java jboss active-directory kerberos spnego

Decrypt kerberos ticket using Spnego

I'm using spnego ( http://spnego.sourceforge.net ) for kerberos authentication under JBoss.

I need to decrypt kerberos ticket to access the authorization-data which will containt PAC data. The PAC data is needed to decide which roles are to be granted to user.

How to access and decrypt kerberos ticket? I've searched net for examples, but without effort.

Solution

These guys have a full PAC decoding implementation:

http://jaaslounge.sourceforge.net/

You can use the token parser like this:

HttpServletRequest request = (HttpServletRequest) req;
String header = request.getHeader("Authorization");
byte[] base64Token = header.substring(10).getBytes("UTF-8");
byte[] spnegoHeader = Base64.decode(base64Token);

SpnegoInitToken spnegoToken = new SpnegoInitToken(spnegoHeader);

You're going to need to jump though some hoops if you want to decrypt the underlying Kerberos ticket. Not sure if you need that.

Grant

View's getWidth() and getHeight() returns 0
How to set theme to ProgressDialog?
How can I decrement an int column of an SQLite table
What is the latest version of opensaml?
Return only the unique values from collection, removing all occurrences of duplicates
The supplied javaHome seems to be invalid. I cannot find the java executable. Tried location: C:\Program Files\Java\jdk-17\bin\java.exe
Java swing - Processing simultaneous key presses with key bindings
In an array of arraylists, get the largest arraylist
Howto generate classes from WSDL and XSD with gradle, equivalent to maven-jaxb2-plugin
Java HTTP DELETE with Request Body
Cant compile spring boot on java 1.8
how to get specific data from the sentence
gson JsonSyntaxException to Java Date from .net DateTime
Spring Boot Controller not mapping
Karatsuba multiplication optimization on byte array
Is there any perofrmance difference between using TimeUnit.SECOND and TimeUnit.MILISECONDS when scheduling via ScheduledExecutorsService?
io.jsonwebtoken.UnsupportedJwtException: Signed Claims JWSs are not supported
@RefreshScope seems to ignore Mockito's mocks
How to find which library slf4j has bound itself to?
I can't generate a signed apk / abb file from my android studio
How to override generic method in subclass java
How spring boot create jar file in target without having plugin in pom
How to show all parents and subclasses of a class in IntelliJ IDEA?
Hibernate failing to insert parent of ManyToMany relationship when it contains a child not currently in the join table
Intellij 2023 IDE: Always show the Menu Bar at top
@GrpcClient is null spring boot 3
How to negate a method reference predicate
Does Java ConcurrentHashMap computeIfAbsent() method support key-based "locking"?
JFreeChart PolarPlot: mathematical orientation
JDBI -> Reading MySql DATETIME into the java.sql.Date or similiar