Kerb5Authenticator (jCIFS NG 2.0.6 API)

java.lang.Object
- jcifs.smb.NtlmPasswordAuthentication
- - jcifs.smb.Kerb5Authenticator

All Implemented Interfaces:

Serializable, Cloneable, Principal, Credentials, CredentialsInternal

Direct Known Subclasses:

JAASAuthenticator
```
public class Kerb5Authenticator
extends NtlmPasswordAuthentication
```
Base kerberos authenticator Uses a subject that contains kerberos credentials for use in GSSAPI context establishment. Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs. This can be a problem if using DFS in it's default configuration as they still return referrals in short form. See KB-244380 for compatible server configuration. See Configuration.isDfsConvertToFQDN() for a workaround.

See Also:

Serialized Form

Constructor Summary

Constructors
Constructor and Description
`Kerb5Authenticator(CIFSContext tc, Subject subject)` Construct a `Kerb5Authenticator` object with `Subject` which hold TGT retrieved from KDC.
`Kerb5Authenticator(CIFSContext tc, Subject subject, String domain, String username, String password)` Construct a `Kerb5Authenticator` object with `Subject` and potential NTLM fallback (if the server does not support kerberos).

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Kerb5Authenticator`	`clone()`
`static void`	`cloneInternal(Kerb5Authenticator to, Kerb5Authenticator from)` Clone the context
`SSPContext`	`createContext(CIFSContext tc, String targetDomain, String host, byte[] initialToken, boolean doSigning)`
`boolean`	`equals(Object other)` Compares two `NtlmPasswordAuthentication` objects for equality.
`int`	`getLifeTime()` Get lifetime of this context.
`String`	`getRealm()`
`String`	`getService()` Get the service name.
`Subject`	`getSubject()` Get the `Subject` object.
`String`	`getUser()` Get the user name which authenticate against to.
`String`	`getUserDomain()` Returns the domain.
`int`	`getUserLifeTime()` Get lifetime of current user.
`int`	`hashCode()` Return the upcased username hash code.
`boolean`	`isAnonymous()`
`void`	`setLifeTime(int time)` Set the lifetime for this context.
`void`	`setRealm(String realm)`
`void`	`setService(String name)` Set the service name which is used to setup `GSSContext`.
`void`	`setUser(String name)` Set the user name which is used to setup `GSSContext`.
`void`	`setUserLifeTime(int time)` Set lifetime of current user.
`String`	`toString()` Return the domain and username in the format: `domain\\username`.

Methods inherited from class jcifs.smb.NtlmPasswordAuthentication
areHashesExternal, getAnsiHash, getName, getPassword, getSigningKey, getSpecifiedUserDomain, getUnicodeHash, getUsername, getUserSessionKey, getUserSessionKey, isGuest, unwrap

Methods inherited from class java.lang.Object
getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface java.security.Principal
implies

- Constructor Detail
  - Kerb5Authenticator
```
public Kerb5Authenticator(CIFSContext tc,
                          Subject subject)
```
    Construct a Kerb5Authenticator object with Subject which hold TGT retrieved from KDC. If multiple TGT are contained, the first one will be used to retrieve user principal.
    
    Parameters:
    
    tc - context to use
    
    subject - represents the user who perform Kerberos authentication. It contains tickets retrieve from KDC.
  - Kerb5Authenticator
```
public Kerb5Authenticator(CIFSContext tc,
                          Subject subject,
                          String domain,
                          String username,
                          String password)
```
    Construct a Kerb5Authenticator object with Subject and potential NTLM fallback (if the server does not support kerberos).
    
    Parameters:
    
    tc - context to use
    
    subject - represents the user who perform Kerberos authentication. Should at least contain a TGT for the user.
    
    domain - domain for NTLM fallback
    
    username - user for NTLM fallback
    
    password - password for NTLM fallback
- Method Detail
  - createContext
```
public SSPContext createContext(CIFSContext tc,
                                String targetDomain,
                                String host,
                                byte[] initialToken,
                                boolean doSigning)
                         throws SmbException
```
    Specified by:
    
    createContext in interface CredentialsInternal
    
    Overrides:
    
    createContext in class NtlmPasswordAuthentication
    
    Returns:
    
    a new context
    
    Throws:
    
    SmbException
    
    See Also:
    
    NtlmPasswordAuthentication.createContext(jcifs.CIFSContext, java.lang.String, java.lang.String, byte[], boolean)
  - clone
```
public Kerb5Authenticator clone()
```
    Specified by:
    
    clone in interface CredentialsInternal
    
    Overrides:
    
    clone in class NtlmPasswordAuthentication
    
    Returns:
    
    a copy of the credentials
  - cloneInternal
```
public static void cloneInternal(Kerb5Authenticator to,
                                 Kerb5Authenticator from)
```
    Clone the context
    
    Parameters:
    
    to -
    
    from -
  - setUser
```
public void setUser(String name)
```
    Set the user name which is used to setup GSSContext. If null is set, the default user will be used which is retrieved from the first TGT found in Subject .
    
