Is it possible to generate a kerberos token using java GSS API which is equivalent to token created while singing in to Windows.
i.e. Is it possible to create a self sign kerberos token using GSS APIs.
Using below code when Server name is provided, it generates the token but when serverName is passed as null in manager.createContext , i am getting exception
Trying to confirm whether GSS APIs can only be used when both client and Server addresses provided
try {
KERB_V5_OID = new Oid("1.2.840.113554.1.2.2");
KRB5_PRINCIPAL_NAME_OID = new Oid("1.2.840.113554.1.2.2.1");
GSSManager manager = GSSManager.getInstance();
GSSName clientName = manager.createName("[email protected]", KRB5_PRINCIPAL_NAME_OID);
GSSCredential clientCred = manager.createCredential(clientName, 1 * 3600, KERB_V5_OID,GSSCredential.INITIATE_ONLY);
GSSName serverName = manager.createName("[email protected]", KRB5_PRINCIPAL_NAME_OID);
GSSContext context = manager.createContext(serverName, KERB_V5_OID, clientCred,GSSContext.DEFAULT_LIFETIME);
context.requestMutualAuth(true);
context.requestConf(false);
context.requestInteg(true);
boolean established = false;
byte[] outToken = null;
byte[] inToken = new byte[0];
// Loop while the context is still not established
while (!established) {
outToken = context.initSecContext(inToken, 0, 0);
if (!context.isEstablished()) {
//System.out.println(Base64.getEncoder().encode(outToken));
System.out.println(Base64.getEncoder().encodeToString(outToken));
established = true;
}
}
context.dispose();
} catch (final GSSException ex) {
throw new Error(ex);
}
question from:
https://stackoverflow.com/questions/65854595/kerberos-token-using-java-gss-api-which-is-equivalent-to-token-created-while-sin 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
