keycloak
クラス | 公開メンバ関数 | 静的公開メンバ関数 | 全メンバ一覧
org.keycloak.common.util.KerberosJdkProvider クラスabstract
org.keycloak.common.util.KerberosJdkProvider の継承関係図
Inheritance graph
org.keycloak.common.util.KerberosJdkProvider 連携図
Collaboration graph

クラス

class  IBMJDKProvider
 
class  SunJDKProvider
 

公開メンバ関数

abstract Configuration createJaasConfigurationForServer (String keytab, String serverPrincipal, boolean debug)
 
abstract Configuration createJaasConfigurationForUsernamePasswordLogin (boolean debug)
 
abstract KerberosTicket gssCredentialToKerberosTicket (KerberosTicket kerberosTicket, GSSCredential gssCredential)
 
GSSCredential kerberosTicketToGSSCredential (KerberosTicket kerberosTicket)
 
GSSCredential kerberosTicketToGSSCredential (KerberosTicket kerberosTicket, final int lifetime, final int usage)
 

静的公開メンバ関数

static KerberosJdkProvider getProvider ()
 

詳解

Provides abstraction to handle differences between various JDK vendors (Sun, IBM)

著者
Marek Posolda

関数詳解

◆ createJaasConfigurationForServer()

abstract Configuration org.keycloak.common.util.KerberosJdkProvider.createJaasConfigurationForServer ( String  keytab,
String  serverPrincipal,
boolean  debug 
)
abstract

◆ createJaasConfigurationForUsernamePasswordLogin()

abstract Configuration org.keycloak.common.util.KerberosJdkProvider.createJaasConfigurationForUsernamePasswordLogin ( boolean  debug)
abstract

◆ getProvider()

static KerberosJdkProvider org.keycloak.common.util.KerberosJdkProvider.getProvider ( )
inlinestatic
86  {
87  if (Environment.IS_IBM_JAVA) {
88  return new IBMJDKProvider();
89  } else {
90  return new SunJDKProvider();
91  }
92  }

◆ gssCredentialToKerberosTicket()

abstract KerberosTicket org.keycloak.common.util.KerberosJdkProvider.gssCredentialToKerberosTicket ( KerberosTicket  kerberosTicket,
GSSCredential  gssCredential 
)
abstract

◆ kerberosTicketToGSSCredential() [1/2]

GSSCredential org.keycloak.common.util.KerberosJdkProvider.kerberosTicketToGSSCredential ( KerberosTicket  kerberosTicket)
inline
54  {
55  return kerberosTicketToGSSCredential(kerberosTicket, GSSCredential.DEFAULT_LIFETIME, GSSCredential.INITIATE_ONLY);
56  }
org.keycloak.common.util.KerberosJdkProvider.kerberosTicketToGSSCredential
GSSCredential kerberosTicketToGSSCredential(KerberosTicket kerberosTicket)
Definition: KerberosJdkProvider.java:54

◆ kerberosTicketToGSSCredential() [2/2]

GSSCredential org.keycloak.common.util.KerberosJdkProvider.kerberosTicketToGSSCredential ( KerberosTicket  kerberosTicket,
final int  lifetime,
final int  usage 
)
inline
59  {
60  try {
61  final GSSManager gssManager = GSSManager.getInstance();
62 
63  KerberosPrincipal kerberosPrincipal = kerberosTicket.getClient();
64  String krbPrincipalName = kerberosTicket.getClient().getName();
65  final GSSName gssName = gssManager.createName(krbPrincipalName, KerberosConstants.KRB5_NAME_OID);
66 
67  Set<KerberosPrincipal> principals = Collections.singleton(kerberosPrincipal);
68  Set<GSSName> publicCreds = Collections.singleton(gssName);
69  Set<KerberosTicket> privateCreds = Collections.singleton(kerberosTicket);
70  Subject subject = new Subject(false, principals, publicCreds, privateCreds);
71 
72  return Subject.doAs(subject, new PrivilegedExceptionAction<GSSCredential>() {
73 
74  @Override
75  public GSSCredential run() throws Exception {
76  return gssManager.createCredential(gssName, lifetime, KerberosConstants.KRB5_OID, usage);
77  }
78 
79  });
80  } catch (Exception e) {
81  throw new KerberosSerializationUtils.KerberosSerializationException("Unexpected exception during convert KerberosTicket to GSSCredential", e);
82  }
83  }
このクラス詳解は次のファイルから抽出されました:
2018年10月29日(月) 00時34分27秒作成 - keycloak / 構成:   doxygen 1.8.13