Class LocalKerberosCredentialSource

  • All Implemented Interfaces:
    CredentialSource

    @Deprecated
    public class LocalKerberosCredentialSource
    extends Object
    implements CredentialSource
    Deprecated.
    Kerberos based authentication mechanism obtains credential himself, see LocalKerberosCredentialSource to use with the new wildfly-elytron-credential-source-impl module
    A credential source which acquires a credential from local kerberos ticket cache. Provides GSSCredential visible in klist command output etc. Successful obtaining from cache requires set system property javax.security.auth.useSubjectCredsOnly to false.
    Author:
    Jan Kalina
    • Field Detail

      • mechanismOids

        private final Oid[] mechanismOids
        Deprecated.
    • Constructor Detail

      • LocalKerberosCredentialSource

        LocalKerberosCredentialSource​(Oid[] mechanismOids)
        Deprecated.
    • Method Detail

      • getCredentialAcquireSupport

        public SupportLevel getCredentialAcquireSupport​(Class<? extends Credential> credentialType,
                                                        String algorithmName,
                                                        AlgorithmParameterSpec parameterSpec)
                                                 throws IOException
        Deprecated.
        Description copied from interface: CredentialSource
        Determine whether a given credential is definitely obtainable, possibly obtainable, or definitely not obtainable.
        Specified by:
        getCredentialAcquireSupport in interface CredentialSource
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the level of support for this credential type (not null)
        Throws:
        IOException - if the credential source failed to determine the support level
      • getCredential

        public <C extends Credential> C getCredential​(Class<C> credentialType,
                                                      String algorithmName,
                                                      AlgorithmParameterSpec parameterSpec)
                                               throws IOException
        Deprecated.
        Description copied from interface: CredentialSource
        Acquire a credential of the given type. The credential type is defined by its Class and an optional algorithmName. If the algorithm name is not given, then the query is performed for any algorithm of the given type.
        Specified by:
        getCredential in interface CredentialSource
        Type Parameters:
        C - the credential type
        Parameters:
        credentialType - the credential type class (must not be null)
        algorithmName - the algorithm name, or null if any algorithm is acceptable or the credential type does not support algorithm names
        parameterSpec - the algorithm parameters to match, or null if any parameters are acceptable or the credential type does not support algorithm parameters
        Returns:
        the credential, or null if the principal has no credential of that type
        Throws:
        IOException - if the realm is not able to handle requests for any reason