|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectnet.sourceforge.spnego.SpnegoProvider
public final class SpnegoProvider
This is a Utility Class that can be used for finer grained control over message integrity, confidentiality and mutual authentication.
This Class is exposed for developers who want to implement a custom HTTP client.
Take a look at the SpnegoHttpURLConnection
class and the
SpnegoHttpFilter
class before attempting to implement your
own HTTP client.
For more example usage, see the documentation at http://spnego.sourceforge.net
Field Summary | |
---|---|
(package private) static Logger |
LOGGER
Default LOGGER. |
(package private) static GSSManager |
MANAGER
Factory for GSS-API mechanism. |
(package private) static Oid |
SPNEGO_OID
GSS-API mechanism "1.3.6.1.5.5.2". |
Constructor Summary | |
---|---|
private |
SpnegoProvider()
|
Method Summary | |
---|---|
static SpnegoAuthScheme |
getAuthScheme(String header)
Returns the SpnegoAuthScheme or null if header is missing. |
static GSSCredential |
getClientCredential(Subject subject)
Returns the GSS-API interface for creating a security context. |
static GSSContext |
getGSSContext(GSSCredential creds,
URL url)
Returns a GSSContext to be used by custom clients to set data integrity requirements, confidentiality and if mutual authentication is required. |
private static Oid |
getOid()
Returns the Universal Object Identifier representation of the SPNEGO mechanism. |
(package private) static GSSCredential |
getServerCredential(Subject subject)
Returns the GSSCredential the server uses for pre-authentication. |
(package private) static GSSName |
getServerName(URL url)
Returns the GSSName constructed out of the passed-in
URL object. |
static CallbackHandler |
getUsernamePasswordHandler(String username,
String password)
Used by the BASIC Auth mechanism for establishing a LoginContext to authenticate a client/caller/request. |
(package private) static SpnegoAuthScheme |
negotiate(javax.servlet.http.HttpServletRequest req,
SpnegoHttpServletResponse resp,
boolean basicSupported,
boolean promptIfNtlm,
String realm)
Returns the SpnegoAuthScheme mechanism used to authenticate
the request. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
static final Logger LOGGER
static final GSSManager MANAGER
static final Oid SPNEGO_OID
Constructor Detail |
---|
private SpnegoProvider()
Method Detail |
---|
static SpnegoAuthScheme negotiate(javax.servlet.http.HttpServletRequest req, SpnegoHttpServletResponse resp, boolean basicSupported, boolean promptIfNtlm, String realm) throws IOException
SpnegoAuthScheme
mechanism used to authenticate
the request.
This method may return null in which case you must check the HTTP
Status Code to determine if additional processing is required.
For example, if req. did not contain the SpnegoConstants.AUTHZ_HEADER,
the HTTP Status Code SC_UNAUTHORIZED will be set and the client must
send authentication information on the next request.
req
- servlet requestresp
- servlet responsebasicSupported
- pass true to offer/allow BASIC AuthenticationpromptIfNtlm
- pass true ntlm request should be downgradedrealm
- should be the realm the server used to pre-authenticate
IOException
public static GSSCredential getClientCredential(Subject subject) throws PrivilegedActionException
subject
- the person to be authenticated
PrivilegedActionException
public static GSSContext getGSSContext(GSSCredential creds, URL url) throws GSSException
creds
- credentials of the person to be authenticatedurl
- HTTP address of server (used for constructing a GSSName
).
GSSException
PrivilegedActionException
public static SpnegoAuthScheme getAuthScheme(String header)
SpnegoAuthScheme
or null if header is missing.
Throws UnsupportedOperationException if header is NOT Negotiate or Basic.
header
- ex. Negotiate or Basic
private static Oid getOid()
static GSSCredential getServerCredential(Subject subject) throws PrivilegedActionException
GSSCredential
the server uses for pre-authentication.
subject
- account server uses for pre-authentication
PrivilegedActionException
static GSSName getServerName(URL url) throws GSSException
GSSName
constructed out of the passed-in
URL object.
url
- HTTP address of server
GSSException
public static CallbackHandler getUsernamePasswordHandler(String username, String password)
username
- client usernamepassword
- client password
|
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |