private boolean isCompatibleWithGssContext(final QOP qop) { switch (qop) { case AUTH_INT: return gssContext.getIntegState(); case AUTH_CONF: return gssContext.getIntegState() && gssContext.getConfState(); default: return true; } }
@Override public void handle(Message cmd, SSHPacket buf) throws UserAuthException, TransportException { if (cmd == Message.USERAUTH_60) { handleContextInitialization(buf); } else if (cmd == Message.USERAUTH_INFO_RESPONSE) { byte[] token = handleTokenFromServer(buf); if (!secContext.isEstablished()) { log.debug("Sending token"); sendToken(token); } else { if (secContext.getIntegState()) { log.debug("Per-message integrity protection available: finalizing authentication with message integrity code"); params.getTransport().write(new SSHPacket(Message.USERAUTH_GSSAPI_MIC).putString(generateMIC())); } else { log.debug("Per-message integrity protection unavailable: finalizing authentication"); params.getTransport().write(new SSHPacket(Message.USERAUTH_GSSAPI_EXCHANGE_COMPLETE)); } } } else { super.handle(cmd, buf); } } }
switch (current) { case AUTH_INT: if (gssContext.getIntegState()) { supportedSecurityLayers |= current.getValue(); offeringSecurityLayer = true;
/** * {@inheritDoc} * * @see jcifs.smb.SSPContext#isMICAvailable() */ @Override public boolean isMICAvailable () { return this.gssContext.getIntegState(); }
/** * {@inheritDoc} * * @see jcifs.smb.SSPContext#isMICAvailable() */ @Override public boolean isMICAvailable () { return this.gssContext.getIntegState(); }
private boolean isCompatibleWithGssContext(final QOP qop) { switch (qop) { case AUTH_INT: return gssContext.getIntegState(); case AUTH_CONF: return gssContext.getIntegState() && gssContext.getConfState(); default: return true; } }
private boolean isCompatibleWithGssContext(final QOP qop) { switch (qop) { case AUTH_INT: return gssContext.getIntegState(); case AUTH_CONF: return gssContext.getIntegState() && gssContext.getConfState(); default: return true; } }
private boolean isCompatibleWithGssContext(final QOP qop) { switch (qop) { case AUTH_INT: return gssContext.getIntegState(); case AUTH_CONF: return gssContext.getIntegState() && gssContext.getConfState(); default: return true; } }
protected void logAuthDetails(GSSContext gssContext) throws GSSException { if (log.isDebugEnabled()) { String message = new StringBuilder("SPNEGO Security context accepted with token: " + responseToken) .append(", established: ").append(gssContext.isEstablished()) .append(", credDelegState: ").append(gssContext.getCredDelegState()) .append(", mutualAuthState: ").append(gssContext.getMutualAuthState()) .append(", lifetime: ").append(gssContext.getLifetime()) .append(", confState: ").append(gssContext.getConfState()) .append(", integState: ").append(gssContext.getIntegState()) .append(", srcName: ").append(gssContext.getSrcName()) .append(", targName: ").append(gssContext.getTargName()) .toString(); log.debug(message); } }
@Override public void handle(Message cmd, SSHPacket buf) throws UserAuthException, TransportException { if (cmd == Message.USERAUTH_60) { handleContextInitialization(buf); } else if (cmd == Message.USERAUTH_INFO_RESPONSE) { byte[] token = handleTokenFromServer(buf); if (!secContext.isEstablished()) { log.debug("Sending token"); sendToken(token); } else { if (secContext.getIntegState()) { log.debug("Per-message integrity protection available: finalizing authentication with message integrity code"); params.getTransport().write(new SSHPacket(Message.USERAUTH_GSSAPI_MIC).putString(generateMIC())); } else { log.debug("Per-message integrity protection unavailable: finalizing authentication"); params.getTransport().write(new SSHPacket(Message.USERAUTH_GSSAPI_EXCHANGE_COMPLETE)); } } } else { super.handle(cmd, buf); } } }
contextFlags |= NegTokenInit.CONFIDENTIALITY; if ( this.gssContext.getIntegState() ) { contextFlags |= NegTokenInit.INTEGRITY;
contextFlags |= NegTokenInit.CONFIDENTIALITY; if ( this.gssContext.getIntegState() ) { contextFlags |= NegTokenInit.INTEGRITY;
contextFlags |= NegTokenInit.CONFIDENTIALITY; if (context.getIntegState()) { contextFlags |= NegTokenInit.INTEGRITY;
switch (current) { case AUTH_INT: if (gssContext.getIntegState()) { supportedSecurityLayers |= current.getValue(); offeringSecurityLayer = true;
switch (current) { case AUTH_INT: if (gssContext.getIntegState()) { supportedSecurityLayers |= current.getValue(); offeringSecurityLayer = true;
switch (current) { case AUTH_INT: if (gssContext.getIntegState()) { supportedSecurityLayers |= current.getValue(); offeringSecurityLayer = true;