final Callback authorizeCallBack; if (gssContext.getCredDelegState()) { try { GSSCredential credential = gssContext.getDelegCred();
gssCredential = gssContext.getCredDelegState() ? gssContext.getDelegCred() : null; } catch (GSSException e) { httpSpnego.trace("Unable to access delegated credential despite being delegated.", e);
public GSSCredential getDelegatedCredentials() throws GSSException{ if(context != null && context.getCredDelegState()){ return context.getDelegCred(); } return null; } }
protected void logAuthDetails(GSSContext gssContext) throws GSSException { if (log.isDebugEnabled()) { String message = new StringBuilder("SPNEGO Security context accepted with token: " + responseToken) .append(", established: ").append(gssContext.isEstablished()) .append(", credDelegState: ").append(gssContext.getCredDelegState()) .append(", mutualAuthState: ").append(gssContext.getMutualAuthState()) .append(", lifetime: ").append(gssContext.getLifetime()) .append(", confState: ").append(gssContext.getConfState()) .append(", integState: ").append(gssContext.getIntegState()) .append(", srcName: ").append(gssContext.getSrcName()) .append(", targName: ").append(gssContext.getTargName()) .toString(); log.debug(message); } }
private void processIdentity(GSSContext gssContext) throws GSSException, Exception { setIdentity(createIdentity(gssContext.getSrcName().toString())); if (DEBUG) { log.debug("context.getCredDelegState() = " + gssContext.getCredDelegState()); log.debug("context.getMutualAuthState() = " + gssContext.getMutualAuthState()); log.debug("context.getSrcName() = " + gssContext.getSrcName().toString()); } if (gssContext.getCredDelegState()) { delegatedCredential = gssContext.getDelegCred(); } negotiationContext.setAuthenticationMethod(SPNEGO); negotiationContext.setAuthenticated(true); } }
@Override public Boolean run() throws Exception { GSSContext gssContext = null; try { if (log.isTraceEnabled()) { log.trace("Going to establish security context"); } gssContext = establishContext(); logAuthDetails(gssContext); if (gssContext.isEstablished()) { if (gssContext.getSrcName() == null) { log.warn("GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration"); return false; } authenticatedKerberosPrincipal = gssContext.getSrcName().toString(); if (gssContext.getCredDelegState()) { delegationCredential = gssContext.getDelegCred(); } return true; } else { return false; } } finally { if (gssContext != null) { gssContext.dispose(); } } }
securityContext.principal = context.getSrcName().toString(); LOGGER.debug("Authenticated user: " + securityContext.principal); if (!context.getCredDelegState()) { LOGGER.debug("Credentials can not be delegated"); } else {
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred();
m.put(SecurityContext.class, createSecurityContext(simpleUserName, complexUserName, gssContext)); if (!gssContext.getCredDelegState()) { gssContext.dispose(); gssContext = null;
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred();
if (secContext.getCredDelegState()) { krbServiceCtx.setDelegationCredential(secContext.getDelegCred());
simpleUserName = simpleUserName.substring(0, index); if (!gssContext.getCredDelegState()) { gssContext.dispose(); gssContext = null;
public int getFlags () { int contextFlags = 0; if ( this.gssContext.getCredDelegState() ) { contextFlags |= NegTokenInit.DELEGATION;
public int getFlags () { int contextFlags = 0; if ( this.gssContext.getCredDelegState() ) { contextFlags |= NegTokenInit.DELEGATION;
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred();
if (storeCreds && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred();
if (storeCreds && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred();
final Callback authorizeCallBack; if (gssContext.getCredDelegState()) { try { GSSCredential credential = gssContext.getDelegCred();
final Callback authorizeCallBack; if (gssContext.getCredDelegState()) { try { GSSCredential credential = gssContext.getDelegCred();
byte[] mechToken = context.initSecContext(inputBuf, offset, len); int contextFlags = 0; if (context.getCredDelegState()) { contextFlags |= NegTokenInit.DELEGATION;