Class KerberosServiceRequestToken
java.lang.Object
org.springframework.security.authentication.AbstractAuthenticationToken
org.springframework.security.kerberos.authentication.KerberosServiceRequestToken
- All Implemented Interfaces:
Serializable
,Principal
,org.springframework.security.core.Authentication
,org.springframework.security.core.CredentialsContainer
,KerberosAuthentication
public class KerberosServiceRequestToken
extends org.springframework.security.authentication.AbstractAuthenticationToken
implements KerberosAuthentication
Holds the Kerberos/SPNEGO token for requesting a kerberized service and is
also the output of KerberosServiceAuthenticationProvider
.
Will mostly be created in SpnegoAuthenticationProcessingFilter
and authenticated in KerberosServiceAuthenticationProvider
.
- Since:
- 1.0
- See Also:
-
Constructor Summary
ConstructorDescriptionKerberosServiceRequestToken
(byte[] token) Creates an unauthenticated instance which should then be authenticated byKerberosServiceAuthenticationProvider
.KerberosServiceRequestToken
(Object principal, KerberosTicketValidation ticketValidation, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, byte[] token) Creates an authenticated token, normally used as an output of an authentication provider. -
Method Summary
Modifier and TypeMethodDescriptionbyte[]
decrypt
(byte[] data) Unwraps an encrypted message using the gss contextbyte[]
decrypt
(byte[] data, int offset, int length) Unwraps an encrypted message using the gss contextbyte[]
encrypt
(byte[] data) Wraps an message using the gss contextbyte[]
encrypt
(byte[] data, int offset, int length) Wraps an message using the gss contextboolean
equals() is based only on the Kerberos tokenGets the (Base64) encoded response token assuming one is available.Gets the ticket validationbyte[]
getToken()
Returns the Kerberos tokenint
hashCode()
Calculates hashcode based on the Kerberos tokenboolean
Determines whether an authenticated token has a response tokenMethods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken
eraseCredentials, getAuthorities, getDetails, getName, isAuthenticated, setAuthenticated, setDetails, toString
-
Constructor Details
-
KerberosServiceRequestToken
public KerberosServiceRequestToken(Object principal, KerberosTicketValidation ticketValidation, Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, byte[] token) Creates an authenticated token, normally used as an output of an authentication provider.- Parameters:
principal
- the user principal (mostly of instanceUserDetails
)ticketValidation
- result of ticket validationauthorities
- the authorities which are granted to the usertoken
- the Kerberos/SPNEGO token- See Also:
-
UserDetails
-
KerberosServiceRequestToken
public KerberosServiceRequestToken(byte[] token) Creates an unauthenticated instance which should then be authenticated byKerberosServiceAuthenticationProvider
.- Parameters:
token
- Kerberos/SPNEGO token- See Also:
-
-
Method Details
-
hashCode
public int hashCode()Calculates hashcode based on the Kerberos token -
equals
equals() is based only on the Kerberos token -
getCredentials
- Specified by:
getCredentials
in interfaceorg.springframework.security.core.Authentication
-
getPrincipal
- Specified by:
getPrincipal
in interfaceorg.springframework.security.core.Authentication
-
getToken
public byte[] getToken()Returns the Kerberos token- Returns:
- the token data
-
getTicketValidation
Gets the ticket validation- Returns:
- the ticket validation (which will be null if the token is unauthenticated)
-
hasResponseToken
public boolean hasResponseToken()Determines whether an authenticated token has a response token- Returns:
- whether a response token is available
-
getEncodedResponseToken
Gets the (Base64) encoded response token assuming one is available.- Returns:
- encoded response token
-
decrypt
Unwraps an encrypted message using the gss context- Parameters:
data
- the dataoffset
- data offsetlength
- data length- Returns:
- the decrypted message
- Throws:
PrivilegedActionException
- if jaas throws and error
-
decrypt
Unwraps an encrypted message using the gss context- Parameters:
data
- the data- Returns:
- the decrypted message
- Throws:
PrivilegedActionException
- if jaas throws and error
-
encrypt
Wraps an message using the gss context- Parameters:
data
- the dataoffset
- data offsetlength
- data length- Returns:
- the encrypted message
- Throws:
PrivilegedActionException
- if jaas throws and error
-
encrypt
Wraps an message using the gss context- Parameters:
data
- the data- Returns:
- the encrypted message
- Throws:
PrivilegedActionException
- if jaas throws and error
-
getJaasSubjectHolder
- Specified by:
getJaasSubjectHolder
in interfaceKerberosAuthentication
-