Package com.kerb4j.client
Class SpnegoClient
java.lang.Object
com.kerb4j.client.SpnegoClient
This Class may be used by custom clients as a convenience when connecting
to a protected HTTP server.
A krb5.conf is required when using this class. Take a look at the spnego.sourceforge.net documentation for an example krb5.conf file. Also, you must provide a keytab file, or a username and password, or allowtgtsessionkey.
To see a working example and instructions on how to use a keytab, take a look at the creating a client keytab example.
- Author:
- Darwin V. Felix
-
Method Summary
Modifier and TypeMethodDescriptioncreateContext(URL url) static SpnegoClientloginWithContext(LoginContext loginContext) static SpnegoClientloginWithContextSupplier(Callable<LoginContext> loginContextSupplier) static SpnegoClientloginWithKeyTab(String principal, String keyTabLocation) Creates an instance where authentication is done using keytab filestatic SpnegoClientloginWithKeyTab(String principal, String keyTabLocation, boolean acceptOnly) Creates an instance where authentication is done using keytab file Allows customizing underlying isInitiator parameter by using acceptOnly parameter - see description belowstatic SpnegoClientloginWithTicketCache(String principal) Creates an instance where authentication is done using ticket cachestatic SpnegoClientloginWithUsernamePassword(String username, String password) Creates an instance where authentication is done using username and passwordstatic SpnegoClientloginWithUsernamePassword(String username, String password, boolean useCache) Creates an instance where authentication is done using username and passwordstatic void
-
Method Details
-
resetCache
public static void resetCache() -
loginWithUsernamePassword
Creates an instance where authentication is done using username and password- Parameters:
username- usernamepassword- password
-
loginWithUsernamePassword
public static SpnegoClient loginWithUsernamePassword(String username, String password, boolean useCache) Creates an instance where authentication is done using username and password- Parameters:
username- usernamepassword- password
-
loginWithKeyTab
Creates an instance where authentication is done using keytab file- Parameters:
principal- principalkeyTabLocation- keyTabLocation
-
loginWithKeyTab
public static SpnegoClient loginWithKeyTab(String principal, String keyTabLocation, boolean acceptOnly) Creates an instance where authentication is done using keytab file Allows customizing underlying isInitiator parameter by using acceptOnly parameter - see description below- Parameters:
principal- principalkeyTabLocation- keyTabLocationacceptOnly- when set to true, SpnegoClient will work offline and ONLY for accepting new tokens. As a result it doesn't require connection to Kerberos server but cannot request new tokens for other services- Since:
- 0.1.3
-
loginWithTicketCache
Creates an instance where authentication is done using ticket cache- Parameters:
principal- principal
-
loginWithContext
-
loginWithContextSupplier
-
getSubject
-
getKerberosKeys
-
createContext
-
createContextForSPN
public SpnegoContext createContextForSPN(String spn) throws PrivilegedActionException, GSSException, MalformedURLException -
createAuthroizationHeader
public String createAuthroizationHeader(URL url) throws PrivilegedActionException, GSSException, IOException -
createAuthroizationHeaderForSPN
public String createAuthroizationHeaderForSPN(String spn) throws PrivilegedActionException, GSSException, IOException -
createAcceptContext
- Throws:
PrivilegedActionException
-