Package jcifs.smb
Class JAASAuthenticator
- java.lang.Object
-
- jcifs.smb.NtlmPasswordAuthenticator
-
- jcifs.smb.Kerb5Authenticator
-
- jcifs.smb.JAASAuthenticator
-
- All Implemented Interfaces:
Serializable
,Cloneable
,Principal
,CallbackHandler
,Credentials
,CredentialsInternal
,SmbRenewableCredentials
public class JAASAuthenticator extends Kerb5Authenticator implements CallbackHandler, SmbRenewableCredentials
JAAS kerberos authenticator Either configure JAAS for credential caching or reuse a single instance of this authenticator -otherwise you won't get proper ticket caching. Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs/Realm. This can be a problem if using DFS in it's default configuration as that still returns referrals in short form. See KB-244380 for compatible server configuration. SeeConfiguration.isDfsConvertToFQDN()
for a workaround.- Author:
- mbechler
- See Also:
- Serialized Form
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from class jcifs.smb.NtlmPasswordAuthenticator
NtlmPasswordAuthenticator.AuthenticationType
-
-
Constructor Summary
Constructors Constructor Description JAASAuthenticator()
Create an authenticator using the JAAS service jcifs This will require that a keytab is configured in this service.JAASAuthenticator(String serviceName)
Create an authenticator using the given JAAS service This will require that a keytab is configured in this service.JAASAuthenticator(String domain, String username, String password)
Create an authenticator using the given credentials This will create a JAAS configuration that is used to obtain a TGT.JAASAuthenticator(String serviceName, String domain, String username, String password)
Create an authenticator using the given JAAS service and the specified credentialsJAASAuthenticator(Map<String,?> properties, String domain, String username, String password)
Create an authenticator using the given credentials This will create a JAAS configuration with the specified properties that is used to obtain a TGT.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description Kerb5Authenticator
clone()
protected static void
cloneInternal(JAASAuthenticator to, JAASAuthenticator from)
Clone the contextSubject
getSubject()
Get theSubject
object.void
handle(Callback[] callbacks)
boolean
isAnonymous()
boolean
isGuest()
void
refresh()
CredentialsInternal
renew()
Renew the credentials-
Methods inherited from class jcifs.smb.Kerb5Authenticator
cloneInternal, createContext, equals, getLifeTime, getRealm, getService, getUser, getUserDomain, getUserLifeTime, hashCode, isPreferredMech, setForceFallback, setLifeTime, setRealm, setService, setSubject, setUser, setUserLifeTime, toString
-
Methods inherited from class jcifs.smb.NtlmPasswordAuthenticator
cloneInternal, getAnsiHash, getName, getNTHash, getPassword, getSigningKey, getSpecifiedUserDomain, getUnicodeHash, getUsername, getUserSessionKey, getUserSessionKey, guessAuthenticationType, unwrap
-
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface jcifs.Credentials
getUserDomain, unwrap
-
Methods inherited from interface jcifs.smb.CredentialsInternal
createContext
-
-
-
-
Constructor Detail
-
JAASAuthenticator
public JAASAuthenticator()
Create an authenticator using the JAAS service jcifs This will require that a keytab is configured in this service.
-
JAASAuthenticator
public JAASAuthenticator(String serviceName)
Create an authenticator using the given JAAS service This will require that a keytab is configured in this service.- Parameters:
serviceName
- JAAS configuration name
-
JAASAuthenticator
public JAASAuthenticator(String serviceName, String domain, String username, String password)
Create an authenticator using the given JAAS service and the specified credentials- Parameters:
serviceName
- JAAS configuration namedomain
-username
-password
-
-
JAASAuthenticator
public JAASAuthenticator(String domain, String username, String password)
Create an authenticator using the given credentials This will create a JAAS configuration that is used to obtain a TGT.- Parameters:
domain
-username
-password
-
-
JAASAuthenticator
public JAASAuthenticator(Map<String,?> properties, String domain, String username, String password)
Create an authenticator using the given credentials This will create a JAAS configuration with the specified properties that is used to obtain a TGT.- Parameters:
properties
- JAAS properties to setdomain
-username
-password
-
-
-
Method Detail
-
isAnonymous
public boolean isAnonymous()
- Specified by:
isAnonymous
in interfaceCredentials
- Overrides:
isAnonymous
in classKerb5Authenticator
- Returns:
- whether these are anonymous credentials
- See Also:
Kerb5Authenticator.isAnonymous()
-
isGuest
public boolean isGuest()
- Specified by:
isGuest
in interfaceCredentials
- Overrides:
isGuest
in classNtlmPasswordAuthenticator
- Returns:
- whether these are guest credentials
- See Also:
NtlmPasswordAuthenticator.isGuest()
-
clone
public Kerb5Authenticator clone()
- Specified by:
clone
in interfaceCredentialsInternal
- Overrides:
clone
in classKerb5Authenticator
- Returns:
- a copy of the credentials
-
cloneInternal
protected static void cloneInternal(JAASAuthenticator to, JAASAuthenticator from)
Clone the context- Parameters:
to
-from
-
-
refresh
public void refresh() throws CIFSException
- Specified by:
refresh
in interfaceCredentialsInternal
- Overrides:
refresh
in classKerb5Authenticator
- Throws:
CIFSException
- See Also:
Kerb5Authenticator.refresh()
-
getSubject
public Subject getSubject()
Get theSubject
object.- Specified by:
getSubject
in interfaceCredentialsInternal
- Overrides:
getSubject
in classKerb5Authenticator
- Returns:
- Subject represents the user who perform Kerberos authentication. It contains the tickets retrieve from KDC.
- See Also:
Kerb5Authenticator.getSubject()
-
renew
public CredentialsInternal renew()
Renew the credentials- Specified by:
renew
in interfaceSmbRenewableCredentials
- Returns:
- the renewed credentials
- See Also:
SmbRenewableCredentials.renew()
-
handle
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException
- Specified by:
handle
in interfaceCallbackHandler
- Throws:
IOException
UnsupportedCallbackException
- See Also:
CallbackHandler.handle(javax.security.auth.callback.Callback[])
-
-