All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.apache.ws.security.message.token.KerberosContext Maven / Gradle / Ivy

Go to download

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC.

There is a newer version: 1.6.19
Show newest version
/**
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */

package org.apache.ws.security.message.token;

import java.security.Key;

import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSException;

/**
 * Encapsulates Kerberos token (service ticket) and secret key returned by
 * {@link KerberosClientExceptionAction}.
 * 
 * The secret key might be null, in which case it must be obtained from the current subject's 
 * {@link javax.security.auth.kerberos.KerberosTicket} private credential. 
 * 
 * @author bgde
 */
public class KerberosContext {
    private static final org.slf4j.Logger LOG =
        org.slf4j.LoggerFactory.getLogger(KerberosContext.class);

    private boolean disposed;
    private GSSContext gssContext;
    private byte[] kerberosToken;
    private Key secretKey;

    /**
     * @return The Kerberos service ticket bytes or null they are not available/set.
     * @throws IllegalStateException If this context was already disposed.
     */
    public byte[] getKerberosToken() {
        if (disposed) {
            throw new IllegalStateException("Kerberos context is disposed.");
        }

        return kerberosToken;
    }

    public void setKerberosToken(byte[] kerberosToken) {
        this.kerberosToken = kerberosToken;
    }

    /**
     * @return The secret session key, or null if it is not available.
     * In this case it must be obtained from the current subject's {@link javax.security.auth.kerberos.KerberosTicket KerberosTicket} private credential.
     * 
     * @see {@link javax.security.auth.kerberos.KerberosTicket#getSessionKey()}
     * @throws IllegalStateException If this context was already disposed.
     */
    public Key getSecretKey() {
        if (disposed) {
            throw new IllegalStateException("Kerberos context is disposed.");
        }
        return secretKey; 
    }

    public void setSecretKey(Key secretKey) {
        this.secretKey = secretKey;
    }

    /**
     * @return The GSSContext as initialized during Kerberos service ticket retrieval.
     * @throws IllegalStateException If this context was already disposed.
     */
    public GSSContext getGssContext() {
        if (disposed) {
            throw new IllegalStateException("Kerberos context is disposed.");
        }
        return this.gssContext;
    }

    public void setGssContext(GSSContext gssContext) {
        this.gssContext = gssContext;
    }

    /**
     * Destroys all data held in this context instance. After calling this method, 
     * an attempt to retrieve any field of this context instance will throw an IllegalArgumentException.
     */
    public void dispose() {
        if (!disposed) {
            if (kerberosToken != null) {
                for (int i = 0; i < kerberosToken.length; i++) {
                    kerberosToken[i] = 0;
                }
            }

            secretKey = null;

            if (gssContext != null) {
                try {
                    gssContext.dispose();
                }
                catch (GSSException e) {
                    LOG.error("Error disposing of the GSSContext", e);
                }
            }

            disposed = true;
        }
    }

    /**
     * Checks if this context instance is already destroyed.
     * @return
     */
    public boolean isDisposed() {
        return disposed;
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy