Implementing the DB2GSSPluginClient class
- Last Updated: August 25, 2021
- 2 minute read
- DataDirect Connectors
- JDBC
- IBM Db2 5.1
- MySQL 5.1
- Progress OpenEdge 5.1
- SAP Sybase 5.1
- Documentation
To implement the GSS plug-in, you need to write a GSS-API plug-in class
that extends the abstract com.ddtek.jdbc.db2.gssplugin.DB2GSSPluginClient class provided by the driver.
Then you need to provide an instance of that class as a value for the GSSPluginObject
property. The source code for the abstract class com.ddtek.jdbc.db2.gssplugin.DB2GSSPluginClient is shown in the following
example.
package com.ddtek.jdbc.db2.gssplugin;
import java.sql.SQLException;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
// The following code creates an abstract class for plugin client authentication
// implementation. The client application must extend this class and provide
// implementation for the getTicket() method. With pluginSecurity authenticationMethod,
// the driver calls the getTicket method during login packet communication
// and sends the generated GSS ticket to the DBMS.
public abstract class DB2GSSPluginClient
{
protected GSSContext gssContext;
protected String serverPrincipalName;
protected GSSCredential gssCredential;
// The following method establishes the security context between the driver and the DBMS.
// The driver calls this method to obtain a GSS token from the client security
// implementation for the username/password pair. The GSS token received is sent to
// the DBMS. The first call to the method should specify null. Subsequent calls must
// specify the token obtained from the DBMS.
// @param userid - user Id for database authentication. The value can be null.
// @param password - password for database authentication. The value can be null.
// @param serverToken - The token obtained from the DBMS. The value is null.
// @throws SQLException - Exception occurred during GSS token generation wrapped
// within SQLException object.
// @return byte[] - The GSS token obtained from the client security implementation
// that is sent to the DBMS.
public abstract byte[] getTicket(String userid,String password,byte[] serverToken)
throws SQLException;
// The following code releases any system resources and cryptographic information
// stored in the context object and invalidates the context.
public void cleanup() throws GSSException
{
if (gssCredential != null)
gssCredential.dispose();
if (gssContext != null)
gssContext.dispose();
}
// Getter for gssContext
public GSSContext getGssContext()
{
return gssContext;
}
// Setter for gssContext
public void setGssContext(GSSContext gssContext)
{
this.gssContext = gssContext;
}
// Getter for serverPrincipalName
public String getServerPrincipalName()
{
return serverPrincipalName;
}
// Setter for serverPrincipalName
public void setServerPrincipalName(String serverPrincipalName)
{
this.serverPrincipalName = serverPrincipalName;
}
// Getter for gssCredential
public GSSCredential getGssCredential()
{
return gssCredential;
}
// Setter for gssCredential
public void setGssCredential(GSSCredential gssCredential)
{
this.gssCredential = gssCredential;
}
}