1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20 package org.apache.directory.kerberos.credentials.cache;
21
22
23 import java.text.ParseException;
24
25 import org.apache.directory.kerberos.client.AbstractTicket;
26 import org.apache.directory.kerberos.client.TgTicket;
27 import org.apache.directory.shared.kerberos.KerberosTime;
28 import org.apache.directory.shared.kerberos.codec.types.PrincipalNameType;
29 import org.apache.directory.shared.kerberos.components.AuthorizationData;
30 import org.apache.directory.shared.kerberos.components.EncKdcRepPart;
31 import org.apache.directory.shared.kerberos.components.EncryptionKey;
32 import org.apache.directory.shared.kerberos.components.HostAddresses;
33 import org.apache.directory.shared.kerberos.components.PrincipalName;
34 import org.apache.directory.shared.kerberos.flags.TicketFlags;
35 import org.apache.directory.shared.kerberos.messages.Ticket;
36
37
38
39
40
41
42
43 public class Credentials
44 {
45
46 private PrincipalName clientName;
47 private String clientRealm;
48 private PrincipalName serverName;
49 private String serverRealm;
50 private EncryptionKey key;
51 private KerberosTime authTime;
52 private KerberosTime startTime;
53 private KerberosTime endTime;
54 private KerberosTime renewTill;
55 private HostAddresses clientAddresses;
56 private AuthorizationData authzData;
57 private boolean isEncInSKey;
58 private TicketFlags flags;
59 private Ticket ticket;
60 private Ticket secondTicket;
61
62
63 public Credentials(
64 PrincipalName cname,
65 PrincipalName sname,
66 EncryptionKey ekey,
67 KerberosTime authtime,
68 KerberosTime starttime,
69 KerberosTime endtime,
70 KerberosTime renewTill,
71 boolean isEncInSKey,
72 TicketFlags flags,
73 HostAddresses caddr,
74 AuthorizationData authData,
75 Ticket ticket,
76 Ticket secondTicket )
77 {
78 this.clientName = ( PrincipalName ) cname;
79
80 if ( cname.getRealm() != null )
81 {
82 clientRealm = cname.getRealm();
83 }
84
85 this.serverName = ( PrincipalName ) sname;
86
87 if ( sname.getRealm() != null )
88 {
89 serverRealm = sname.getRealm();
90 }
91
92 this.key = ekey;
93
94 this.authTime = authtime;
95 this.startTime = starttime;
96 this.endTime = endtime;
97 this.renewTill = renewTill;
98 this.clientAddresses = caddr;
99 this.authzData = authData;
100 this.isEncInSKey = isEncInSKey;
101 this.flags = flags;
102 this.ticket = ticket;
103 this.secondTicket = secondTicket;
104 }
105
106
107 public Credentials( TgTicket tgt )
108 {
109 PrincipalName clientPrincipal = null;
110 try
111 {
112 clientPrincipal = new PrincipalName( tgt.getClientName(),
113 PrincipalNameType.KRB_NT_PRINCIPAL );
114 }
115 catch ( ParseException e )
116 {
117 throw new RuntimeException( "Invalid tgt with bad client name" );
118 }
119
120 clientPrincipal.setRealm( tgt.getRealm() );
121
122 init( tgt, clientPrincipal );
123 }
124
125
126 public Credentials( AbstractTicket tkt, PrincipalName clientPrincipal )
127 {
128 init( tkt, clientPrincipal );
129 }
130
131
132 private void init( AbstractTicket tkt, PrincipalName clientPrincipal )
133 {
134 EncKdcRepPart kdcRepPart = tkt.getEncKdcRepPart();
135
136 this.serverName = kdcRepPart.getSName();
137 this.serverRealm = kdcRepPart.getSRealm();
138 this.serverName.setRealm( serverRealm );
139
140 this.clientName = clientPrincipal;
141
142 this.key = kdcRepPart.getKey();
143 this.authTime = kdcRepPart.getAuthTime();
144 this.startTime = kdcRepPart.getStartTime();
145 this.endTime = kdcRepPart.getEndTime();
146
147 this.renewTill = kdcRepPart.getRenewTill();
148
149 this.flags = kdcRepPart.getFlags();
150 this.clientAddresses = kdcRepPart.getClientAddresses();
151
152 this.ticket = tkt.getTicket();
153
154 this.isEncInSKey = false;
155
156 this.secondTicket = null;
157 }
158
159
160 public PrincipalName getServicePrincipal()
161 {
162 return serverName;
163 }
164
165
166 public KerberosTime getAuthTime()
167 {
168 return authTime;
169 }
170
171
172 public KerberosTime getEndTime()
173 {
174 return endTime;
175 }
176
177
178 public TicketFlags getTicketFlags()
179 {
180 return flags;
181 }
182
183
184 public int getEType()
185 {
186 return key.getKeyType().getValue();
187 }
188
189
190 public PrincipalName getClientName()
191 {
192 return clientName;
193 }
194
195
196 public PrincipalName getServerName()
197 {
198 return serverName;
199 }
200
201
202 public String getClientRealm()
203 {
204 return clientRealm;
205 }
206
207
208 public EncryptionKey getKey()
209 {
210 return key;
211 }
212
213
214 public KerberosTime getStartTime()
215 {
216 return startTime;
217 }
218
219
220 public KerberosTime getRenewTill()
221 {
222 return renewTill;
223 }
224
225
226 public HostAddresses getClientAddresses()
227 {
228 return clientAddresses;
229 }
230
231
232 public AuthorizationData getAuthzData()
233 {
234 return authzData;
235 }
236
237
238 public boolean isEncInSKey()
239 {
240 return isEncInSKey;
241 }
242
243
244 public TicketFlags getFlags()
245 {
246 return flags;
247 }
248
249
250 public Ticket getTicket()
251 {
252 return ticket;
253 }
254
255
256 public Ticket getSecondTicket()
257 {
258 return secondTicket;
259 }
260 }