src/java.security.jgss/share/classes/sun/security/jgss/krb5/Krb5InitCredential.java
equal
deleted
inserted
replaced
53 |
53 |
54 private static final long serialVersionUID = 7723415700837898232L; |
54 private static final long serialVersionUID = 7723415700837898232L; |
55 |
55 |
56 private Krb5NameElement name; |
56 private Krb5NameElement name; |
57 private Credentials krb5Credentials; |
57 private Credentials krb5Credentials; |
|
58 public KerberosTicket proxyTicket; |
58 |
59 |
59 private Krb5InitCredential(Krb5NameElement name, |
60 private Krb5InitCredential(Krb5NameElement name, |
60 byte[] asn1Encoding, |
61 byte[] asn1Encoding, |
61 KerberosPrincipal client, |
62 KerberosPrincipal client, |
62 KerberosPrincipal clientAlias, |
63 KerberosPrincipal clientAlias, |
171 .getJavaxSecurityAuthKerberosAccess() |
172 .getJavaxSecurityAuthKerberosAccess() |
172 .kerberosTicketGetClientAlias(tgt); |
173 .kerberosTicketGetClientAlias(tgt); |
173 KerberosPrincipal serverAlias = KerberosSecrets |
174 KerberosPrincipal serverAlias = KerberosSecrets |
174 .getJavaxSecurityAuthKerberosAccess() |
175 .getJavaxSecurityAuthKerberosAccess() |
175 .kerberosTicketGetServerAlias(tgt); |
176 .kerberosTicketGetServerAlias(tgt); |
176 return new Krb5InitCredential(name, |
177 Krb5InitCredential result = new Krb5InitCredential(name, |
177 tgt.getEncoded(), |
178 tgt.getEncoded(), |
178 tgt.getClient(), |
179 tgt.getClient(), |
179 clientAlias, |
180 clientAlias, |
180 tgt.getServer(), |
181 tgt.getServer(), |
181 serverAlias, |
182 serverAlias, |
185 tgt.getAuthTime(), |
186 tgt.getAuthTime(), |
186 tgt.getStartTime(), |
187 tgt.getStartTime(), |
187 tgt.getEndTime(), |
188 tgt.getEndTime(), |
188 tgt.getRenewTill(), |
189 tgt.getRenewTill(), |
189 tgt.getClientAddresses()); |
190 tgt.getClientAddresses()); |
|
191 result.proxyTicket = KerberosSecrets.getJavaxSecurityAuthKerberosAccess(). |
|
192 kerberosTicketGetProxy(tgt); |
|
193 return result; |
190 } |
194 } |
191 |
195 |
192 static Krb5InitCredential getInstance(Krb5NameElement name, |
196 static Krb5InitCredential getInstance(Krb5NameElement name, |
193 Credentials delegatedCred) |
197 Credentials delegatedCred) |
194 throws GSSException { |
198 throws GSSException { |
367 return AccessController.doPrivileged( |
371 return AccessController.doPrivileged( |
368 new PrivilegedExceptionAction<KerberosTicket>() { |
372 new PrivilegedExceptionAction<KerberosTicket>() { |
369 public KerberosTicket run() throws Exception { |
373 public KerberosTicket run() throws Exception { |
370 // It's OK to use null as serverPrincipal. TGT is almost |
374 // It's OK to use null as serverPrincipal. TGT is almost |
371 // the first ticket for a principal and we use list. |
375 // the first ticket for a principal and we use list. |
372 return Krb5Util.getTicket( |
376 return Krb5Util.getInitialTicket( |
373 realCaller, |
377 realCaller, |
374 clientPrincipal, null, acc); |
378 clientPrincipal, acc); |
375 }}); |
379 }}); |
376 } catch (PrivilegedActionException e) { |
380 } catch (PrivilegedActionException e) { |
377 GSSException ge = |
381 GSSException ge = |
378 new GSSException(GSSException.NO_CRED, -1, |
382 new GSSException(GSSException.NO_CRED, -1, |
379 "Attempt to obtain new INITIATE credentials failed!" + |
383 "Attempt to obtain new INITIATE credentials failed!" + |