hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vipul Mehta <vipulmehta.1...@gmail.com>
Subject Using GSSCredential directly for Kerberos authentication
Date Wed, 03 Sep 2014 09:10:24 GMT
Hi,

In my scenario i am getting delegated GSSCredential of a user from some
other client and i want to use it to create context and authenticate with
windows ADFS.

The createContext call in
*org.apache.http.impl.auth.GGSSchemeBase.generateGSSToken()* relies on JAAS
configuration for getting credentials and hence null is passed to it in
credential field.

protected byte[] generateGSSToken(
>             final byte[] input, final Oid oid, final String authServer)
> throws GSSException {
>         byte[] token = input;
>         if (token == null) {
>             token = new byte[0];
>         }
>         final GSSManager manager = getManager();
>         final GSSName serverName = manager.createName("HTTP@" +
> authServer, GSSName.NT_HOSTBASED_SERVICE);
>
> *   final GSSContext gssContext = manager.createContext(
> serverName.canonicalize(oid), oid, null, GSSContext.DEFAULT_LIFETIME);*
>         gssContext.requestMutualAuth(true);
>         gssContext.requestCredDeleg(true);
>         return gssContext.initSecContext(token, 0, token.length);
>     }
>

I want to pass the GSSCredential in this createContext call. Is there any
way i can achieve it without changing httpclient code ?


-- 
Regards,
Vipul

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message