public class GSSAuthenticator extends Object
Constructor and Description |
---|
GSSAuthenticator() |
Modifier and Type | Method and Description |
---|---|
GSSCredential |
getGSSCredential(GSSManager mgr)
Overridable method to get GSS accept credential suitable for the current environment.
|
GSSManager |
getGSSManager()
Overridable method to get GSS manager suitable for current environment.
|
void |
setKeytabFile(String keytabFile)
Set the location of the Kerberos keytab.
|
void |
setServicePrincipalName(String servicePrincipalName)
Set the service principal name to be used.
|
boolean |
validateIdentity(ServerSession session,
String identity)
Validate the source identity obtained from the context after negotiation is complete.
|
boolean |
validateInitialUser(ServerSession session,
String user)
Validate the user name passed in the initial SSH_MSG_USERAUTH_REQUEST message.
|
public GSSManager getGSSManager()
public GSSCredential getGSSCredential(GSSManager mgr) throws UnknownHostException, LoginException, GSSException
mgr
- The GSS managernull
gssapi authentication fails immediatelyUnknownHostException
- If the local host name could not be determinedLoginException
- If the subject could not be foundGSSException
- If the credential could not be obtainedpublic boolean validateInitialUser(ServerSession session, String user)
session
- The current sessionuser
- The user name from the initial requesttrue
if the user is valid, false
if invalidpublic boolean validateIdentity(ServerSession session, String identity)
session
- The current sessionidentity
- The identity from the GSS contexttrue
if the identity is valid, false
if invalidpublic void setServicePrincipalName(String servicePrincipalName)
servicePrincipalName
- The principal namepublic void setKeytabFile(String keytabFile)
keytabFile
- The location of the keytabCopyright © 2008–2016 The Apache Software Foundation. All rights reserved.