Package com.microstrategy.utils.kerberos
Class KerberosHelper
- java.lang.Object
-
- com.microstrategy.utils.kerberos.KerberosHelper
-
public class KerberosHelper extends java.lang.Object
Supports various Kerberos related functions utilized bySpnegoFilter
andKerberosSession
.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
KerberosHelper.PrivilegedExceptionActionWebServer
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description static KerberosHelper
getInstance()
org.ietf.jgss.Oid
getKerberosMechansim()
org.ietf.jgss.Oid
getKerberosPrincipalNameType()
org.ietf.jgss.GSSManager
getManager()
org.ietf.jgss.Oid[]
getMechanisms()
byte[]
run(KerberosHelper.PrivilegedExceptionActionWebServer action)
IfgetAuthenticatedWebServerSubject()
is not null, this method will execute the parameterKerberosHelper.PrivilegedExceptionActionWebServer
under {@link Subject#doAs(Subject, PrivilegedExceptionAction), otherwisePrivilegedExceptionAction.run()
will be invoked directly.static boolean
sanityCheck()
Returns whether Integrated Authentication is enabled and basic Kerberos settings are properly configured.void
setServerCredential(org.ietf.jgss.GSSCredential serverCredential)
static void
setupLogging()
void
setWebServerSubject(javax.security.auth.Subject serviceSubject)
-
-
-
Method Detail
-
getInstance
public static KerberosHelper getInstance()
-
getMechanisms
public org.ietf.jgss.Oid[] getMechanisms()
-
getKerberosMechansim
public org.ietf.jgss.Oid getKerberosMechansim()
-
getKerberosPrincipalNameType
public org.ietf.jgss.Oid getKerberosPrincipalNameType()
-
setupLogging
public static void setupLogging()
-
run
public byte[] run(KerberosHelper.PrivilegedExceptionActionWebServer action) throws java.lang.Exception
IfgetAuthenticatedWebServerSubject()
is not null, this method will execute the parameterKerberosHelper.PrivilegedExceptionActionWebServer
under {@link Subject#doAs(Subject, PrivilegedExceptionAction), otherwisePrivilegedExceptionAction.run()
will be invoked directly.- Throws:
java.lang.Exception
-
getManager
public org.ietf.jgss.GSSManager getManager()
-
sanityCheck
public static boolean sanityCheck()
Returns whether Integrated Authentication is enabled and basic Kerberos settings are properly configured. Note that this does not check every possible configuration setting. This method must also be responsive as it is called repeatedly, and avoid logging the same configuration errors. Currently this check always returns true in order to minimize backwards compatibility problems - if any issues are encountered appropriate errors are logged.
-
setWebServerSubject
public void setWebServerSubject(javax.security.auth.Subject serviceSubject)
-
setServerCredential
public void setServerCredential(org.ietf.jgss.GSSCredential serverCredential)
-
-