Class KerberosSecurity
- java.lang.Object
-
- org.apache.wss4j.common.token.BinarySecurity
-
- org.apache.wss4j.dom.message.token.KerberosSecurity
-
public class KerberosSecurity extends BinarySecurity
Kerberos Security Token.
-
-
Field Summary
-
Fields inherited from class org.apache.wss4j.common.token.BinarySecurity
TOKEN_BST, TOKEN_KI
-
-
Constructor Summary
Constructors Constructor Description KerberosSecurity(Document doc)
This constructor creates a new Kerberos element.KerberosSecurity(Element elem, BSPEnforcer bspEnforcer)
This constructor creates a new Kerberos token object and initializes it from the data contained in the element.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
decorateSubject(Subject subject)
boolean
equals(Object object)
SecretKey
getSecretKey()
Get the SecretKey associated with the service principalint
hashCode()
boolean
isGssV5ApReq()
Return true if this token is a Kerberos GSS V5 AP REQ tokenstatic boolean
isKerberosToken(String valueType)
Return true if the valueType represents a Kerberos Tokenboolean
isV5ApReq()
Return true if this token is a Kerberos V5 AP REQ tokenvoid
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg)
void
retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential)
void
retrieveServiceTicket(CallbackHandler callbackHandler)
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.-
Methods inherited from class org.apache.wss4j.common.token.BinarySecurity
addWSSENamespace, addWSUNamespace, encodeRawToken, getAttachmentCallbackHandler, getElement, getEncodingType, getID, getToken, getValueType, isStoreBytesInAttachment, setAttachmentCallbackHandler, setEncodingType, setID, setRawToken, setStoreBytesInAttachment, setToken, setValueType, toString
-
-
-
-
Constructor Detail
-
KerberosSecurity
public KerberosSecurity(Element elem, BSPEnforcer bspEnforcer) throws WSSecurityException
This constructor creates a new Kerberos token object and initializes it from the data contained in the element.- Parameters:
elem
- the element containing the Kerberos token databspEnforcer
- a BSPEnforcer instance to enforce BSP rules- Throws:
WSSecurityException
-
KerberosSecurity
public KerberosSecurity(Document doc)
This constructor creates a new Kerberos element.- Parameters:
doc
-
-
-
Method Detail
-
isV5ApReq
public boolean isV5ApReq()
Return true if this token is a Kerberos V5 AP REQ token
-
isGssV5ApReq
public boolean isGssV5ApReq()
Return true if this token is a Kerberos GSS V5 AP REQ token
-
retrieveServiceTicket
public void retrieveServiceTicket(CallbackHandler callbackHandler) throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.- Parameters:
callbackHandler
- a CallbackHandler instance to retrieve a password (optional), JAAS Login Module name (required) + service name (required)- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) throws WSSecurityException
Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.- Parameters:
jaasLoginModuleName
- the JAAS Login Module name to usecallbackHandler
- a CallbackHandler instance to retrieve a password (optional)serviceName
- the desired Kerberized service- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) throws WSSecurityException
- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg) throws WSSecurityException
- Throws:
WSSecurityException
-
retrieveServiceTicket
public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential) throws WSSecurityException
- Throws:
WSSecurityException
-
decorateSubject
protected void decorateSubject(Subject subject)
-
getSecretKey
public SecretKey getSecretKey()
Get the SecretKey associated with the service principal- Returns:
- the SecretKey associated with the service principal
-
isKerberosToken
public static boolean isKerberosToken(String valueType)
Return true if the valueType represents a Kerberos Token- Parameters:
valueType
- the valueType of the token- Returns:
- true if the valueType represents a Kerberos Token
-
equals
public boolean equals(Object object)
- Overrides:
equals
in classBinarySecurity
-
hashCode
public int hashCode()
- Overrides:
hashCode
in classBinarySecurity
-
-