equal
deleted
inserted
replaced
1 /* |
1 /* |
2 * Portions Copyright 2001-2004 Sun Microsystems, Inc. All Rights Reserved. |
2 * Portions Copyright 2001-2009 Sun Microsystems, Inc. All Rights Reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Sun designates this |
7 * published by the Free Software Foundation. Sun designates this |
115 return serviceCreds(sname, ccreds); |
115 return serviceCreds(sname, ccreds); |
116 } |
116 } |
117 |
117 |
118 // Get a list of realms to traverse |
118 // Get a list of realms to traverse |
119 String[] realms = Realm.getRealmsList(localRealm, serviceRealm); |
119 String[] realms = Realm.getRealmsList(localRealm, serviceRealm); |
|
120 boolean okAsDelegate = true; |
120 |
121 |
121 if (realms == null || realms.length == 0) |
122 if (realms == null || realms.length == 0) |
122 { |
123 { |
123 if (DEBUG) |
124 if (DEBUG) |
124 System.out.println(">>> Credentials acquireServiceCreds: no realms list"); |
125 System.out.println(">>> Credentials acquireServiceCreds: no realms list"); |
192 * We have a tgt. It may or may not be for the target. |
193 * We have a tgt. It may or may not be for the target. |
193 * If it's for the target realm, we're done looking for a tgt. |
194 * If it's for the target realm, we're done looking for a tgt. |
194 */ |
195 */ |
195 |
196 |
196 newTgtRealm = newTgt.getServer().getInstanceComponent(); |
197 newTgtRealm = newTgt.getServer().getInstanceComponent(); |
|
198 if (okAsDelegate && !newTgt.checkDelegate()) { |
|
199 if (DEBUG) |
|
200 { |
|
201 System.out.println(">>> Credentials acquireServiceCreds: " + |
|
202 "global OK-AS-DELEGATE turned off at " + |
|
203 newTgt.getServer()); |
|
204 } |
|
205 okAsDelegate = false; |
|
206 } |
197 |
207 |
198 if (DEBUG) |
208 if (DEBUG) |
199 { |
209 { |
200 System.out.println(">>> Credentials acquireServiceCreds: got tgt"); |
210 System.out.println(">>> Credentials acquireServiceCreds: got tgt"); |
201 //printDebug(newTgt); |
211 //printDebug(newTgt); |
280 { |
290 { |
281 if (DEBUG) |
291 if (DEBUG) |
282 { |
292 { |
283 System.out.println(">>> Credentials acquireServiceCreds: returning creds:"); |
293 System.out.println(">>> Credentials acquireServiceCreds: returning creds:"); |
284 Credentials.printDebug(theCreds); |
294 Credentials.printDebug(theCreds); |
|
295 } |
|
296 if (!okAsDelegate) { |
|
297 theCreds.resetDelegate(); |
285 } |
298 } |
286 return theCreds; |
299 return theCreds; |
287 } |
300 } |
288 throw new KrbApErrException(Krb5.KRB_AP_ERR_GEN_CRED, |
301 throw new KrbApErrException(Krb5.KRB_AP_ERR_GEN_CRED, |
289 "No service creds"); |
302 "No service creds"); |