GSSContextKrb5.java
Go to the documentation of this file.00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030 package com.jcraft.jsch.jgss;
00031
00032 import com.jcraft.jsch.JSchException;
00033
00034 import java.net.InetAddress;
00035 import java.net.UnknownHostException;
00036 import org.ietf.jgss.GSSContext;
00037 import org.ietf.jgss.GSSCredential;
00038 import org.ietf.jgss.GSSException;
00039 import org.ietf.jgss.GSSManager;
00040 import org.ietf.jgss.GSSName;
00041 import org.ietf.jgss.MessageProp;
00042 import org.ietf.jgss.Oid;
00043
00044 public class GSSContextKrb5 implements com.jcraft.jsch.GSSContext{
00045
00046 private static final String pUseSubjectCredsOnly =
00047 "javax.security.auth.useSubjectCredsOnly";
00048 private static String useSubjectCredsOnly =
00049 getSystemProperty(pUseSubjectCredsOnly);
00050
00051 private GSSContext context=null;
00052 public void create(String user, String host) throws JSchException{
00053 try{
00054
00055 Oid krb5=new Oid("1.2.840.113554.1.2.2");
00056
00057 Oid principalName=new Oid("1.2.840.113554.1.2.2.1");
00058
00059 GSSManager mgr=GSSManager.getInstance();
00060
00061 GSSCredential crd=null;
00062
00063
00064
00065
00066
00067
00068
00069
00070
00071
00072
00073
00074 String cname=host;
00075 try{
00076 cname=InetAddress.getByName(cname).getCanonicalHostName();
00077 }
00078 catch(UnknownHostException e){
00079 }
00080 GSSName _host=mgr.createName("host/"+cname, principalName);
00081
00082 context=mgr.createContext(_host,
00083 krb5,
00084 crd,
00085 GSSContext.DEFAULT_LIFETIME);
00086
00087
00088
00089
00090
00091
00092
00093
00094
00095
00096
00097
00098
00099
00100
00101 context.requestMutualAuth(true);
00102 context.requestConf(true);
00103 context.requestInteg(true);
00104 context.requestCredDeleg(true);
00105 context.requestAnonymity(false);
00106
00107 return;
00108 }
00109 catch(GSSException ex){
00110 throw new JSchException(ex.toString());
00111 }
00112 }
00113
00114 public boolean isEstablished(){
00115 return context.isEstablished();
00116 }
00117
00118 public byte[] init(byte[] token, int s, int l) throws JSchException {
00119 try{
00120
00121
00122
00123
00124
00125
00126 if(useSubjectCredsOnly==null){
00127 setSystemProperty(pUseSubjectCredsOnly, "false");
00128 }
00129 return context.initSecContext(token, 0, l);
00130 }
00131 catch(GSSException ex){
00132 throw new JSchException(ex.toString());
00133 }
00134 catch(java.lang.SecurityException ex){
00135 throw new JSchException(ex.toString());
00136 }
00137 finally{
00138 if(useSubjectCredsOnly==null){
00139
00140 setSystemProperty(pUseSubjectCredsOnly, "true");
00141 }
00142 }
00143 }
00144
00145 public byte[] getMIC(byte[] message, int s, int l){
00146 try{
00147 MessageProp prop = new MessageProp(0, true);
00148 return context.getMIC(message, s, l, prop);
00149 }
00150 catch(GSSException ex){
00151 return null;
00152 }
00153 }
00154
00155 public void dispose(){
00156 try{
00157 context.dispose();
00158 }
00159 catch(GSSException ex){
00160 }
00161 }
00162
00163 private static String getSystemProperty(String key){
00164 try{ return System.getProperty(key); }
00165 catch(Exception e){
00166
00167 return null;
00168 }
00169 }
00170
00171 private static void setSystemProperty(String key, String value){
00172 try{ System.setProperty(key, value); }
00173 catch(Exception e){
00174
00175 }
00176 }
00177 }