public GSSCredential getCredential(File proxyFile) throws IOException, GSSException { byte[] proxyBytes = new byte[(int) proxyFile.length()]; FileInputStream in = new FileInputStream(proxyFile); in.read(proxyBytes); in.close(); ExtendedGSSManager manager = (ExtendedGSSManager) ExtendedGSSManager.getInstance(); return manager.createCredential(proxyBytes, ExtendedGSSCredential.IMPEXP_OPAQUE, GSSCredential.DEFAULT_LIFETIME, null, GSSCredential.INITIATE_AND_ACCEPT); } }
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); return manager.createName(_identity, null); }
protected Socket wrapSocket(Socket socket) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); ExtendedGSSContext context = (ExtendedGSSContext)manager.createContext(credentials); context.setOption(GSSConstants.GSS_MODE, gssMode); GssSocketFactory factory = GssSocketFactory.getDefault(); GssSocket gsiSocket = (GssSocket)factory.createSocket(socket, null, 0, context); // server socket gsiSocket.setUseClientMode(false); gsiSocket.setAuthorization(this.authorization); return gsiSocket; }
GSSManager manager = ExtendedGSSManager.getInstance(); context.requestCredDeleg(false); break; case GSIConstants.DELEGATION_LIMITED: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_LIMITED); break; case GSIConstants.DELEGATION_FULL: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_FULL); break; default: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, new Integer(this.delegationType)); context.setOption(GSSConstants.GSS_MODE, gssMode);
/** * Unwraps and discards frame of a token according to the GRAM "renew" * protocol for use in a GSI delegation handshake. The input token is * received from a globus job manager and comes wrapped (SSL mode) and * framed with a 4 byte big-endian token length header. * * @param c The context to use to unwrap the token * @param wrappedToken Token received from job manager during GSI handshake * @throws GSSException if an error occurs during token wrapping or if * context is insufficient * @return a token that can be passed to the context's next initDelegation */ private static byte[] consumeRenewToken(ExtendedGSSContext c, byte[] wrappedToken) throws GSSException { if (!GSIConstants.MODE_SSL.equals(c.getOption(GSSConstants.GSS_MODE))) { throw new GSSException(GSSException.NO_CONTEXT); } byte[] framedToken = c.unwrap(wrappedToken, 0, wrappedToken.length, null); byte[] token = new byte[framedToken.length - 4]; System.arraycopy(framedToken, 4, token, 0, framedToken.length - 4); return token; }
/** * Frames and wraps a token according to the GRAM "renew" protocol * for use in a GSI delegation handshake. The input token is framed with * a 4 byte big-endian token length header, and the resulting framed token * wrapped in SSL mode (GSSContext's GSS_MODE option set to MODE_SSL) * * @param c The context used to wrap the token * @param token The unaltered output of the context's initDelegation * @throws GSSException if an error occurs during token wrapping or if * context is insufficient * @return a wrapped, framed token to send to globus job manager */ private static byte[] produceRenewToken(ExtendedGSSContext c, byte[] token) throws GSSException { if (!GSIConstants.MODE_SSL.equals(c.getOption(GSSConstants.GSS_MODE))) { throw new GSSException(GSSException.NO_CONTEXT); } byte[] framedToken = new byte[token.length + 4]; SSLUtil.writeInt(token.length, framedToken, 0); System.arraycopy(token, 0, framedToken, 4, token.length); return c.wrap(framedToken, 0, framedToken.length, null); }
output = produceRenewToken(context, context.initDelegation( newCred, null, 0, input, 0, input.length)); out.writeToken(output); if (!context.isDelegationFinished()) { input = consumeRenewToken(context, in.readHandshakeToken()); } while (!context.isDelegationFinished()); GatekeeperReply reply = new GatekeeperReply(in); return reply;
