Example usage for javax.security.auth.kerberos KerberosTicket getServer

List of usage examples for javax.security.auth.kerberos KerberosTicket getServer

  1. HOME
  2. Java
  3. javax
  4. javax.security.auth.kerberos.*
  5. KerberosTicket
  6. getServer

Introduction

In this page you can find the example usage for javax.security.auth.kerberos KerberosTicket getServer.

Prototype

public final KerberosPrincipal getServer()

Source Link

Document

Returns the service principal associated with this ticket.

Usage

From source file:com.buaa.cfs.utils.SecurityUtil.java

/**
 * Check whether the server principal is the TGS's principal
 *
 * @param ticket the original TGT (the ticket that is obtained when a kinit is done)
 *
 * @return true or false//from w ww.j  a v a 2 s .  c  om
 */
public static boolean isOriginalTGT(KerberosTicket ticket) {
    return isTGSPrincipal(ticket.getServer());
}

From source file:org.apache.hadoop.security.SecurityUtil.java

/**
 * Find the original TGT within the current subject's credentials. Cross-realm
 * TGT's of the form "krbtgt/TWO.COM@ONE.COM" may be present.
 * //from  ww  w .j  av a 2 s .c o m
 * @return The TGT from the current subject
 * @throws IOException
 *           if TGT can't be found
 */
private static KerberosTicket getTgtFromSubject() throws IOException {
    Subject current = Subject.getSubject(AccessController.getContext());
    if (current == null) {
        throw new IOException("Can't get TGT from current Subject, because it is null");
    }
    Set<KerberosTicket> tickets = current.getPrivateCredentials(KerberosTicket.class);
    for (KerberosTicket t : tickets) {
        if (isOriginalTGT(t.getServer().getName()))
            return t;
    }
    throw new IOException("Failed to find TGT from current Subject:" + current);
}

From source file:org.apache.hadoop.security.UserGroupInformation.java

/**
 * Get the Kerberos TGT/*from w ww.j av  a2s .c  o  m*/
 * @return the user's TGT or null if none was found
 */
private synchronized KerberosTicket getTGT() {
    Set<KerberosTicket> tickets = subject.getPrivateCredentials(KerberosTicket.class);
    for (KerberosTicket ticket : tickets) {
        KerberosPrincipal server = ticket.getServer();
        if (server.getName().equals("krbtgt/" + server.getRealm() + "@" + server.getRealm())) {
            if (LOG.isDebugEnabled()) {
                LOG.debug("Found tgt " + ticket);
            }
            return ticket;
        }
    }
    return null;
}

From source file:org.apache.nifi.security.krb.AbstractKerberosUser.java

/**
 * Get the Kerberos TGT./*from   w w w. ja  v a 2  s. c  o m*/
 *
 * @return the user's TGT or null if none was found
 */
private synchronized KerberosTicket getTGT() {
    final Set<KerberosTicket> tickets = subject.getPrivateCredentials(KerberosTicket.class);

    for (KerberosTicket ticket : tickets) {
        if (isTGSPrincipal(ticket.getServer())) {
            return ticket;
        }
    }

    return null;
}

From source file:uk.ac.ox.webauth.WebauthGetTokensRequest.java

/**
 * Simple test method that tries to post the request to the WebKDC and parse
 * the response message./*from   w  w  w. ja  v  a  2s  .  c  om*/
 * @param   args    First principal and then the keytab to load a key from,
 *          then the service to generate the KRB_AP_REQ message for,
 *          then the url to post the request to.
 * @throws  Exception   when something goes wrong.
 */
public static void main(String[] args) throws Exception {
    // get some keys to decrypt with
    long start = System.currentTimeMillis();
    KeytabKeyLoader kkl = new KeytabKeyLoader(args[0], args[1], false);
    Subject sub = kkl.acquire();
    long stop = System.currentTimeMillis();
    System.out.println("Grabbing private key took " + (stop - start) + " milliseconds.");

    // grab the service ticket
    start = System.currentTimeMillis();
    try {
        Subject.doAs(sub, new ServiceTicketGrabberHack(args[0], args[2]));
    } catch (Exception e) {
        e.printStackTrace();
    }
    KerberosTicket ticket = null;
    for (KerberosTicket t : sub.getPrivateCredentials(KerberosTicket.class)) {
        if (t.getServer().getName().startsWith(args[2])) {
            ticket = t;
        }
    }
    stop = System.currentTimeMillis();
    System.out.println("Getting the service ticket took " + (stop - start) + " milliseconds.");

    // request a webkdc token
    start = System.currentTimeMillis();
    byte[] krb_ap_req = new KrbApReq(ticket).toASN1Object().getEncoded();
    WebauthGetTokensRequest wgtr = new WebauthGetTokensRequest(args[3], krb_ap_req);
    wgtr.tokenRequest();
    stop = System.currentTimeMillis();
    System.out.println("Getting the WebKDC token took " + (stop - start) + " milliseconds.");
    System.out.println("Token data: " + wgtr.tokenData());
    System.out.println("Session key: " + wgtr.sessionKey());
    System.out.println("Expires: " + wgtr.expires());
    System.out.println("Success.");
}