static GSSException unavailable() throws GSSException { GSSException e = new GSSException(GSSException.UNAVAILABLE); log.error(e.getMessage(), e); throw e; } }
log.error("generateToken", gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new SpnegoEngineException(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new SpnegoEngineException(gsse.getMessage(), gsse); throw new SpnegoEngineException(gsse.getMessage()); } catch (IOException | LoginException | PrivilegedActionException ex) { throw new SpnegoEngineException(ex.getMessage());
if (gsse.getMajor() == GSSException.DEFECTIVE_CREDENTIAL || gsse.getMajor() == GSSException.CREDENTIALS_EXPIRED) throw new Exception(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.NO_CRED) throw new Exception(gsse.getMessage(), gsse); if (gsse.getMajor() == GSSException.DEFECTIVE_TOKEN || gsse.getMajor() == GSSException.DUPLICATE_TOKEN || gsse.getMajor() == GSSException.OLD_TOKEN) throw new Exception(gsse.getMessage(), gsse); throw new Exception(gsse.getMessage()); } catch (IOException ex) { throw new Exception(ex.getMessage());
private String getLocalMessage() { String message = super.getMessage(); return (message == null) ? getClass().getName() : message; } }
private String getLocalMessage() { String message = super.getMessage(); return (message == null) ? getClass().getName() : message; } }
/** * Free any system resources used by the module. */ @Override public void destroy() { if (context != null) { try { context.dispose(); } catch (GSSException e) { if (log.isDebugEnabled()) { log.debug("Failed ({}) to dispose of context: {}", e.getClass().getSimpleName(), e.getMessage()); } } finally { context = null; } } }
/** * Free any system resources used by the module. */ @Override public void destroy() { if (context != null) { try { context.dispose(); } catch (GSSException e) { if (log.isDebugEnabled()) { log.debug("Failed ({}) to dispose of context: {}", e.getClass().getSimpleName(), e.getMessage()); } } finally { context = null; } } }
@Override public byte[] unwrap(byte[] token) throws IOException { checkState(isEstablished()); try { return context.unwrap(token, 0, token.length, prop); } catch (GSSException e) { throw new IOException("Failed to unwrap message: " + e.getMessage(), e); } }
@Override public byte[] wrap(byte[] data, int offset, int len) throws IOException { checkState(isEstablished()); try { return context.wrap(data, offset, len, prop); } catch (GSSException e) { throw new IOException("Failed to wrap message: " + e.getMessage(), e); } }
public byte[] getMIC(byte[] message, int s, int l) { try { MessageProp prop = new MessageProp(0, false); return context.getMIC(message, s, l, prop); } catch (GSSException ex) { logger.error(ex.getMessage(), ex); return null; } }
private void setOid(String authenticationScheme) { // give GSSAPI the following Object ID // (the unique object identifier is used by GSSAPI to select the underlying security mechanism) try { if (authenticationScheme.equals("SPNEGO")) oid = new Oid("1.3.6.1.5.5.2"); // SPNEGO Oid else if (authenticationScheme.equals("Kerberos5")) oid = new Oid("1.2.840.113554.1.2.2"); // Kerberos5 Oid else System.out.println("Unsupported authentication scheme: " + authenticationScheme); } catch (GSSException e) { System.out.println("Oid GSSException: " + e.getMessage()); } }
@Override public String getMessage() { Throwable cause = getCause(); if (isBoring(this)) { return getUsefulMessage(cause); } else { StringBuilder message = new StringBuilder(super.getMessage()); if (cause != null) { message.append(" [Caused by: ").append(getUsefulMessage(cause)).append("]"); } return message.toString(); } }
@Override public String getMessage() { Throwable cause = getCause(); if (isBoring(this)) { return getUsefulMessage(cause); } else { StringBuilder message = new StringBuilder(super.getMessage()); if (cause != null) { message.append(" [Caused by: ").append(getUsefulMessage(cause)).append("]"); } return message.toString(); } }
