Package org.postgresql.sspi

Class SSPIClient

java.lang.Object
org.postgresql.sspi.SSPIClient
All Implemented Interfaces:
ISSPIClient
public class SSPIClient extends Object implements ISSPIClient

Use Waffle-JNI to support SSPI authentication when PgJDBC is running on a Windows client and talking to a Windows server.

SSPI is not supported on a non-Windows client.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    SSPI_DEFAULT_SPN_SERVICE_CLASS
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    SSPIClient(PGStream pgStream, String spnServiceClass, boolean enableNegotiate)
    Instantiate an SSPIClient for authentication of a connection.

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    continueSSPI(int msgLength)
    Continue an existing authentication conversation with the back-end in response to an authentication request of type AUTH_REQ_GSS_CONT.
    void
    dispose()
    Clean up native win32 resources after completion or failure of SSPI authentication.
    boolean
    isSSPISupported()
    Test whether we can attempt SSPI authentication.
    void
    startSSPI()
    Respond to an authentication request from the back-end for SSPI authentication (AUTH_REQ_SSPI).

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • SSPIClient

      public SSPIClient(PGStream pgStream, String spnServiceClass, boolean enableNegotiate)

      Instantiate an SSPIClient for authentication of a connection.

      SSPIClient is not re-usable across connections.

      It is safe to instantiate SSPIClient even if Waffle and JNA are missing or on non-Windows platforms, however you may not call any methods other than isSSPISupported().

      Parameters:
      pgStream - PostgreSQL connection stream
      spnServiceClass - SSPI SPN service class, defaults to POSTGRES if null
      enableNegotiate - enable negotiate

  • Method Details

    • isSSPISupported

      public boolean isSSPISupported()
      Test whether we can attempt SSPI authentication. If false, do not attempt to call any other SSPIClient methods.
      Specified by:
      isSSPISupported in interface ISSPIClient
      Returns:
      true if it's safe to attempt SSPI authentication

    • startSSPI

      public void startSSPI() throws SQLException, IOException
      Respond to an authentication request from the back-end for SSPI authentication (AUTH_REQ_SSPI).
      Specified by:
      startSSPI in interface ISSPIClient
      Throws:
      SQLException - on SSPI authentication handshake failure
      IOException - on network I/O issues

    • continueSSPI

      public void continueSSPI(int msgLength) throws SQLException, IOException
      Continue an existing authentication conversation with the back-end in response to an authentication request of type AUTH_REQ_GSS_CONT.
      Specified by:
      continueSSPI in interface ISSPIClient
      Parameters:
      msgLength - Length of message to read, excluding length word and message type word
      Throws:
      SQLException - if something wrong happens
      IOException - if something wrong happens

    • dispose

      public void dispose()
      Clean up native win32 resources after completion or failure of SSPI authentication. This SSPIClient instance becomes unusable after disposal.
      Specified by:
      dispose in interface ISSPIClient