGGER.debug("init " + authServer); final Oid negotiationOid = new Oid(SPNEGO_OID); final GSSContext gssContext = manager.createContext(serverName.canonicalize(negotiationOid), negotiationOid, null, DEFAULT_LIFETIME); gssContext.requestMutualAuth(true); gssContext.requestCredDeleg(true); token = gssContext.initSecContext(token, 0, token.length); if (token == null) { state = State.FAILED; } catch (GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthenticationException(gsse.getMessage(), gsse); throw new AuthenticationException(gsse.getMessage());
private void setOid(String authenticationScheme) { // give GSSAPI the following Object ID // (the unique object identifier is used by GSSAPI to select the underlying security mechanism) try { if (authenticationScheme.equals("SPNEGO")) oid = new Oid("1.3.6.1.5.5.2"); // SPNEGO Oid else if (authenticationScheme.equals("Kerberos5")) oid = new Oid("1.2.840.113554.1.2.2"); // Kerberos5 Oid else System.out.println("Unsupported authentication scheme: " + authenticationScheme); } catch (GSSException e) { System.out.println("Oid GSSException: " + e.getMessage()); } }
@Override public byte[] init(byte[] token) throws IOException { checkState(!isEstablished()); try { if (isUninitialized) { context.requestMutualAuth(true); isUninitialized = false; } byte[] outToken = context.initSecContext(token, 0, token.length); if (isEstablished()) { principal = context.getSrcName(); subject = createSubject(); } return outToken; } catch (GSSException e) { throw new IOException(e.getMessage(), e); } }
public byte[] init(byte[] token, int s, int l) throws JSchException { try { if (context != null){ return context.initSecContext(token, s, l); }else { throw new JSchException("Context is null.."); } } catch (GSSException ex) { throw new JSchException(ex.toString()); } }
@Override public byte[] accept(byte[] token) throws IOException { checkState(!isEstablished()); try { isUninitialized = false; byte[] outToken = context.acceptSecContext(token, 0, token.length); if (isEstablished()) { principal = context.getSrcName(); subject = createSubject(); } return outToken; } catch (GSSException e) { throw new IOException(e.getMessage(), e); } }
/** * Free any system resources used by the module. */ @Override public void destroy() { if (context != null) { try { context.dispose(); } catch (GSSException e) { if (log.isDebugEnabled()) { log.debug("Failed ({}) to dispose of context: {}", e.getClass().getSimpleName(), e.getMessage()); } } finally { context = null; } } }
/** * Closes the session. If any {@link GSSContext} is present in the session * then it is closed. * * @param message the error message */ @Override protected void closeSession(String message) { GSSContext ctx = (GSSContext) getSession().getAttribute(GSS_CONTEXT); if (ctx != null) { try { ctx.dispose(); } catch (GSSException e) { e.printStackTrace(); super.closeSession(message, e); return; } } super.closeSession(message); } }
} catch (GSSException gsse) { state = State.FAILED; if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new InvalidCredentialsException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new AuthenticationException(gsse.getMessage(), gsse); throw new AuthenticationException(gsse.getMessage());
private String getLocalMessage() { String message = super.getMessage(); return (message == null) ? getClass().getName() : message; } }
GSSException g = (GlobusGSSException) t; if (g.getMajor() == GSSException.FAILURE && g.getMinor() == 0) { if (g instanceof GlobusGSSException) { return !((GlobusGSSException)g).hasCustomMessage; return g.getMessage().equals("Failure unspecified at GSS-API level");
@Override public boolean equals(GSSName another) throws GSSException { if (!(another instanceof BogusGSSName)) { throw new GSSException(GSSException.BAD_NAMETYPE); } BogusGSSName otherName = (BogusGSSName) another; return name.equals(otherName.name) && oid.equals(otherName.oid); }
throw new GSSException(GSSException.BAD_MECH); if (mechanismOid.equals(GSSCredentialSecurityFactory.KERBEROS_V5)) { if (plus) { return GS2_KRB5_PLUS; if (mechanismOid.equals(GSSCredentialSecurityFactory.SPNEGO)) { if (plus) { return SPNEGO_PLUS; messageDigest = MessageDigest.getInstance("SHA-1"); } catch (NoSuchAlgorithmException e) { throw new GSSException(GSSException.FAILURE); messageDigest.update(mechanismOid.getDER()); byte[] digest = messageDigest.digest(); digest[6] &= 0xfe;
public byte[] getMIC(byte[] message, int s, int l) { try { MessageProp prop = new MessageProp(0, false); return context.getMIC(message, s, l, prop); } catch (GSSException ex) { logger.error(ex.getMessage(), ex); return null; } }