Package org.forgerock.openig.assertion.plugin.kerberos

Class KeytabServiceLogin

java.lang.Object

org.forgerock.openig.assertion.plugin.kerberos.KeytabServiceLogin

All Implemented Interfaces:

ServiceLogin

public final class KeytabServiceLogin
extends Object

Provides support for a service login using a Keytab file.

 {
      "type": "KeytabServiceLogin",
      "config": {
          "username"          : expression                      [REQUIRED - The service username.]
          "keytabFile"        : expression                      [REQUIRED - The path of the keytab file to be used,
                                                                             along with the username, for the service
                                                                            login.]
          "executor"          : ScheduledExecutorService        [OPTIONAL - The executor to use when doing a keytab
                                                                            service login as it makes network
                                                                            calls to the KDC which can block the
                                                                            Vert.x event thread.
                                                                            Defaults to the one present in the heap.]
      }
    }
 
 

Example usage:

 {
         "type": "KeytabServiceLogin",
         "config": {
             "username": "igsu",
             "keytabFile": "/path/of/the/keytab.file"
         }
     }
 
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	KeytabServiceLogin.Heaplet	Creates and initializes a KeytabServiceLogin in a heap environment.

Field Summary

Fields inherited from interface org.forgerock.openig.assertion.plugin.kerberos.ServiceLogin

KRB_LOGIN_MODULE

Method Summary

Modifier and Type	Method	Description
Promise<Subject,IdentityAssertionPluginException>	login()	Return a Promise representing a service Subject that can be used to validate a user's Kerberos token.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

login

public Promise<Subject,IdentityAssertionPluginException> login()

Description copied from interface: ServiceLogin

Return a Promise representing a service Subject that can be used to validate a user's Kerberos token.

Specified by:

login in interface ServiceLogin

Returns:

a Promise representing a service Subject that can be used to validate a user's Kerberos token.