Package org.keycloak.common.constants

Class KerberosConstants

java.lang.Object
org.keycloak.common.constants.KerberosConstants
public class KerberosConstants extends Object
Author:
Marek Posolda

  • Field Details

    • NEGOTIATE

      public static final String NEGOTIATE
      Value of HTTP Headers "WWW-Authenticate" or "Authorization" used for SPNEGO/Kerberos
      See Also:

    • SPNEGO_OID

      public static final Oid SPNEGO_OID

    • KRB5_OID

      public static final Oid KRB5_OID

    • KRB5_NAME_OID

      public static final Oid KRB5_NAME_OID

    • ALLOW_KERBEROS_AUTHENTICATION

      public static final String ALLOW_KERBEROS_AUTHENTICATION
      Configuration federation provider model attributes.
      See Also:

    • KERBEROS_REALM

      public static final String KERBEROS_REALM
      See Also:

    • SERVER_PRINCIPAL

      public static final String SERVER_PRINCIPAL
      See Also:

    • KEYTAB

      public static final String KEYTAB
      See Also:

    • DEBUG

      public static final String DEBUG
      See Also:

    • KERBEROS_PRINCIPAL_ATTRIBUTE

      public static final String KERBEROS_PRINCIPAL_ATTRIBUTE
      See Also:

    • KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_KRB5_PRINCIPAL_NAME

      public static final String KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_KRB5_PRINCIPAL_NAME
      See Also:

    • KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_KRB_PRINCIPAL_NAME

      public static final String KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_KRB_PRINCIPAL_NAME
      See Also:

    • KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_USER_PRINCIPAL_NAME

      public static final String KERBEROS_PRINCIPAL_LDAP_ATTRIBUTE_USER_PRINCIPAL_NAME
      See Also:

    • ALLOW_PASSWORD_AUTHENTICATION

      public static final String ALLOW_PASSWORD_AUTHENTICATION
      See Also:

    • UPDATE_PROFILE_FIRST_LOGIN

      public static final String UPDATE_PROFILE_FIRST_LOGIN
      See Also:

    • USE_KERBEROS_FOR_PASSWORD_AUTHENTICATION

      public static final String USE_KERBEROS_FOR_PASSWORD_AUTHENTICATION
      See Also:

    • RESPONSE_TOKEN

      public static final String RESPONSE_TOKEN
      Internal attribute used in "state" map . Contains token to be passed in HTTP Response back to browser to continue handshake
      See Also:

    • GSS_DELEGATION_CREDENTIAL

      public static final String GSS_DELEGATION_CREDENTIAL
      Internal attribute used in "userSession.note" map and in accessToken claims . Contains credential from SPNEGO/Kerberos successful authentication
      See Also:

    • GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME

      public static final String GSS_DELEGATION_CREDENTIAL_DISPLAY_NAME
      Display name for the above in admin console and consent screens
      See Also:

    • AUTHENTICATED_SPNEGO_CONTEXT

      public static final String AUTHENTICATED_SPNEGO_CONTEXT
      Attribute attached to the credential, which contains authenticated SPNEGO context. This is used in case that some LDAP/Kerberos provider was able to authenticate user via SPNEGO, but wasn't able to lookup it in his LDAP tree. In this case, LDAP lookup might be performed by other providers in the chain.
      See Also:

    • KERBEROS_PRINCIPAL

      public static final String KERBEROS_PRINCIPAL
      See Also:

  • Constructor Details

    • KerberosConstants

      public KerberosConstants()