_context.requestInteg(true); // for MIC _context.requestCredDeleg(true); _context.requestAnonymity(false); } catch(GSSException ex) { throw new JSchException("Failed to create GSSContextKrb5: "+ex, ex);
Kerb5Context ( String host, String service, String name, int userLifetime, int contextLifetime, String realm ) throws GSSException { GSSManager manager = GSSManager.getInstance(); GSSCredential clientCreds = null; Oid mechOid = JGSS_KRB5_MECH_OID; if ( realm != null ) { this.serviceName = manager.createName(service + "/" + host + "@" + realm, JGSS_KRB5_NAME_OID, mechOid); } else { this.serviceName = manager.createName(service + "@" + host, GSSName.NT_HOSTBASED_SERVICE, mechOid); } if ( log.isDebugEnabled() ) { log.debug("Service name is " + this.serviceName); } if ( name != null ) { this.clientName = manager.createName(name, GSSName.NT_USER_NAME, mechOid); clientCreds = manager.createCredential(this.clientName, userLifetime, mechOid, GSSCredential.INITIATE_ONLY); } else { this.clientName = null; } this.gssContext = manager.createContext(this.serviceName, mechOid, clientCreds, contextLifetime); this.gssContext.requestAnonymity(false); this.gssContext.requestSequenceDet(false); this.gssContext.requestConf(false); this.gssContext.requestInteg(false); this.gssContext.requestReplayDet(false); // per spec these should be set this.gssContext.requestMutualAuth(true); this.gssContext.requestCredDeleg(true); }
Kerb5Context ( String host, String service, String name, int userLifetime, int contextLifetime, String realm ) throws GSSException { GSSManager manager = GSSManager.getInstance(); GSSCredential clientCreds = null; Oid mechOid = JGSS_KRB5_MECH_OID; if ( realm != null ) { this.serviceName = manager.createName(service + "/" + host + "@" + realm, JGSS_KRB5_NAME_OID, mechOid); } else { this.serviceName = manager.createName(service + "@" + host, GSSName.NT_HOSTBASED_SERVICE, mechOid); } if ( log.isDebugEnabled() ) { log.debug("Service name is " + this.serviceName); } if ( name != null ) { this.clientName = manager.createName(name, GSSName.NT_USER_NAME, mechOid); clientCreds = manager.createCredential(this.clientName, userLifetime, mechOid, GSSCredential.INITIATE_ONLY); } else { this.clientName = null; } this.gssContext = manager.createContext(this.serviceName, mechOid, clientCreds, contextLifetime); this.gssContext.requestAnonymity(false); this.gssContext.requestSequenceDet(false); this.gssContext.requestConf(false); this.gssContext.requestInteg(false); this.gssContext.requestReplayDet(false); // per spec these should be set this.gssContext.requestMutualAuth(true); this.gssContext.requestCredDeleg(true); }
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); // for MIC context.requestCredDeleg(true); context.requestAnonymity(false);
context.requestInteg(true); context.requestCredDeleg(true); context.requestAnonymity(false); } catch (GSSException | NullPointerException e) { close(true);
private Kerb5Context createContext(String host) throws GSSException{ Kerb5Context kerb5Context = new Kerb5Context( host, service, user, userLifetime, contextLifetime ); kerb5Context.getGSSContext().requestAnonymity(false); kerb5Context.getGSSContext().requestSequenceDet(false); kerb5Context.getGSSContext().requestMutualAuth(false); kerb5Context.getGSSContext().requestConf(false); kerb5Context.getGSSContext().requestInteg(false); kerb5Context.getGSSContext().requestReplayDet(false); return kerb5Context; }