Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   * Copyright 2009-2015 the original author or authors.
   *
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *
   *      http://www.apache.org/licenses/LICENSE-2.0
   *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.springframework.security.kerberos.authentication;
 
 
 

Holds the Kerberos/SPNEGO token for requesting a kerberized service and is also the output of KerberosServiceAuthenticationProvider.

Will mostly be created in SpnegoAuthenticationProcessingFilter and authenticated in KerberosServiceAuthenticationProvider.

This token cannot be re-authenticated, as you will get a Kerberos Reply error.

Author(s):
Mike Wiesner
Jeremy Stone
Since:
1.0
See also:
KerberosServiceAuthenticationProvider
 
 
 	private static final long serialVersionUID = 395488921064775014L;
 
 	private final byte[] token;
 
 	private final Object principal;
 
 	private final transient KerberosTicketValidation ticketValidation;

Creates an authenticated token, normally used as an output of an authentication provider.

Parameters:
principal the user principal (mostly of instance UserDetails)
ticketValidation result of ticket validation
authorities the authorities which are granted to the user
token the Kerberos/SPNEGO token
See also:
org.springframework.security.core.userdetails.UserDetails
 
 	public KerberosServiceRequestToken(Object principalKerberosTicketValidation ticketValidation,
 			Collection<? extends GrantedAuthorityauthoritiesbyte[] token) {
 		super(authorities);
 		this. = token;
 		this. = principal;
 		this. = ticketValidation;
 		super.setAuthenticated(true);
 	}

Creates an unauthenticated instance which should then be authenticated by KerberosServiceAuthenticationProvider.

Parameters:
token Kerberos/SPNEGO token
See also:
KerberosServiceAuthenticationProvider
 
 	public KerberosServiceRequestToken(byte[] token) {
 		super(null);
 		this. = token;
 		this. = null;
 		this. = null;
 	}

Calculates hashcode based on the Kerberos token
 
 	public int hashCode() {
 		final int prime = 31;
 		int result = super.hashCode();
 		result = prime * result + Arrays.hashCode();
 		return result;
 	}

equals() is based only on the Kerberos token
	public boolean equals(Object obj) {
		if (this == obj)
			return true;
		if (!super.equals(obj))
			return false;
		if (getClass() != obj.getClass())
			return false;
		if (!Arrays.equals(other.token))
			return false;
		return true;
	}
	public Object getCredentials() {
		return null;
	}
	public Object getPrincipal() {
		return this.;
	}

Returns the Kerberos token

Returns:
the token data
	public byte[] getToken() {
		return this.;
	}

Gets the ticket validation

Returns:
the ticket validation (which will be null if the token is unauthenticated)
	}

Determines whether an authenticated token has a response token

Returns:
whether a response token is available
	public boolean hasResponseToken() {
		return  != null && .responseToken() != null;
	}

Gets the (Base64) encoded response token assuming one is available.

Returns:
encoded response token
			throw new IllegalStateException("Unauthenticated or no response token");
		try {
			return new String(Base64.encode(.responseToken()), "UTF-8");
			throw new IllegalStateException("Unable to encode response token"e);
		}
	}

Unwraps an encrypted message using the gss context

Parameters:
data the data
offset data offset
length data length
Returns:
the decrypted message
Throws:
java.security.PrivilegedActionException if jaas throws and error
	public byte[] decrypt(final byte[] datafinal int offsetfinal int lengththrows PrivilegedActionException {
		return Subject.doAs(getTicketValidation().subject(), new PrivilegedExceptionAction<byte[]>() {
			public byte[] run() throws Exception {
				return context.unwrap(dataoffsetlengthnew MessageProp(true));
			}
		});
	}

Unwraps an encrypted message using the gss context

Parameters:
data the data
Returns:
the decrypted message
Throws:
java.security.PrivilegedActionException if jaas throws and error
	public byte[] decrypt(final byte[] datathrows PrivilegedActionException {
		return decrypt(data, 0, data.length);
	}

Wraps an message using the gss context

Parameters:
data the data
offset data offset
length data length
Returns:
the encrypted message
Throws:
java.security.PrivilegedActionException if jaas throws and error
	public byte[] encrypt(final byte[] datafinal int offsetfinal int lengththrows PrivilegedActionException {
		return Subject.doAs(getTicketValidation().subject(), new PrivilegedExceptionAction<byte[]>() {
			public byte[] run() throws Exception {
				return context.wrap(dataoffsetlengthnew MessageProp(true));
			}
		});
	}

Wraps an message using the gss context

Parameters:
data the data
Returns:
the encrypted message
Throws:
java.security.PrivilegedActionException if jaas throws and error
	public byte[] encrypt(final byte[] datathrows PrivilegedActionException {
		return encrypt(data, 0, data.length);
	}
New to GrepCode? Check out our FAQ X