private CloseableHttpClient createHttpClient() throws Exception { final Subject clientSubject = JaasKrbUtil.loginUsingKeytab(clientPrincipal, clientKeytab); final Set<Principal> clientPrincipals = clientSubject.getPrincipals();
/** * Get KDC realm. * @return The kdc realm */ public String getKdcRealm() { String realm = getString(KrbConfigKey.KDC_REALM, false, LIBDEFAULT); if (realm == null) { realm = getString(KrbConfigKey.DEFAULT_REALM, false, LIBDEFAULT); if (realm == null) { realm = (String) KrbConfigKey.KDC_REALM.getDefaultValue(); } } return realm; }
/** * Get whether forward is allowed. * @return true if forward is allowed */ public boolean isForwardableAllowed() { return getBoolean(KrbConfigKey.FORWARDABLE, true, LIBDEFAULT); }
public static KrbClient newClient( String krb5ConfFilename ) throws IOException, KrbException { KrbConfig krbConfig = new KrbConfig(); if ( krb5ConfFilename != null ) { krbConfig.addKrb5Config( new File( krb5ConfFilename ) ); } KrbClient krbClient = new KrbClient( krbConfig ); krbClient.init(); return krbClient; }
public List<EncryptionType> getEncryptionTypes() { List<EncryptionType> encryptionTypes = krbContext.getConfig().getEncryptionTypes(); return EncryptionUtil.orderEtypesByStrength(encryptionTypes); } }
/** * Default constructor. * @throws KrbException e */ public KrbClientBase() throws KrbException { this.krbConfig = ClientUtil.getDefaultConfig(); this.commonOptions = new KOptions(); this.krbSetting = new KrbSetting(commonOptions, krbConfig); }
/** * Is to allow TCP for KDC * * @return true to allow TCP, false otherwise */ public boolean allowTcp() { return getBoolean(KrbConfigKey.KDC_ALLOW_TCP, true, LIBDEFAULT) || getInt(KrbConfigKey.KDC_TCP_PORT, true, LIBDEFAULT) != null || getInt(KrbConfigKey.KDC_PORT, false, LIBDEFAULT) != null; }
/** * Get krbconfig. * @return The krb config */ public KrbConfig getConfig() { return krbSetting.getKrbConfig(); }
/** * Get KDC host name * * @return The kdc host */ public String getKdcHost() { return getString( KrbConfigKey.KDC_HOST, true, LIBDEFAULT); }
/** * Get default tgs encryption types. * @return The tgs encryption type list */ public List<EncryptionType> getDefaultTgsEnctypes() { return getEncTypes(KrbConfigKey.DEFAULT_TGS_ENCTYPES, true, LIBDEFAULT); }
/** * @return PKINIT client */ public synchronized KrbPkinitClient getPkinitClient() { if (pkinitClient == null) { pkinitClient = new KrbPkinitClient(krbClnt); } return pkinitClient; }
/** * Get allowable clock skew. * @return The allowable clock skew */ public long getAllowableClockSkew() { return getLong(KrbConfigKey.CLOCKSKEW, true, LIBDEFAULT); }
@Test public void testAllowedClient() throws Exception { final Subject clientSubject = JaasKrbUtil.loginUsingKeytab(CLIENT_PRINCIPAL, clientKeytab); final Set<Principal> clientPrincipals = clientSubject.getPrincipals();
/** * Get KDC realm. * @return The kdc realm */ public String getKdcRealm() { String realm = getString(KrbConfigKey.KDC_REALM, false, LIBDEFAULT); if (realm == null) { realm = getString(KrbConfigKey.DEFAULT_REALM, false, LIBDEFAULT); if (realm == null) { realm = (String) KrbConfigKey.KDC_REALM.getDefaultValue(); } } return realm; }
/** * Get whether proxy is allowed. * @return true if proxy is allowed */ public boolean isProxiableAllowed() { return getBoolean(KrbConfigKey.PROXIABLE, true, LIBDEFAULT); }
/** * Get default ticket encryption types. * @return The encryption type list */ public List<EncryptionType> getDefaultTktEnctypes() { return getEncTypes(KrbConfigKey.DEFAULT_TKT_ENCTYPES, true, LIBDEFAULT); }
/** * Get whether body checksum verified. * @return true if body checksum verified */ public boolean isBodyChecksumVerified() { return getBoolean(KrbConfigKey.VERIFY_BODY_CHECKSUM, true, LIBDEFAULT); }
/** * Get whether dns look up realm. * @return true if dns look up realm */ public boolean getDnsLookUpRealm() { return getBoolean(KrbConfigKey.DNS_LOOKUP_REALM, true, LIBDEFAULT); }
/** * Get whether dns look up kdc. * @return true if dnc look up kdc */ public boolean getDnsLookUpKdc() { return getBoolean(KrbConfigKey.DNS_LOOKUP_KDC, true, LIBDEFAULT); }
/** * Get whether pa encrypt timestamp required. * @return true if pa encrypt time required */ public boolean isPaEncTimestampRequired() { return getBoolean(KrbConfigKey.PA_ENC_TIMESTAMP_REQUIRED, true, LIBDEFAULT); }