public class SpnegoTokenHelper
extends java.lang.Object
| Constructor and Description |
|---|
SpnegoTokenHelper() |
| Modifier and Type | Method and Description |
|---|---|
static java.lang.String |
buildSpnegoAuthorizationFromCallerSubject(java.lang.String spn,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using a Kerberos credential within the current caller Java Subject.
|
static java.lang.String |
buildSpnegoAuthorizationFromNativeCreds(java.lang.String spn,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using the Native Kerberos credentials of the Operating System
account that the Java process is running as.
|
static java.lang.String |
buildSpnegoAuthorizationFromSubject(java.lang.String spn,
javax.security.auth.Subject subject,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using a Kerberos credential within the supplied Java Subject.
|
static java.lang.String |
buildSpnegoAuthorizationFromUpn(java.lang.String spn,
java.lang.String upn,
java.lang.String jaasLoginContextEntry,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using a key for a UserPrincipalName from the Kerberos cache
or from a key in the Kerberos keytab file used by the process.
|
static java.lang.String |
buildSpnegoAuthorizationFromUseridPassword(java.lang.String spn,
java.lang.String userid,
java.lang.String password,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using Kerberos credentials for a user based on userid and password
provided.
|
static java.lang.String |
buildSpnegoAuthorizationFromUseridPassword(java.lang.String spn,
java.lang.String userid,
java.lang.String password,
java.lang.String jaasLoginContextEntry,
int lifetime,
boolean delegate)
Build a SPNEGO Authorization string using Kerberos credentials for a user based on userid and password
provided.
|
public static java.lang.String buildSpnegoAuthorizationFromCallerSubject(java.lang.String spn,
int lifetime,
boolean delegate)
throws com.ibm.websphere.security.WSSecurityException,
org.ietf.jgss.GSSException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.lifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - Whether the token includes delegatable GSSCredentials.com.ibm.websphere.security.WSSecurityException - - thrown when no caller Subject exists.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, when Subject is null, when the Subject
does not contain Kerberos credentials, or when SPN is invalid.java.security.PrivilegedActionException - - unexpected - thrown when Java 2 security is misconfigured.public static java.lang.String buildSpnegoAuthorizationFromSubject(java.lang.String spn,
javax.security.auth.Subject subject,
int lifetime,
boolean delegate)
throws org.ietf.jgss.GSSException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.subject - - Subject containing Kerberos credentialslifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - whether the token includes delegatable GSSCredentials.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, when Subject is null, when the Subject
does not contain Kerberos credentials, or when SPN is invalid.java.security.PrivilegedActionException - - unexpected - thrown when Java 2 security is misconfigured.javax.security.auth.login.LoginException - - thrown when the Login fails with the supplied SPN.public static java.lang.String buildSpnegoAuthorizationFromNativeCreds(java.lang.String spn,
int lifetime,
boolean delegate)
throws org.ietf.jgss.GSSException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.lifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - Whether the token includes delegatable GSSCredential credentials.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, or when SPN is invalid.java.security.PrivilegedActionException - - unexpected - thrown when Java 2 security is misconfigured.public static java.lang.String buildSpnegoAuthorizationFromUpn(java.lang.String spn,
java.lang.String upn,
java.lang.String jaasLoginContextEntry,
int lifetime,
boolean delegate)
throws org.ietf.jgss.GSSException,
javax.security.auth.login.LoginException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.upn - - UserPrincipalName of the user for which the SPNEGO token will be generated.jaasLoginContextEntry - - JAAS login context entry to use.lifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - whether the token includes delegatable GSSCredential credentials.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, when UPN is invalid, or when SPN is invalid.javax.security.auth.login.LoginException - - thrown when the Login fails with the supplied UPN.java.security.PrivilegedActionException - - unexpected - thrown when Java 2 security is misconfigured.public static java.lang.String buildSpnegoAuthorizationFromUseridPassword(java.lang.String spn,
java.lang.String userid,
java.lang.String password,
int lifetime,
boolean delegate)
throws org.ietf.jgss.GSSException,
javax.security.auth.login.LoginException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.userid - - Userid for the Loginpassword - - Password for the Loginlifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - whether the token includes delegatable GSScredentials.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, when userid or password is null, or when SPN is invalid.javax.security.auth.login.LoginException - - thrown when the Login fails with the supplied userid and password.java.security.PrivilegedActionExceptionpublic static java.lang.String buildSpnegoAuthorizationFromUseridPassword(java.lang.String spn,
java.lang.String userid,
java.lang.String password,
java.lang.String jaasLoginContextEntry,
int lifetime,
boolean delegate)
throws org.ietf.jgss.GSSException,
javax.security.auth.login.LoginException,
java.security.PrivilegedActionException
spn - - ServicePrincipalName of system for which SPNEGO token will be targeted.userid - - Userid for the Loginpassword - - Password for the LoginjaasLoginContextEntry - - JAAS login context entry to use.lifetime - - Lifetime for the context, for example GSSCredential.INDEFINITE_LIFETIMEdelegate - - whether the token includes delegatable GSSCredentials.org.ietf.jgss.GSSException - - thrown when SPNEGO token generation fails, when userid or password is null, or when SPN is invalid.javax.security.auth.login.LoginException - - thrown when the Login fails with the supplied userid and password.java.security.PrivilegedActionException - - unexpected - thrown when Java 2 security is misconfigured.