public final class SpnegoProvider extends Object
This Class is exposed for developers who want to implement a custom HTTP client.
Take a look at the SpnegoHttpURLConnection class and the
SpnegoHttpFilter class before attempting to implement your
own HTTP client.
For more example usage, see the documentation at http://spnego.sourceforge.net
| Modifier and Type | Field and Description |
|---|---|
private static Logger |
LOGGER
Default LOGGER.
|
private static GSSManager |
MANAGER
Factory for GSS-API mechanism.
|
private static Oid |
SPNEGO_OID
GSS-API mechanism "1.3.6.1.5.5.2".
|
| Modifier | Constructor and Description |
|---|---|
private |
SpnegoProvider() |
| Modifier and Type | Method and Description |
|---|---|
static SpnegoAuthScheme |
getAuthScheme(String header)
Returns the
SpnegoAuthScheme or null if header is missing. |
static GSSCredential |
getClientCredential(Subject subject)
Returns the GSS-API interface for creating a security context.
|
static GSSContext |
getGSSContext(GSSCredential creds,
URL url)
Returns a GSSContext to be used by custom clients to set
data integrity requirements, confidentiality and if mutual
authentication is required.
|
private static Oid |
getOid()
Returns the Universal Object Identifier representation of
the SPNEGO mechanism.
|
(package private) static GSSCredential |
getServerCredential(Subject subject)
Returns the
GSSCredential the server uses for pre-authentication. |
private static GSSName |
getServerName(URL url)
Returns the
GSSName constructed out of the passed-in
URL object. |
static CallbackHandler |
getUsernamePasswordHandler(String username,
String password)
Used by the BASIC Auth mechanism for establishing a LoginContext
to authenticate a client/caller/request.
|
(package private) static SpnegoAuthScheme |
negotiate(javax.servlet.http.HttpServletRequest req,
SpnegoHttpServletResponse resp,
boolean basicSupported,
boolean promptIfNtlm,
String realm)
Returns the
SpnegoAuthScheme mechanism used to authenticate
the request. |
private static final GSSManager MANAGER
private static final Oid SPNEGO_OID
private SpnegoProvider()
static SpnegoAuthScheme negotiate(javax.servlet.http.HttpServletRequest req, SpnegoHttpServletResponse resp, boolean basicSupported, boolean promptIfNtlm, String realm) throws IOException
SpnegoAuthScheme mechanism used to authenticate
the request.
This method may return null in which case you must check the HTTP
Status Code to determine if additional processing is required.
For example, if req. did not contain the Constants.AUTHZ_HEADER,
the HTTP Status Code SC_UNAUTHORIZED will be set and the client must
send authentication information on the next request.
req - servlet requestresp - servlet responsebasicSupported - pass true to offer/allow BASIC AuthenticationpromptIfNtlm - pass true ntlm request should be downgradedrealm - should be the realm the server used to pre-authenticateIOExceptionpublic static GSSCredential getClientCredential(Subject subject) throws PrivilegedActionException
subject - the person to be authenticatedPrivilegedActionExceptionpublic static GSSContext getGSSContext(GSSCredential creds, URL url) throws GSSException
creds - credentials of the person to be authenticatedurl - HTTP address of server (used for constructing a GSSName).GSSExceptionPrivilegedActionExceptionpublic static SpnegoAuthScheme getAuthScheme(String header)
SpnegoAuthScheme or null if header is missing.
Throws UnsupportedOperationException if header is NOT Negotiate or Basic.
header - ex. Negotiate or Basicprivate static Oid getOid()
static GSSCredential getServerCredential(Subject subject) throws PrivilegedActionException
GSSCredential the server uses for pre-authentication.subject - account server uses for pre-authenticationPrivilegedActionExceptionprivate static GSSName getServerName(URL url) throws GSSException
GSSName constructed out of the passed-in
URL object.url - HTTP address of serverGSSExceptionpublic static CallbackHandler getUsernamePasswordHandler(String username, String password)
username - client usernamepassword - client password