private static boolean hasSpnegoSupport(GSSManager manager) throws GSSException { org.ietf.jgss.Oid spnego = new org.ietf.jgss.Oid("1.3.6.1.5.5.2"); org.ietf.jgss.Oid[] mechs = manager.getMechs(); for (Oid mech : mechs) { if (mech.equals(spnego)) { return true; } } return false; }
@Override public boolean equals(GSSName another) throws GSSException { if (!(another instanceof BogusGSSName)) { throw new GSSException(GSSException.BAD_NAMETYPE); } BogusGSSName otherName = (BogusGSSName) another; return name.equals(otherName.name) && oid.equals(otherName.oid); }
decoder.startSequence(); String decodedOid = decoder.decodeObjectIdentifier(); if (! mechanism.equals(new Oid(decodedOid))) { throw new GSSException(GSSException.DEFECTIVE_TOKEN);
if (gssContext.isEstablished()) { Oid actualMechanism = gssContext.getMech(); if (! mechanism.equals(actualMechanism)) { throw saslGs2.mechGssApiMechanismMismatch().toSaslException(); if (gssContext.isEstablished()) { Oid actualMechanism = gssContext.getMech(); if (! mechanism.equals(actualMechanism)) { throw saslGs2.mechGssApiMechanismMismatch().toSaslException();
Oid actualMech = gssContext.getMech(); saslGssapi.tracef("Negotiated mechanism %s", actualMech); if (KERBEROS_V5.equals(actualMech) == false) { throw saslGssapi.mechNegotiatedMechanismWasNotKerberosV5().toSaslException();
public boolean isAnonymousName() { return nameType.equals(GSSName.NT_ANONYMOUS); } }
public boolean equals(Object arg0) { try{ MIEName terg = (MIEName) arg0; if(oid.equals(terg.oid)&&name.equalsIgnoreCase(terg.name)){ return true; } }catch (Throwable e) {} return false; } /* (non-Javadoc)
public Object getOption(Oid option) throws GSSException { if (option == null) { throw new GlobusGSSException(GSSException.FAILURE, GlobusGSSException.BAD_ARGUMENT, "nullOption"); } if (option.equals(GSSConstants.GSS_MODE)) { return this.gssMode; } else if (option.equals(GSSConstants.DELEGATION_TYPE)) { return this.delegationType; } else if (option.equals(GSSConstants.CHECK_CONTEXT_EXPIRATION)) { return this.checkContextExpiration; } else if (option.equals(GSSConstants.REJECT_LIMITED_PROXY)) { return this.rejectLimitedProxy; } else if (option.equals(GSSConstants.REQUIRE_CLIENT_AUTH)) { return this.requireClientAuth; } else if (option.equals(GSSConstants.TRUSTED_CERTIFICATES)) { return this.tc; } else if (option.equals(GSSConstants.PROXY_POLICY_HANDLERS)) { // return this.proxyPolicyHandlers; throw new GSSException(GSSException.UNAVAILABLE); } else if (option.equals(GSSConstants.ACCEPT_NO_CLIENT_CERTS)) { return this.acceptNoClientCerts; } return null; }
public Object getOption(Oid option) throws GSSException { if (option == null) { throw new GlobusGSSException(GSSException.FAILURE, GlobusGSSException.BAD_ARGUMENT, "nullOption"); } if (option.equals(GSSConstants.GSS_MODE)) { return this.gssMode; } else if (option.equals(GSSConstants.DELEGATION_TYPE)) { return this.delegationType; } else if (option.equals(GSSConstants.CHECK_CONTEXT_EXPIRATION)) { return this.checkContextExpiration; } else if (option.equals(GSSConstants.REJECT_LIMITED_PROXY)) { return this.rejectLimitedProxy; } else if (option.equals(GSSConstants.REQUIRE_CLIENT_AUTH)) { return this.requireClientAuth; } else if (option.equals(GSSConstants.TRUSTED_CERTIFICATES)) { return this.tc; } else if (option.equals(GSSConstants.PROXY_POLICY_HANDLERS)) { // return this.proxyPolicyHandlers; throw new GSSException(GSSException.UNAVAILABLE); } else if (option.equals(GSSConstants.ACCEPT_NO_CLIENT_CERTS)) { return this.acceptNoClientCerts; } return null; }
