@Override public SSHPacket buildReq() throws UserAuthException { SSHPacket packet = super.buildReq() // the generic stuff .putUInt32(mechanismOids.size()); // number of OIDs we support for (Oid oid : mechanismOids) { try { packet.putString(oid.getDER()); } catch (GSSException e) { throw new UserAuthException("Mechanism OID could not be encoded: " + oid.toString(), e); } } return packet; }
log.debug("Server selected OID: {}", selectedOid.toString()); log.debug("Initializing GSSAPI context");
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
protected void configure(Properties properties) throws Exception { serviceName = properties.getProperty("NegotiateAuthenticator.serviceName", null); serviceNameType = new Oid(properties.getProperty("NegotiateAuthenticator.serviceNameType", GSSName.NT_HOSTBASED_SERVICE.toString())); String mechanismProperty = properties.getProperty("NegotiateAuthenticator.mechanism", null); mechanism = mechanismProperty == null ? null : new Oid(mechanismProperty); stripRealm = Boolean.parseBoolean(properties.getProperty("NegotiateAuthenticator.stripRealm", "true")); }
protected void configure(Properties properties) throws Exception { serviceName = properties.getProperty("NegotiateAuthenticator.serviceName", null); serviceNameType = new Oid(properties.getProperty("NegotiateAuthenticator.serviceNameType", GSSName.NT_HOSTBASED_SERVICE.toString())); String mechanismProperty = properties.getProperty("NegotiateAuthenticator.mechanism", null); mechanism = mechanismProperty == null ? null : new Oid(mechanismProperty); stripRealm = Boolean.parseBoolean(properties.getProperty("NegotiateAuthenticator.stripRealm", "true")); }
@Override public SSHPacket buildReq() throws UserAuthException { SSHPacket packet = super.buildReq() // the generic stuff .putUInt32(mechanismOids.size()); // number of OIDs we support for (Oid oid : mechanismOids) { try { packet.putString(oid.getDER()); } catch (GSSException e) { throw new UserAuthException("Mechanism OID could not be encoded: " + oid.toString(), e); } } return packet; }
log.debug("Server selected OID: {}", selectedOid.toString()); log.debug("Initializing GSSAPI context");
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
if (log.isDebugEnabled()) { log.debug(format(SshdText.get().gssapiInitFailure, currentMechanism.toString()));
static byte[] getGSSToken(String systemName, Object gssCredential) throws Exception { GSSManager manager = (GSSManager)AS400.getGSSManager(); if(manager == null) { manager = GSSManager.getInstance(); } else { if (Trace.traceOn_) Trace.log(Trace.DIAGNOSTIC, "Using custom GSS manager: '" + manager + "'"); } if (Trace.isTraceOn()) { Oid[] mechs = manager.getMechs(); Trace.log(Trace.DIAGNOSTIC, "GSS number of mechs available: ", mechs.length); for (int i = 0; i < mechs.length; ++i) Trace.log(Trace.DIAGNOSTIC, mechs[i].toString()); } Oid krb5Mech = new Oid("1.2.840.113554.1.2.2"); GSSName serverName = manager.createName("krbsvr400@" + systemName, GSSName.NT_HOSTBASED_SERVICE, krb5Mech); GSSCredential credential = (GSSCredential)gssCredential; GSSContext context = manager.createContext(serverName, krb5Mech, credential, GSSCredential.DEFAULT_LIFETIME); return context.initSecContext(new byte[0], 0, 0); } }
for (int i = 0; i < mechs.length; ++i) Trace.log(Trace.DIAGNOSTIC, mechs[i].toString());
currentMechanism.toString()), e); state = ProtocolState.FAILED; return false;
if (spnegoGenerator != null && negotiationOid.toString().equals(KERBEROS_OID)) { token = spnegoGenerator.generateSpnegoDERObject(token);
contextFlags |= NegTokenInit.INTEGRITY; ret = new NegTokenInit(new String[]{context.getMech().toString()}, contextFlags, mechToken, null).toByteArray(); }else{ SpnegoToken spToken = getToken(inputBuf, offset, len); result = NegTokenTarg.ACCEPT_COMPLETED; ret = new NegTokenTarg(result, context.getMech().toString(), mechToken, null).toByteArray();