KerberosServiceRequestToken (Spring Security Kerberos Extension 1.0.1.RELEASE API)

java.lang.Object
- org.springframework.security.authentication.AbstractAuthenticationToken
- - org.springframework.security.kerberos.authentication.KerberosServiceRequestToken

All Implemented Interfaces:

java.io.Serializable, java.security.Principal, org.springframework.security.core.Authentication, org.springframework.security.core.CredentialsContainer
```
public class KerberosServiceRequestToken
extends org.springframework.security.authentication.AbstractAuthenticationToken
```
Holds the Kerberos/SPNEGO token for requesting a kerberized service and is also the output of KerberosServiceAuthenticationProvider.

Will mostly be created in SpnegoAuthenticationProcessingFilter and authenticated in KerberosServiceAuthenticationProvider.
This token cannot be re-authenticated, as you will get a Kerberos Reply error.

Since:

1.0

Author:

Mike Wiesner, Jeremy Stone

See Also:
KerberosServiceAuthenticationProvider, Serialized Form

Constructor Summary

Constructors
Constructor and Description
`KerberosServiceRequestToken(byte[] token)` Creates an unauthenticated instance which should then be authenticated by `KerberosServiceAuthenticationProvider`.
`KerberosServiceRequestToken(java.lang.Object principal, KerberosTicketValidation ticketValidation, java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities, byte[] token)` Creates an authenticated token, normally used as an output of an authentication provider.

Method Summary

Methods
Modifier and Type	Method and Description
`byte[]`	`decrypt(byte[] data)` Unwraps an encrypted message using the gss context
`byte[]`	`decrypt(byte[] data, int offset, int length)` Unwraps an encrypted message using the gss context
`byte[]`	`encrypt(byte[] data)` Wraps an message using the gss context
`byte[]`	`encrypt(byte[] data, int offset, int length)` Wraps an message using the gss context
`boolean`	`equals(java.lang.Object obj)` equals() is based only on the Kerberos token
`java.lang.Object`	`getCredentials()`
`java.lang.String`	`getEncodedResponseToken()` Gets the (Base64) encoded response token assuming one is available.
`java.lang.Object`	`getPrincipal()`
`KerberosTicketValidation`	`getTicketValidation()` Gets the ticket validation
`byte[]`	`getToken()` Returns the Kerberos token
`int`	`hashCode()` Calculates hashcode based on the Kerberos token
`boolean`	`hasResponseToken()` Determines whether an authenticated token has a response token

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken
eraseCredentials, getAuthorities, getDetails, getName, isAuthenticated, setAuthenticated, setDetails, toString

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - KerberosServiceRequestToken
```
public KerberosServiceRequestToken(java.lang.Object principal,
                           KerberosTicketValidation ticketValidation,
                           java.util.Collection<? extends org.springframework.security.core.GrantedAuthority> authorities,
                           byte[] token)
```
    Creates an authenticated token, normally used as an output of an authentication provider.
    
    Parameters:
    principal - the user principal (mostly of instance UserDetails)
    ticketValidation - result of ticket validation
    authorities - the authorities which are granted to the user
    token - the Kerberos/SPNEGO token
    See Also:
    UserDetails
  - KerberosServiceRequestToken
```
public KerberosServiceRequestToken(byte[] token)
```
    Creates an unauthenticated instance which should then be authenticated by KerberosServiceAuthenticationProvider.
    
    Parameters:
    token - Kerberos/SPNEGO token
    See Also:
    KerberosServiceAuthenticationProvider
- Method Detail
  - hashCode
```
public int hashCode()
```
    Calculates hashcode based on the Kerberos token
    
    Specified by:
    
    hashCode in interface java.security.Principal
    
    Overrides:
    
    hashCode in class org.springframework.security.authentication.AbstractAuthenticationToken
  - equals
```
public boolean equals(java.lang.Object obj)
```
    equals() is based only on the Kerberos token
    
    Specified by:
    
    equals in interface java.security.Principal
    
    Overrides:
    
    equals in class org.springframework.security.authentication.AbstractAuthenticationToken
  - getCredentials
```
public java.lang.Object getCredentials()
```
  - getPrincipal
```
public java.lang.Object getPrincipal()
```
  - getToken
```
public byte[] getToken()
```
    Returns the Kerberos token
    
    Returns:
    the token data
  - getTicketValidation
```
public KerberosTicketValidation getTicketValidation()
```
    Gets the ticket validation
    
    Returns:
    the ticket validation (which will be null if the token is unauthenticated)
  - hasResponseToken
```
public boolean hasResponseToken()
```
    Determines whether an authenticated token has a response token
    
    Returns:
    whether a response token is available
  - getEncodedResponseToken
```
public java.lang.String getEncodedResponseToken()
```
    Gets the (Base64) encoded response token assuming one is available.
    
    Returns:
    encoded response token
  - decrypt
```
public byte[] decrypt(byte[] data,
             int offset,
             int length)
               throws java.security.PrivilegedActionException
```
    Unwraps an encrypted message using the gss context
    
    Parameters:
    data - the data
    offset - data offset
    length - data length
    
    Returns:
    the decrypted message
    
    Throws:
    
    java.security.PrivilegedActionException - if jaas throws and error
  - decrypt
```
public byte[] decrypt(byte[] data)
               throws java.security.PrivilegedActionException
```
    Unwraps an encrypted message using the gss context
    
    Parameters:
    data - the data
    
    Returns:
    the decrypted message
    
    Throws:
    
    java.security.PrivilegedActionException - if jaas throws and error
  - encrypt
```
public byte[] encrypt(byte[] data,
             int offset,
             int length)
               throws java.security.PrivilegedActionException
```
    Wraps an message using the gss context
    
    Parameters:
    data - the data
    offset - data offset
    length - data length
    
    Returns:
    the encrypted message
    
    Throws:
    
    java.security.PrivilegedActionException - if jaas throws and error
  - encrypt
```
public byte[] encrypt(byte[] data)
               throws java.security.PrivilegedActionException
```
    Wraps an message using the gss context
    
    Parameters:
    data - the data
    
    Returns:
    the encrypted message
    
    Throws:
    
    java.security.PrivilegedActionException - if jaas throws and error

Class KerberosServiceRequestToken

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.authentication.AbstractAuthenticationToken

Methods inherited from class java.lang.Object

Constructor Detail

KerberosServiceRequestToken

KerberosServiceRequestToken

Method Detail

hashCode

equals

getCredentials

getPrincipal

getToken

getTicketValidation

hasResponseToken

getEncodedResponseToken

decrypt

decrypt

encrypt

encrypt