GSSManager manager = ExtendedGSSManager.getInstance(); context.requestCredDeleg(false); break; case GSIConstants.DELEGATION_LIMITED: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_LIMITED); break; case GSIConstants.DELEGATION_FULL: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, GSIConstants.DELEGATION_TYPE_FULL); break; default: context.requestCredDeleg(true); context.setOption(GSSConstants.DELEGATION_TYPE, new Integer(this.delegationType)); context.setOption(GSSConstants.GSS_MODE, gssMode);
protected Socket wrapSocket(Socket socket) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); ExtendedGSSContext context = (ExtendedGSSContext)manager.createContext(credentials); context.setOption(GSSConstants.GSS_MODE, gssMode); GssSocketFactory factory = GssSocketFactory.getDefault(); GssSocket gsiSocket = (GssSocket)factory.createSocket(socket, null, 0, context); // server socket gsiSocket.setUseClientMode(false); gsiSocket.setAuthorization(this.authorization); return gsiSocket; }
public GSSCredential getCredential(File proxyFile) throws IOException, GSSException { byte[] proxyBytes = new byte[(int) proxyFile.length()]; FileInputStream in = new FileInputStream(proxyFile); in.read(proxyBytes); in.close(); ExtendedGSSManager manager = (ExtendedGSSManager) ExtendedGSSManager.getInstance(); return manager.createCredential(proxyBytes, ExtendedGSSCredential.IMPEXP_OPAQUE, GSSCredential.DEFAULT_LIFETIME, null, GSSCredential.INITIATE_AND_ACCEPT); } }
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); return manager.createName(_service + "@" + host, GSSName.NT_HOSTBASED_SERVICE); }
GSSManager manager = ExtendedGSSManager.getInstance(); GSSContext.DEFAULT_LIFETIME); context.requestCredDeleg(doDel); context.setOption(GSSConstants.DELEGATION_TYPE, (limitedDelegation) ? GSIConstants.DELEGATION_TYPE_LIMITED :
protected Socket openSocket(String host, int port) throws IOException { GSSManager manager = ExtendedGSSManager.getInstance(); ExtendedGSSContext context = null; try { context = (ExtendedGSSContext)manager.createContext( null, GSSConstants.MECH_OID, this.cred, GSSContext.DEFAULT_LIFETIME ); context.setOption(GSSConstants.GSS_MODE, GSIConstants.MODE_SSL); } catch (GSSException e) { throw new ChainedIOException("Security error", e); } GssSocketFactory factory = GssSocketFactory.getDefault(); socket = factory.createSocket(host, port, context); ((GssSocket)socket).setAuthorization(this.auth); return socket; }
public GSSCredential getCredential(File proxyFile) throws IOException, GSSException { byte[] proxyBytes = new byte[(int) proxyFile.length()]; FileInputStream in = new FileInputStream(proxyFile); try { in.read(proxyBytes); } finally { in.close(); } ExtendedGSSManager manager = (ExtendedGSSManager) ExtendedGSSManager.getInstance(); return manager.createCredential(proxyBytes, ExtendedGSSCredential.IMPEXP_OPAQUE, GSSCredential.DEFAULT_LIFETIME, null, GSSCredential.INITIATE_AND_ACCEPT); } }
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); return manager.createName(_service + "@" + host, GSSName.NT_HOSTBASED_SERVICE); }
this.append = append; GSSManager manager = ExtendedGSSManager.getInstance(); GSSContext.DEFAULT_LIFETIME); context.setOption(GSSConstants.GSS_MODE, GSIConstants.MODE_SSL);
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { GSSManager manager = ExtendedGSSManager.getInstance(); return manager.createName(_identity, null); }
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { if (cred == null) { GSSManager manager = ExtendedGSSManager.getInstance(); cred = manager.createCredential(GSSCredential.INITIATE_AND_ACCEPT); } return cred.getName(); }
public GSSName getExpectedName(GSSCredential cred, String host) throws GSSException { if (cred == null) { GSSManager manager = ExtendedGSSManager.getInstance(); cred = manager.createCredential(GSSCredential.INITIATE_AND_ACCEPT); } return cred.getName(); }
/** */ private static GSSCredential getJobCredentials(GramJob job) throws GSSException { GSSCredential cred = job.getCredentials(); if (cred == null) { GSSManager manager = ExtendedGSSManager.getInstance(); cred = manager.createCredential(GSSCredential.INITIATE_AND_ACCEPT); job.setCredentials(cred); } return cred; }