private void storeDelegatedGSSCredential() throws SaslException { try { GSSCredential gssCredential = gssContext.getDelegCred(); if (gssCredential != null) { tryHandleCallbacks(new IdentityCredentialCallback(new GSSKerberosCredential(gssCredential), true)); } else { saslGs2.trace("No GSSCredential delegated during authentication."); } } catch (UnsupportedCallbackException | GSSException e) { // ignored } }
GSSCredential credential = gssContext.getDelegCred(); httpSpnego.tracef("Credential delegation enabled, delegated credential = %s", credential); MechanismUtil.handleCallbacks(httpSpnego, callbackHandler, new IdentityCredentialCallback(new GSSKerberosCredential(credential), true));
gssCredential = gssContext.getCredDelegState() ? gssContext.getDelegCred() : null; } catch (GSSException e) { httpSpnego.trace("Unable to access delegated credential despite being delegated.", e);
GSSCredential gssCredential = gssContext.getDelegCred(); if (gssCredential != null) { tryHandleCallbacks(new IdentityCredentialCallback(new GSSKerberosCredential(gssCredential), true));
public GSSCredential getDelegatedCredentials() throws GSSException{ if(context != null && context.getCredDelegState()){ return context.getDelegCred(); } return null; } }
private void storeDelegatedGSSCredential() throws SaslException { try { GSSCredential gssCredential = gssContext.getDelegCred(); if (gssCredential != null) { tryHandleCallbacks(new IdentityCredentialCallback(new GSSKerberosCredential(gssCredential), true)); } else { saslGs2.trace("No GSSCredential delegated during authentication."); } } catch (UnsupportedCallbackException | GSSException e) { // ignored } }
private void storeDelegatedGSSCredential() throws SaslException { try { GSSCredential gssCredential = gssContext.getDelegCred(); if (gssCredential != null) { tryHandleCallbacks(new IdentityCredentialCallback(new GSSKerberosCredential(gssCredential), true)); } else { saslGs2.trace("No GSSCredential delegated during authentication."); } } catch (UnsupportedCallbackException | GSSException e) { // ignored } }
private void storeDelegatedGSSCredential() throws SaslException { try { GSSCredential gssCredential = gssContext.getDelegCred(); if (gssCredential != null) { tryHandleCallbacks(new IdentityCredentialCallback(new GSSKerberosCredential(gssCredential), true)); } else { saslGs2.trace("No GSSCredential delegated during authentication."); } } catch (UnsupportedCallbackException | GSSException e) { // ignored } }
private void processIdentity(GSSContext gssContext) throws GSSException, Exception { setIdentity(createIdentity(gssContext.getSrcName().toString())); if (DEBUG) { log.debug("context.getCredDelegState() = " + gssContext.getCredDelegState()); log.debug("context.getMutualAuthState() = " + gssContext.getMutualAuthState()); log.debug("context.getSrcName() = " + gssContext.getSrcName().toString()); } if (gssContext.getCredDelegState()) { delegatedCredential = gssContext.getDelegCred(); } negotiationContext.setAuthenticationMethod(SPNEGO); negotiationContext.setAuthenticated(true); } }
@Override public Boolean run() throws Exception { GSSContext gssContext = null; try { if (log.isTraceEnabled()) { log.trace("Going to establish security context"); } gssContext = establishContext(); logAuthDetails(gssContext); if (gssContext.isEstablished()) { if (gssContext.getSrcName() == null) { log.warn("GSS Context accepted, but no context initiator recognized. Check your kerberos configuration and reverse DNS lookup configuration"); return false; } authenticatedKerberosPrincipal = gssContext.getSrcName().toString(); if (gssContext.getCredDelegState()) { delegationCredential = gssContext.getDelegCred(); } return true; } else { return false; } } finally { if (gssContext != null) { gssContext.dispose(); } } }
} else { securityContext.clientCredential = context.getDelegCred();
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred(); } catch (GSSException e) { if (log.isDebugEnabled()) {
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred(); } catch (GSSException e) { if (log.isDebugEnabled()) {
krbServiceCtx.setDelegationCredential(secContext.getDelegCred());
if (storeCred && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred(); } catch (GSSException e) { if (log.isDebugEnabled()) {
if (storeCreds && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred(); } catch (GSSException e) { if (log.isDebugEnabled()) {
if (storeCreds && gssContext.getCredDelegState()) { try { gssCredential = gssContext.getDelegCred(); } catch (GSSException e) { if (log.isDebugEnabled()) {
GSSCredential credential = gssContext.getDelegCred(); httpSpnego.tracef("Credential delegation enabled, delegated credential = %s", credential); MechanismUtil.handleCallbacks(httpSpnego, callbackHandler, new IdentityCredentialCallback(new GSSKerberosCredential(credential), true));
GSSCredential credential = gssContext.getDelegCred(); httpSpnego.tracef("Credential delegation enabled, delegated credential = %s", credential); MechanismUtil.handleCallbacks(httpSpnego, callbackHandler, new IdentityCredentialCallback(new GSSKerberosCredential(credential), true));
GSSCredential credential = gssContext.getDelegCred(); httpSpnego.tracef("Credential delegation enabled, delegated credential = %s", credential); MechanismUtil.handleCallbacks(httpSpnego, callbackHandler, new IdentityCredentialCallback(new GSSKerberosCredential(credential), true));