public static NameType toKerbyNameType(Oid nameType) throws GSSException { NameType kerbyNameType; if (nameType == null) { throw new GSSException(GSSException.BAD_NAMETYPE); } if (nameType.equals(GSSName.NT_EXPORT_NAME) || nameType.equals(GSSName.NT_USER_NAME)) { kerbyNameType = NameType.NT_PRINCIPAL; } else if (nameType.equals(GSSName.NT_HOSTBASED_SERVICE)) { kerbyNameType = NameType.NT_SRV_HST; } else { throw new GSSException(GSSException.BAD_NAMETYPE, 0, "Unsupported Oid name type"); } return kerbyNameType; }
/** * Checks if the specified mechanism matches * the mechanism supported by this implementation. * * @param mech mechanism to check * @exception GSSException if mechanism not supported. */ public static void checkMechanism(Oid mech) throws GSSException { if (mech != null && !mech.equals(GSSConstants.MECH_OID)) { throw new GSSException(GSSException.BAD_MECH); } }
/** * Checks if the specified mechanism matches * the mechanism supported by this implementation. * * @param mech mechanism to check * @exception GSSException if mechanism not supported. */ public static void checkMechanism(Oid mech) throws GSSException { if (mech != null && !mech.equals(GSSConstants.MECH_OID)) { throw new GSSException(GSSException.BAD_MECH); } }
@Override public boolean accepts(InputStream in) throws IOException { if (in.markSupported() == false) { throw new IllegalArgumentException("The passed in InputStream needs to support mark/reset."); } in.mark(1); try { int dataRead = in.read(); if (dataRead == 0x60) { int length = NegTokenInitDecoder.readLength(in); Oid messageId = new Oid(in); return Constants.KERBEROS_V5.equals(messageId); } return false; } catch (GSSException e) { log.debug("Error determining message Oid", e); return false; } finally { in.reset(); } }
Oid messageId = new Oid(in); return Constants.SPNEGO.equals(messageId);
/** * Retrieves arbitrary data about this credential. * Currently supported oid: <UL> * <LI> * {@link GSSConstants#X509_CERT_CHAIN GSSConstants.X509_CERT_CHAIN} * returns certificate chain of this credential * (<code>X509Certificate[]</code>). * </LI> * </UL> * * @param oid the oid of the information desired. * @return the information desired. Might be null. * @exception GSSException containing the following major error codes: * <code>GSSException.FAILURE</code> */ public Object inquireByOid(Oid oid) throws GSSException { if (oid == null) { throw new GlobusGSSException(GSSException.FAILURE, GlobusGSSException.BAD_ARGUMENT, "nullOption"); } if (oid.equals(GSSConstants.X509_CERT_CHAIN)) { return (this.cred == null) ? null : this.cred.getCertificateChain(); } return null; }
/** * Retrieves arbitrary data about this credential. * Currently supported oid: <UL> * <LI> * {@link GSSConstants#X509_CERT_CHAIN GSSConstants.X509_CERT_CHAIN} * returns certificate chain of this credential * (<code>X509Certificate[]</code>). * </LI> * </UL> * * @param oid the oid of the information desired. * @return the information desired. Might be null. * @exception GSSException containing the following major error codes: * <code>GSSException.FAILURE</code> */ public Object inquireByOid(Oid oid) throws GSSException { if (oid == null) { throw new GlobusGSSException(GSSException.FAILURE, GlobusGSSException.BAD_ARGUMENT, "nullOption"); } if (oid.equals(GSSConstants.X509_CERT_CHAIN)) { return (this.cred == null) ? null : this.cred.getCertificateChain(); } return null; }
public boolean equals(GSSNameSpi name) throws GSSException { if (name == null || name.isAnonymousName() || isAnonymousName()) { return false; } return this.toString().equals(name.toString()) && this.getStringNameType().equals(name.getStringNameType()); }
decoder.startSequence(); String decodedOid = decoder.decodeObjectIdentifier(); if (! mechanism.equals(new Oid(decodedOid))) { throw new GSSException(GSSException.DEFECTIVE_TOKEN);
decoder.startSequence(); String decodedOid = decoder.decodeObjectIdentifier(); if (! mechanism.equals(new Oid(decodedOid))) { throw new GSSException(GSSException.DEFECTIVE_TOKEN);