    Parameters:
    
    name - the user name used to setup GSSContext
  - setRealm
```
public void setRealm(String realm)
```
    Parameters:
    
    realm - the realm to set
  - getRealm
```
public String getRealm()
```
    Returns:
    
    the kerberos realm
  - getSubject
```
public Subject getSubject()
```
    Get the Subject object.
    
    Specified by:
    
    getSubject in interface CredentialsInternal
    
    Overrides:
    
    getSubject in class NtlmPasswordAuthentication
    
    Returns:
    
    Subject represents the user who perform Kerberos authentication. It contains the tickets retrieve from KDC.
    
    See Also:
    
    CredentialsInternal.getSubject()
  - getUser
```
public String getUser()
```
    Get the user name which authenticate against to. If the default user is used, Null will be returned.
    
    Returns:
    
    user name
  - setService
```
public void setService(String name)
```
    Set the service name which is used to setup GSSContext. Program will use this name to require service ticket from KDC.
    
    Parameters:
    
    name - the service name used to require service ticket from KDC.
  - getService
```
public String getService()
```
    Get the service name.
    
    Returns:
    
    the service name used to require service ticket from KDC
  - getUserLifeTime
```
public int getUserLifeTime()
```
    Get lifetime of current user.
    
    Returns:
    
    the remaining lifetime in seconds. If the default lifetime is used, this value have no meaning.
  - setUserLifeTime
```
public void setUserLifeTime(int time)
```
    Set lifetime of current user.
    
    Parameters:
    
    time - the lifetime in seconds
  - getLifeTime
```
public int getLifeTime()
```
    Get lifetime of this context.
    
    Returns:
    
    the remaining lifetime in seconds. If the default lifetime is used, this value have no meaning.
  - setLifeTime
```
public void setLifeTime(int time)
```
    Set the lifetime for this context.
    
    Parameters:
    
    time - the lifetime in seconds
  - isAnonymous
```
public boolean isAnonymous()
```
    Specified by:
    
    isAnonymous in interface Credentials
    
    Overrides:
    
    isAnonymous in class NtlmPasswordAuthentication
    
    Returns:
    
    whether these are anonymous credentials
    
    See Also:
    
    Credentials.isAnonymous()
  - toString
```
public String toString()
```
    Return the domain and username in the format: domain\\username. This is equivalent to getName().
    
    Specified by:
    
    toString in interface Principal
    
    Overrides:
    
    toString in class NtlmPasswordAuthentication
    
    See Also:
    
    Object.toString()
  - equals
```
public boolean equals(Object other)
```
    Compares two NtlmPasswordAuthentication objects for equality. Two NtlmPasswordAuthentication objects are equal if their caseless domain and username fields are equal and either both hashes are external and they are equal or both internally supplied passwords are equal. If one NtlmPasswordAuthentication object has external hashes (meaning negotiated via NTLM HTTP Authentication) and the other does not they will not be equal. This is technically not correct however the server 8 byte challenge would be required to compute and compare the password hashes but that it not available with this method.
    
    Specified by:
    
    equals in interface Principal
    
    Overrides:
    
    equals in class NtlmPasswordAuthentication
    
    See Also:
    
    NtlmPasswordAuthentication.equals(java.lang.Object)
  - hashCode
```
public int hashCode()
```
    Return the upcased username hash code.
    
    Specified by:
    
    hashCode in interface Principal
    
    Overrides:
    
    hashCode in class NtlmPasswordAuthentication
    
    See Also:
    
    Object.hashCode()
  - getUserDomain
```
public String getUserDomain()
```
    Description copied from class: NtlmPasswordAuthentication
    
    Returns the domain.
    
    Specified by:
    
    getUserDomain in interface Credentials
    
    Overrides:
    
    getUserDomain in class NtlmPasswordAuthentication
    
    Returns:
    
    the domain the user account is in

Class Kerb5Authenticator

Constructor Summary

Method Summary

Methods inherited from class jcifs.smb.NtlmPasswordAuthentication

Methods inherited from class java.lang.Object

Methods inherited from interface java.security.Principal

Constructor Detail

Kerb5Authenticator

Kerb5Authenticator

Method Detail

createContext

clone

cloneInternal

setUser

setRealm

getRealm

getSubject

getUser

setService

getService

getUserLifeTime

setUserLifeTime

getLifeTime

setLifeTime

isAnonymous

toString

equals

hashCode

getUserDomain