Package org.apache.wss4j.dom.message.token

Class KerberosSecurity

java.lang.Object
org.apache.wss4j.common.token.BinarySecurity
org.apache.wss4j.dom.message.token.KerberosSecurity
public class KerberosSecurity extends org.apache.wss4j.common.token.BinarySecurity
Kerberos Security Token.

  • Field Summary

    Fields inherited from class org.apache.wss4j.common.token.BinarySecurity

    TOKEN_BST, TOKEN_KI

  • Constructor Summary

    Constructors
    Constructor
    Description
    KerberosSecurity(Document doc)
    This constructor creates a new Kerberos element.
    KerberosSecurity(Element elem, org.apache.wss4j.common.bsp.BSPEnforcer bspEnforcer)
    This constructor creates a new Kerberos token object and initializes it from the data contained in the element.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    decorateSubject(Subject subject)
     
    boolean
    equals(Object object)
     
    SecretKey
    getSecretKey()
    Get the SecretKey associated with the service principal
    int
    hashCode()
     
    boolean
    isGssV5ApReq()
    Return true if this token is a Kerberos GSS V5 AP REQ token
    static boolean
    isKerberosToken(String valueType)
    Return true if the valueType represents a Kerberos Token
    boolean
    isV5ApReq()
    Return true if this token is a Kerberos V5 AP REQ token
    void
    retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName)
    Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
    void
    retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm)
     
    void
    retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg)
     
    void
    retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential)
     
    void
    retrieveServiceTicket(CallbackHandler callbackHandler)
    Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.

    Methods inherited from class org.apache.wss4j.common.token.BinarySecurity

    addWSSENamespace, addWSUNamespace, encodeRawToken, getAttachmentCallbackHandler, getElement, getEncodingType, getID, getToken, getValueType, isStoreBytesInAttachment, setAttachmentCallbackHandler, setEncodingType, setID, setRawToken, setStoreBytesInAttachment, setToken, setValueType, toString

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • KerberosSecurity

      public KerberosSecurity(Element elem, org.apache.wss4j.common.bsp.BSPEnforcer bspEnforcer) throws org.apache.wss4j.common.ext.WSSecurityException
      This constructor creates a new Kerberos token object and initializes it from the data contained in the element.
      Parameters:
      elem - the element containing the Kerberos token data
      bspEnforcer - a BSPEnforcer instance to enforce BSP rules
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • KerberosSecurity

      public KerberosSecurity(Document doc)
      This constructor creates a new Kerberos element.
      Parameters:
      doc -

  • Method Details

    • isV5ApReq

      public boolean isV5ApReq()
      Return true if this token is a Kerberos V5 AP REQ token

    • isGssV5ApReq

      public boolean isGssV5ApReq()
      Return true if this token is a Kerberos GSS V5 AP REQ token

    • retrieveServiceTicket

      public void retrieveServiceTicket(CallbackHandler callbackHandler) throws org.apache.wss4j.common.ext.WSSecurityException
      Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
      Parameters:
      callbackHandler - a CallbackHandler instance to retrieve a password (optional), JAAS Login Module name (required) + service name (required)
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName) throws org.apache.wss4j.common.ext.WSSecurityException
      Retrieve a service ticket from a KDC using the Kerberos JAAS module, and set it in this BinarySecurityToken.
      Parameters:
      jaasLoginModuleName - the JAAS Login Module name to use
      callbackHandler - a CallbackHandler instance to retrieve a password (optional)
      serviceName - the desired Kerberized service
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm) throws org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg) throws org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • retrieveServiceTicket

      public void retrieveServiceTicket(String jaasLoginModuleName, CallbackHandler callbackHandler, String serviceName, boolean isUsernameServiceNameForm, boolean requestCredDeleg, GSSCredential delegatedCredential) throws org.apache.wss4j.common.ext.WSSecurityException
      Throws:
      org.apache.wss4j.common.ext.WSSecurityException

    • decorateSubject

      protected void decorateSubject(Subject subject)

    • getSecretKey

      public SecretKey getSecretKey()
      Get the SecretKey associated with the service principal
      Returns:
      the SecretKey associated with the service principal

    • isKerberosToken

      public static boolean isKerberosToken(String valueType)
      Return true if the valueType represents a Kerberos Token
      Parameters:
      valueType - the valueType of the token
      Returns:
      true if the valueType represents a Kerberos Token

    • equals

      public boolean equals(Object object)
      Overrides:
      equals in class org.apache.wss4j.common.token.BinarySecurity

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class org.apache.wss4j.common.token.BinarySecurity