private String getAuthorization(URI currentURI) { try { String spn = getCompleteServicePrincipalName(currentURI); Oid oid = new Oid(SPNEGO_OID); byte[] token = getToken(spn, oid); String encodedToken = new String(Base64.getEncoder().encode(token), StandardCharsets.UTF_8); return NEGOTIATE_SCHEME + " " + encodedToken; } catch (LoginException e) { throw new RuntimeException(e.getMessage(), e); } catch (GSSException e) { throw new RuntimeException(e.getMessage(), e); } }
public void run() { try { request( resourceManagerContact ); } catch( GSSException gpe ) { System.err.println( "Error: " + gpe.getMessage() ); setStatus( STATUS_FAILED ); } catch( GramException ge ) { System.err.println( "Error: " + ge.getMessage() ); setStatus( STATUS_FAILED ); } } }
@Override public byte[] accept(byte[] token) throws IOException { checkState(!isEstablished()); try { isUninitialized = false; byte[] outToken = context.acceptSecContext(token, 0, token.length); if (isEstablished()) { principal = context.getSrcName(); subject = createSubject(); } return outToken; } catch (GSSException e) { throw new IOException(e.getMessage(), e); } }
@Override public byte[] init(byte[] token) throws IOException { checkState(!isEstablished()); try { if (isUninitialized) { context.requestMutualAuth(true); isUninitialized = false; } byte[] outToken = context.initSecContext(token, 0, token.length); if (isEstablished()) { principal = context.getSrcName(); subject = createSubject(); } return outToken; } catch (GSSException e) { throw new IOException(e.getMessage(), e); } }
public Object run() { try { Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2"); Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1"); final GSSManager manager = GSSManager.getInstance(); final GSSName clientName = manager.createName(clientPrincipalName, krb5PrincipalNameType); final GSSCredential clientCred = manager.createCredential(clientName, 8 * 3600, krb5Mechanism, GSSCredential.INITIATE_ONLY); final GSSName serverName = manager.createName(serverPrincipalName, krb5PrincipalNameType); final GSSContext context = manager.createContext(serverName, krb5Mechanism, clientCred, GSSContext.DEFAULT_LIFETIME); byte[] inToken = new byte[0]; // since byte[] outToken = context.initSecContext(inToken, 0, inToken.length); outputToken.append(new String(Base64.encodeBytes(outToken,Base64.DONT_BREAK_LINES))); context.dispose(); } catch (GSSException exception) { throw new RuntimeException(exception.getMessage()); } return null; } }
public String getAuthorization(AuthorizationPolicy authPolicy, URI currentURI, Message message) { if (!HttpAuthHeader.AUTH_TYPE_NEGOTIATE.equals(authPolicy.getAuthorizationType())) { return null; } try { String spn = getCompleteServicePrincipalName(currentURI); boolean useKerberosOid = MessageUtils.isTrue( message.getContextualProperty(PROPERTY_USE_KERBEROS_OID)); Oid oid = new Oid(useKerberosOid ? KERBEROS_OID : SPNEGO_OID); byte[] token = getToken(authPolicy, spn, oid, message); return HttpAuthHeader.AUTH_TYPE_NEGOTIATE + " " + Base64Utility.encode(token); } catch (LoginException e) { throw new RuntimeException(e.getMessage(), e); } catch (GSSException e) { throw new RuntimeException(e.getMessage(), e); } }
@Override public void process(CompoundContext context, nfs_resop4 result) throws IOException { final SECINFO4res res = result.opsecinfo; Inode dir = context.currentInode(); Stat stat = context.getFs().getattr(dir); if (stat.type() != Stat.Type.DIRECTORY) { throw new NotDirException(); } context.clearCurrentInode(); String name = NameFilter.convertName(_args.opsecinfo.name.value); Inode inode = context.getFs().lookup(dir, name); try { res.resok4 = new SECINFO4resok(); res.resok4.value = OperationSECINFO_NO_NAME.secinfosOf(inode, context); res.status = nfsstat.NFS_OK; } catch (GSSException e) { throw new NfsIoException(e.getMessage()); } } }