Package jcifs.smb

Class JAASAuthenticator

java.lang.Object

jcifs.smb.NtlmPasswordAuthenticator

jcifs.smb.Kerb5Authenticator

jcifs.smb.JAASAuthenticator

All Implemented Interfaces:

Serializable, Cloneable, Principal, CallbackHandler, Credentials, CredentialsInternal, SmbRenewableCredentials

public class JAASAuthenticator
extends Kerb5Authenticator
implements CallbackHandler, SmbRenewableCredentials

JAAS kerberos authenticator Either configure JAAS for credential caching or reuse a single instance of this authenticator -otherwise you won't get proper ticket caching. Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs/Realm. This can be a problem if using DFS in it's default configuration as that still returns referrals in short form. See KB-244380 for compatible server configuration. See Configuration.isDfsConvertToFQDN() for a workaround.

Author:

mbechler

See Also:

Serialized Form

Nested Class Summary

Nested classes/interfaces inherited from class jcifs.smb.NtlmPasswordAuthenticator

NtlmPasswordAuthenticator.AuthenticationType

Constructor Summary

Constructors

Constructor	Description
JAASAuthenticator()	Create an authenticator using the JAAS service jcifs This will require that a keytab is configured in this service.
JAASAuthenticator(String serviceName)	Create an authenticator using the given JAAS service This will require that a keytab is configured in this service.
JAASAuthenticator(String domain, String username, String password)	Create an authenticator using the given credentials This will create a JAAS configuration that is used to obtain a TGT.
JAASAuthenticator(String serviceName, String domain, String username, String password)	Create an authenticator using the given JAAS service and the specified credentials
JAASAuthenticator(Map<String,?> properties, String domain, String username, String password)	Create an authenticator using the given credentials This will create a JAAS configuration with the specified properties that is used to obtain a TGT.

Method Summary

Modifier and Type	Method	Description
Kerb5Authenticator	clone()
protected static void	cloneInternal(JAASAuthenticator to, JAASAuthenticator from)	Clone the context
Subject	getSubject()	Get the Subject object.
void	handle(Callback[] callbacks)
boolean	isAnonymous()
boolean	isGuest()
void	refresh()
CredentialsInternal	renew()	Renew the credentials

Methods inherited from class jcifs.smb.Kerb5Authenticator

cloneInternal, createContext, equals, getLifeTime, getRealm, getService, getUser, getUserDomain, getUserLifeTime, hashCode, isPreferredMech, setForceFallback, setLifeTime, setRealm, setService, setSubject, setUser, setUserLifeTime, toString

Methods inherited from class jcifs.smb.NtlmPasswordAuthenticator

cloneInternal, getAnsiHash, getName, getNTHash, getPassword, getSigningKey, getSpecifiedUserDomain, getUnicodeHash, getUsername, getUserSessionKey, getUserSessionKey, guessAuthenticationType, unwrap

Methods inherited from class java.lang.Object

finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface jcifs.Credentials

getUserDomain, unwrap

Methods inherited from interface jcifs.smb.CredentialsInternal

createContext

Methods inherited from interface java.security.Principal

implies

Constructor Detail

JAASAuthenticator

public JAASAuthenticator()

Create an authenticator using the JAAS service jcifs This will require that a keytab is configured in this service.

JAASAuthenticator

public JAASAuthenticator(String serviceName)

Create an authenticator using the given JAAS service This will require that a keytab is configured in this service.

Parameters:

serviceName - JAAS configuration name

JAASAuthenticator

public JAASAuthenticator(String serviceName,
                         String domain,
                         String username,
                         String password)

Create an authenticator using the given JAAS service and the specified credentials

Parameters:

serviceName - JAAS configuration name

domain -

username -

password -

JAASAuthenticator

public JAASAuthenticator(String domain,
                         String username,
                         String password)

Create an authenticator using the given credentials This will create a JAAS configuration that is used to obtain a TGT.

Parameters:

domain -

username -

password -

JAASAuthenticator

public JAASAuthenticator(Map<String,?> properties,
                         String domain,
                         String username,
                         String password)

Create an authenticator using the given credentials This will create a JAAS configuration with the specified properties that is used to obtain a TGT.

Parameters:

properties - JAAS properties to set

domain -

username -

password -

Method Detail

isAnonymous

public boolean isAnonymous()

Specified by:

isAnonymous in interface Credentials

Overrides:

isAnonymous in class Kerb5Authenticator

Returns:

whether these are anonymous credentials

See Also:

Kerb5Authenticator.isAnonymous()

isGuest

public boolean isGuest()

Specified by:

isGuest in interface Credentials

Overrides:

isGuest in class NtlmPasswordAuthenticator

Returns:

whether these are guest credentials

See Also:

NtlmPasswordAuthenticator.isGuest()

clone

public Kerb5Authenticator clone()

Specified by:

clone in interface CredentialsInternal

Overrides:

clone in class Kerb5Authenticator

Returns:

a copy of the credentials

cloneInternal

protected static void cloneInternal(JAASAuthenticator to,
                                    JAASAuthenticator from)

Clone the context

Parameters:

to -

from -

refresh

public void refresh()
             throws CIFSException

Specified by:

refresh in interface CredentialsInternal

Overrides:

refresh in class Kerb5Authenticator

Throws:

CIFSException

See Also:

Kerb5Authenticator.refresh()

getSubject

public Subject getSubject()

Get the Subject object.

Specified by:

getSubject in interface CredentialsInternal

Overrides:

getSubject in class Kerb5Authenticator

Returns:

Subject represents the user who perform Kerberos authentication. It contains the tickets retrieve from KDC.

See Also:

Kerb5Authenticator.getSubject()

renew

public CredentialsInternal renew()

Renew the credentials

Specified by:

renew in interface SmbRenewableCredentials

Returns:

the renewed credentials

See Also:

SmbRenewableCredentials.renew()

handle

public void handle(Callback[] callbacks)
            throws IOException,
                   UnsupportedCallbackException

Specified by:

handle in interface CallbackHandler

Throws:

IOException

UnsupportedCallbackException

See Also:

CallbackHandler.handle(javax.security.auth.callback.Callback[])