Package org.silverpeas.sso.kerberos.spnego

Class SpnegoProvider

java.lang.Object

org.silverpeas.sso.kerberos.spnego.SpnegoProvider

public final class SpnegoProvider
extends Object

This is a Utility Class that can be used for finer grained control over message integrity, confidentiality and mutual authentication.

This Class is exposed for developers who want to implement a custom HTTP client.

Take a look at the SpnegoHttpURLConnection class and the KerberosSpnegoFilter class before attempting to implement your own HTTP client.

For more example usage, see the documentation at http://spnego.sourceforge.net

Author:

Darwin V. Felix

Method Summary

Modifier and Type	Method	Description
static GSSCredential	getClientCredential(Subject subject)	Returns the GSS-API interface for creating a security context.
static GSSContext	getGSSContext(GSSCredential creds, URL url)	Returns a GSSContext to be used by custom clients to set data integrity requirements, confidentiality and if mutual authentication is required.
static CallbackHandler	getUsernamePasswordHandler(String username, String password)	Used by the BASIC Auth mechanism for establishing a LoginContext to authenticate a client/caller/request.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getClientCredential

public static GSSCredential getClientCredential(Subject subject)
                                         throws PrivilegedActionException

Returns the GSS-API interface for creating a security context.

Parameters:

subject - the person to be authenticated

Returns:

GSSCredential to be used for creating a security context.

Throws:

PrivilegedActionException - if a disallowed action is performed

getGSSContext

public static GSSContext getGSSContext(GSSCredential creds,
                                       URL url)
                                throws GSSException

Returns a GSSContext to be used by custom clients to set data integrity requirements, confidentiality and if mutual authentication is required.

Parameters:

creds - credentials of the person to be authenticated

url - HTTP address of server (used for constructing a GSSName).

Returns:

GSSContext

Throws:

GSSException - if the SSO negotiation fails

getUsernamePasswordHandler

public static CallbackHandler getUsernamePasswordHandler(String username,
                                                         String password)

Used by the BASIC Auth mechanism for establishing a LoginContext to authenticate a client/caller/request.

Parameters:

username - client username

password - client password

Returns:

CallbackHandler to be used for establishing a LoginContext