com.kerb4j.client

Class SpnegoClient

java.lang.Object

com.kerb4j.client.SpnegoClient

public final class SpnegoClient
extends Object

This Class may be used by custom clients as a convenience when connecting to a protected HTTP server.

A krb5.conf is required when using this class. Take a look at the spnego.sourceforge.net documentation for an example krb5.conf file. Also, you must provide a keytab file, or a username and password, or allowtgtsessionkey.

To see a working example and instructions on how to use a keytab, take a look at the creating a client keytab example.

Author:

Darwin V. Felix

Method Summary

Modifier and Type	Method and Description
SpnegoContext	createAcceptContext()
String	createAuthroizationHeader(URL url)
String	createAuthroizationHeaderForSPN(String spn)
SpnegoContext	createContext(URL url)
SpnegoContext	createContextForSPN(String spn)
KerberosKey[]	getKerberosKeys()
Subject	getSubject()
static SpnegoClient	loginWithContext(LoginContext loginContext)
static SpnegoClient	loginWithContextSupplier(Callable<LoginContext> loginContextSupplier)
static SpnegoClient	loginWithKeyTab(String principal, String keyTabLocation) Creates an instance where authentication is done using keytab file
static SpnegoClient	loginWithKeyTab(String principal, String keyTabLocation, boolean acceptOnly) Creates an instance where authentication is done using keytab file Allows customizing underlying isInitiator parameter by using acceptOnly parameter - see description below
static SpnegoClient	loginWithTicketCache(String principal) Creates an instance where authentication is done using ticket cache
static SpnegoClient	loginWithUsernamePassword(String username, String password) Creates an instance where authentication is done using username and password
static SpnegoClient	loginWithUsernamePassword(String username, String password, boolean useCache) Creates an instance where authentication is done using username and password
static void	resetCache()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

resetCache

public static void resetCache()

loginWithUsernamePassword

public static SpnegoClient loginWithUsernamePassword(String username,
                                                     String password)

Creates an instance where authentication is done using username and password

Parameters:

username - username

password - password

loginWithUsernamePassword

public static SpnegoClient loginWithUsernamePassword(String username,
                                                     String password,
                                                     boolean useCache)

Creates an instance where authentication is done using username and password

Parameters:

username - username

password - password

loginWithKeyTab

public static SpnegoClient loginWithKeyTab(String principal,
                                           String keyTabLocation)

Creates an instance where authentication is done using keytab file

Parameters:

principal - principal

keyTabLocation - keyTabLocation

loginWithKeyTab

public static SpnegoClient loginWithKeyTab(String principal,
                                           String keyTabLocation,
                                           boolean acceptOnly)

Creates an instance where authentication is done using keytab file Allows customizing underlying isInitiator parameter by using acceptOnly parameter - see description below

Parameters:

principal - principal

keyTabLocation - keyTabLocation

acceptOnly - when set to true, SpnegoClient will work offline and ONLY for accepting new tokens. As a result it doesn't require connection to Kerberos server but cannot request new tokens for other services

Since:

0.1.3

loginWithTicketCache

public static SpnegoClient loginWithTicketCache(String principal)

Creates an instance where authentication is done using ticket cache

Parameters:

principal - principal

loginWithContext

public static SpnegoClient loginWithContext(LoginContext loginContext)
                                     throws LoginException

Throws:

LoginException

loginWithContextSupplier

public static SpnegoClient loginWithContextSupplier(Callable<LoginContext> loginContextSupplier)
                                             throws LoginException

Throws:

LoginException

getSubject

public Subject getSubject()

getKerberosKeys

public KerberosKey[] getKerberosKeys()

createContext

public SpnegoContext createContext(URL url)
                            throws PrivilegedActionException,
                                   GSSException

Throws:

PrivilegedActionException

GSSException

createContextForSPN

public SpnegoContext createContextForSPN(String spn)
                                  throws PrivilegedActionException,
                                         GSSException,
                                         MalformedURLException

Throws:

PrivilegedActionException

GSSException

MalformedURLException

createAuthroizationHeader

public String createAuthroizationHeader(URL url)
                                 throws PrivilegedActionException,
                                        GSSException,
                                        IOException

Throws:

PrivilegedActionException

GSSException

IOException

createAuthroizationHeaderForSPN

public String createAuthroizationHeaderForSPN(String spn)
                                       throws PrivilegedActionException,
                                              GSSException,
                                              IOException

Throws:

PrivilegedActionException

GSSException

IOException

createAcceptContext

public SpnegoContext createAcceptContext()
                                  throws PrivilegedActionException

Throws:

PrivilegedActionException