Package com.kerb4j.common.util

Class SpnegoProvider

java.lang.Object

com.kerb4j.common.util.SpnegoProvider

public final class SpnegoProvider
extends Object

This is a Utility Class that can be used for finer grained control over message integrity, confidentiality and mutual authentication.

This Class is exposed for developers who want to implement a custom HTTP client.

For more example usage, see the documentation at http://spnego.sourceforge.net

Author:

Darwin V. Felix

Field Summary

Fields

Modifier and Type	Field	Description
static final GSSManager	GSS_MANAGER	Factory for GSS-API mechanism.
static final String	KERBEROS_MECHANISM
static final Oid	KERBEROS_V5_OID	GSS-API mechanism "1.2.840.113554.1.2.2".
static final String	LEGACY_KERBEROS_MECHANISM
static final String	SPNEGO_MECHANISM
static final Oid	SPNEGO_OID	GSS-API mechanism "1.3.6.1.5.5.2".
static final Oid[]	SUPPORTED_OIDS	Note: The MIT Kerberos V5 mechanism OID is added for compatibility with Chromium-based browsers on POSIX OSes.

Method Summary

Modifier and Type	Method	Description
static GSSName	createGSSNameForSPN(String spn)	Returns the GSSName constructed out of the passed-in SPN
static SpnegoAuthScheme	getAuthScheme(String header)	Returns the SpnegoAuthScheme or null if header is missing.
static GSSName	getServerName(URL url)	Returns the GSSName constructed out of the passed-in URL object.
static CallbackHandler	getUsernameAndPasswordHandler(String username, String password)	Used by the BASIC Auth mechanism for establishing a LoginContext to authenticate a client/caller/request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

GSS_MANAGER

public static final GSSManager GSS_MANAGER

Factory for GSS-API mechanism.

SPNEGO_MECHANISM

public static final String SPNEGO_MECHANISM

See Also:

• Constant Field Values

KERBEROS_MECHANISM

public static final String KERBEROS_MECHANISM

See Also:

• Constant Field Values

LEGACY_KERBEROS_MECHANISM

public static final String LEGACY_KERBEROS_MECHANISM

See Also:

• Constant Field Values

SPNEGO_OID

public static final Oid SPNEGO_OID

GSS-API mechanism "1.3.6.1.5.5.2".

KERBEROS_V5_OID

public static final Oid KERBEROS_V5_OID

GSS-API mechanism "1.2.840.113554.1.2.2".

SUPPORTED_OIDS

public static final Oid[] SUPPORTED_OIDS

Note: The MIT Kerberos V5 mechanism OID is added for compatibility with Chromium-based browsers on POSIX OSes. On these OSes, Chromium erroneously responds to an SPNEGO request with a GSS-API MIT Kerberos V5 mechanism answer (instead of a MIT Kerberos V5 token inside an SPNEGO mechanism answer).

Method Details

getAuthScheme

public static SpnegoAuthScheme getAuthScheme(String header)

Returns the SpnegoAuthScheme or null if header is missing.

Throws UnsupportedOperationException if header is NOT Negotiate or Basic.

Parameters:

header - ex. Negotiate or Basic

Returns:

null if header missing/null else the auth scheme

createGSSNameForSPN

public static GSSName createGSSNameForSPN(String spn)
                                   throws GSSException

Returns the GSSName constructed out of the passed-in SPN

Parameters:

spn -

Returns:

GSSName of URL.

Throws:

GSSException

getServerName

public static GSSName getServerName(URL url)
                             throws GSSException

Returns the GSSName constructed out of the passed-in URL object.

Parameters:

url - HTTP address of server

Returns:

GSSName of URL.

Throws:

GSSException

getUsernameAndPasswordHandler

public static CallbackHandler getUsernameAndPasswordHandler(String username,
 String password)

Used by the BASIC Auth mechanism for establishing a LoginContext to authenticate a client/caller/request.

Parameters:

username - client username

password - client password

Returns:

CallbackHandler to be used for establishing a LoginContext