public interface DelegateServletRequest extends javax.servlet.ServletRequest
By default, SpnegoHttpURLConnection has delegation set
to false. To allow delegation, call the requestCredDeleg
method on the SpnegoHttpURLConnection instance.
Also, the server/service's pre-authentication account must be specified as "Account is trusted for delegation" in Active Directory.
Finally, the server/service's spnego servlet init params must be specified
to allow credential delegation by setting the property
spnego.allow.delegation to true (false by default).
Custom client programs may request their credential to be delegated
by calling the requestCredDeleg on their instance of GSSContext.
Java Application Servers can obtain the delegated credential by casting the HTTP request.
Example usage:
if (request instanceof DelegateServletRequest) {
DelegateServletRequest dsr = (DelegateServletRequest) request;
GSSCredential creds = dsr.getDelegatedCredential();
...
}
To see a working example and instructions, take a look at the credential delegation example.
| Modifier and Type | Method and Description |
|---|---|
GSSCredential |
getDelegatedCredential()
Returns the requester's delegated credential.
|
getAttribute, getAttributeNames, getCharacterEncoding, getContentLength, getContentType, getInputStream, getLocalAddr, getLocale, getLocales, getLocalName, getLocalPort, getParameter, getParameterMap, getParameterNames, getParameterValues, getProtocol, getReader, getRealPath, getRemoteAddr, getRemoteHost, getRemotePort, getRequestDispatcher, getScheme, getServerName, getServerPort, isSecure, removeAttribute, setAttribute, setCharacterEncodingGSSCredential getDelegatedCredential()
Returns null if request has no delegated credential or if delegated credentials are not supported.