private void authenticateToKDC( GSSAPICallbackHandler callbackHandler, UserDomainInfo userDomainInfo) throws EngineDirectoryServiceException { try { loginContext = new LoginContext(LOGIN_MODULE_POLICY_NAME, callbackHandler); loginContext.login(); userDomainInfo.setLoginContext(loginContext); if (log.isDebugEnabled()) { log.debug("Successful login for user " + userName); } } catch (LoginException ex) { // JAAS throws login exception due to various reasons. // We check if the login exception matches a case where the user // provided wrong authentication details, or // if there was another error - in case the user provided wrong // authentication details, we will abort the kdc search loginContext = null; KerberosReturnCodeParser parser = new KerberosReturnCodeParser(); AuthenticationResult result = parser.parse(ex.getMessage()); if (result == AuthenticationResult.OTHER || result == null) { // An error our error parser does not recognize log.error("Error from Kerberos: " + ex.getMessage()); } else { StringBuilder error = new StringBuilder(); error.append(result.getDetailedMessage()); log.error(error.toString()); } throw new EngineDirectoryServiceException(result); } }
public void authenticate() throws EngineDirectoryServiceException { UsersDomainsCacheManager usersDomainsCacheManager = UsersDomainsCacheManagerService.getInstance(); UserDomainInfo userDomainInfo = usersDomainsCacheManager.associateUserWithDomain(this.userName, this.realm.toLowerCase()); loginContext = null; synchronized (userDomainInfo) { // In case authentication is performed in an implicit way (as a // result of internal command) try and get // login context from cache if (!explicitAuth) { loginContext = userDomainInfo.getLoginContext(); } if (!validLoginContext()) { explicitAuth(userDomainInfo); } } }