public class GSSAuthenticator
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
private java.lang.String |
keytabFile |
private java.lang.String |
servicePrincipalName |
Constructor and Description |
---|
GSSAuthenticator() |
Modifier and Type | Method and Description |
---|---|
org.ietf.jgss.GSSCredential |
getGSSCredential(org.ietf.jgss.GSSManager mgr)
Overridable method to get GSS accept credential suitable for the current environment.
|
org.ietf.jgss.GSSManager |
getGSSManager()
Overridable method to get GSS manager suitable for current environment.
|
void |
setKeytabFile(java.lang.String keytabFile)
Set the location of the Kerberos keytab.
|
void |
setServicePrincipalName(java.lang.String servicePrincipalName)
Set the service principal name to be used.
|
boolean |
validateIdentity(ServerSession session,
java.lang.String identity)
Validate the source identity obtained from the context after negotiation is complete.
|
boolean |
validateInitialUser(ServerSession session,
java.lang.String user)
Validate the user name passed in the initial SSH_MSG_USERAUTH_REQUEST message.
|
private java.lang.String servicePrincipalName
private java.lang.String keytabFile
public org.ietf.jgss.GSSManager getGSSManager()
public org.ietf.jgss.GSSCredential getGSSCredential(org.ietf.jgss.GSSManager mgr) throws java.net.UnknownHostException, javax.security.auth.login.LoginException, org.ietf.jgss.GSSException
mgr
- The GSS managernull
gssapi authentication fails
immediatelyjava.net.UnknownHostException
- If the local host name could not be determinedjavax.security.auth.login.LoginException
- If the subject could not be foundorg.ietf.jgss.GSSException
- If the credential could not be obtainedpublic boolean validateInitialUser(ServerSession session, java.lang.String user)
session
- The current sessionuser
- The user name from the initial requesttrue
if the user is valid, false
if invalidpublic boolean validateIdentity(ServerSession session, java.lang.String identity)
session
- The current sessionidentity
- The identity from the GSS contexttrue
if the identity is valid, false
if invalidpublic void setServicePrincipalName(java.lang.String servicePrincipalName)
servicePrincipalName
- The principal namepublic void setKeytabFile(java.lang.String keytabFile)
keytabFile
- The location of the keytab