KerberosTokenValidator (Apache Fediz IDP 1.2.4 API)

java.lang.Object
- org.apache.cxf.fediz.service.idp.kerberos.KerberosTokenValidator

public class KerberosTokenValidator
extends Object

Validate a Kerberos Token

Constructor Summary

Constructors
Constructor and Description

KerberosTokenValidator()

Constructors
Constructor and Description
`KerberosTokenValidator()`

Method Summary

Methods
Modifier and Type	Method and Description
`CallbackHandler`	`getCallbackHandler()` Get the CallbackHandler to use with the LoginContext
`String`	`getContextName()` Get the JAAS Login context name to use.
`String`	`getServiceName()` Get the name of the service to use when contacting the KDC.
`boolean`	`isSpnego()`
`boolean`	`isUsernameServiceNameForm()` SPN can be configured to be in either "hostbased" or "username" form. - "hostbased" - specifies that the service principal name should be interpreted as a "host-based" name as specified in GSS API Rfc, section "4.1: Host-Based Service Name Form" - The service name, as it is specified in LDAP/AD, as it is listed in the KDC. - "username" - specifies that the service principal name should be interpreted as a "username" name as specified in GSS API Rfc, section "4.2: User Name Form" This is usually the client username in LDAP/AD used for authentication to the KDC.
`void`	`setCallbackHandler(CallbackHandler callbackHandler)` Set the CallbackHandler to use with the LoginContext.
`void`	`setContextName(String contextName)` Set the JAAS Login context name to use.
`void`	`setServiceName(String serviceName)` The name of the service to use when contacting the KDC.
`void`	`setSpnego(boolean spnego)`
`void`	`setUsernameServiceNameForm(boolean isUsernameServiceNameForm)` If true - sets the SPN form to "username" If false(default) - the SPN form is "hostbased"
`org.apache.wss4j.common.kerberos.KerberosServiceContext`	`validate(KerberosServiceRequestToken token)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - KerberosTokenValidator
```
public KerberosTokenValidator()
```
- Method Detail
  - getContextName
```
public String getContextName()
```
    Get the JAAS Login context name to use.
    
    Returns:
    the JAAS Login context name to use
  - setContextName
```
public void setContextName(String contextName)
```
    Set the JAAS Login context name to use.
    
    Parameters:
    contextName - the JAAS Login context name to use
  - getCallbackHandler
```
public CallbackHandler getCallbackHandler()
```
    Get the CallbackHandler to use with the LoginContext
    
    Returns:
    the CallbackHandler to use with the LoginContext
  - setCallbackHandler
```
public void setCallbackHandler(CallbackHandler callbackHandler)
```
    Set the CallbackHandler to use with the LoginContext. It can be null.
    
    Parameters:
    callbackHandler - the CallbackHandler to use with the LoginContext
  - setServiceName
```
public void setServiceName(String serviceName)
```
    The name of the service to use when contacting the KDC. This value can be null, in which case it defaults to the current principal name.
    
    Parameters:
    serviceName - the name of the service to use when contacting the KDC
  - getServiceName
```
public String getServiceName()
```
    Get the name of the service to use when contacting the KDC. This value can be null, in which case it defaults to the current principal name.
    
    Returns:
    the name of the service to use when contacting the KDC
  - validate
```
public org.apache.wss4j.common.kerberos.KerberosServiceContext validate(KerberosServiceRequestToken token)
                                                                 throws LoginException,
                                                                        PrivilegedActionException
```
    Throws:
    
    LoginException
    
    PrivilegedActionException
  - isUsernameServiceNameForm
```
public boolean isUsernameServiceNameForm()
```
    SPN can be configured to be in either "hostbased" or "username" form.
    - "hostbased" - specifies that the service principal name should be interpreted as a "host-based" name as specified in GSS API Rfc, section "4.1: Host-Based Service Name Form" - The service name, as it is specified in LDAP/AD, as it is listed in the KDC.
    - "username" - specifies that the service principal name should be interpreted as a "username" name as specified in GSS API Rfc, section "4.2: User Name Form" This is usually the client username in LDAP/AD used for authentication to the KDC.
    
    Default is "hostbased".
    
    Returns:
    the isUsernameServiceNameForm
  - setUsernameServiceNameForm
```
public void setUsernameServiceNameForm(boolean isUsernameServiceNameForm)
```
    If true - sets the SPN form to "username"
    If false(default) - the SPN form is "hostbased"
    
    Parameters:
    isUsernameServiceNameForm - the isUsernameServiceNameForm to set
    See Also:
    KerberosSecurity#retrieveServiceTicket(String, CallbackHandler, String, boolean)
  - isSpnego
```
public boolean isSpnego()
```
  - setSpnego
```
public void setSpnego(boolean spnego)
```

Class KerberosTokenValidator

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

KerberosTokenValidator

Method Detail

getContextName

setContextName

getCallbackHandler

setCallbackHandler

setServiceName

getServiceName

validate

isUsernameServiceNameForm

setUsernameServiceNameForm

isSpnego

setSpnego