1 /* |
1 /* |
2 * Copyright 2003-2007 Sun Microsystems, Inc. All Rights Reserved. |
2 * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Sun designates this |
7 * published by the Free Software Foundation. Sun designates this |
32 import java.security.PrivilegedExceptionAction; |
32 import java.security.PrivilegedExceptionAction; |
33 import java.security.PrivilegedActionException; |
33 import java.security.PrivilegedActionException; |
34 import java.security.SecureRandom; |
34 import java.security.SecureRandom; |
35 import java.net.InetAddress; |
35 import java.net.InetAddress; |
36 |
36 |
37 import javax.net.ssl.SSLException; |
|
38 import javax.security.auth.kerberos.KerberosTicket; |
37 import javax.security.auth.kerberos.KerberosTicket; |
39 import javax.security.auth.kerberos.KerberosKey; |
38 import javax.security.auth.kerberos.KerberosKey; |
40 import javax.security.auth.kerberos.KerberosPrincipal; |
39 import javax.security.auth.kerberos.KerberosPrincipal; |
41 import javax.security.auth.kerberos.ServicePermission; |
40 import javax.security.auth.kerberos.ServicePermission; |
42 import sun.security.jgss.GSSUtil; |
41 import sun.security.jgss.GSSCaller; |
43 |
42 |
44 import sun.security.krb5.Config; |
|
45 import sun.security.krb5.EncryptionKey; |
43 import sun.security.krb5.EncryptionKey; |
46 import sun.security.krb5.EncryptedData; |
44 import sun.security.krb5.EncryptedData; |
47 import sun.security.krb5.PrincipalName; |
45 import sun.security.krb5.PrincipalName; |
48 import sun.security.krb5.Realm; |
46 import sun.security.krb5.Realm; |
49 import sun.security.krb5.KrbException; |
|
50 import sun.security.krb5.internal.Ticket; |
47 import sun.security.krb5.internal.Ticket; |
51 import sun.security.krb5.internal.EncTicketPart; |
48 import sun.security.krb5.internal.EncTicketPart; |
52 import sun.security.krb5.internal.crypto.KeyUsage; |
49 import sun.security.krb5.internal.crypto.KeyUsage; |
53 |
50 |
54 import sun.security.jgss.krb5.Krb5Util; |
51 import sun.security.jgss.krb5.Krb5Util; |
308 try { |
305 try { |
309 KerberosTicket ticket = AccessController.doPrivileged( |
306 KerberosTicket ticket = AccessController.doPrivileged( |
310 new PrivilegedExceptionAction<KerberosTicket>() { |
307 new PrivilegedExceptionAction<KerberosTicket>() { |
311 public KerberosTicket run() throws Exception { |
308 public KerberosTicket run() throws Exception { |
312 return Krb5Util.getTicketFromSubjectAndTgs( |
309 return Krb5Util.getTicketFromSubjectAndTgs( |
313 GSSUtil.CALLER_SSL_CLIENT, |
310 GSSCaller.CALLER_SSL_CLIENT, |
314 clientPrincipal, serverPrincipal, |
311 clientPrincipal, serverPrincipal, |
315 tgsPrincipal, acc); |
312 tgsPrincipal, acc); |
316 }}); |
313 }}); |
317 |
314 |
318 if (ticket == null) { |
315 if (ticket == null) { |