Class: WinRM::HTTP::HttpGSSAPI

Inherits:
HttpTransport show all
Defined in:
lib/winrm/http/transport.rb

Overview

Uses Kerberos/GSSAPI to authenticate and encrypt messages

Instance Attribute Summary

Attributes inherited from HttpTransport

#endpoint

Instance Method Summary collapse

Methods inherited from HttpTransport

#basic_auth_only!, #no_ssl_peer_verification!, #no_sspi_auth!

Constructor Details

#initialize(endpoint, realm, service = nil, keytab = nil, opts) ⇒ HttpGSSAPI 



100
101
102
103
104
105
106
107
108
 
# File 'lib/winrm/http/transport.rb', line 100

def initialize(endpoint, realm, service = nil, keytab = nil, opts)
  super(endpoint)
  # Remove the GSSAPI auth from HTTPClient because we are doing our own thing
  auths = @httpcli.www_auth.instance_variable_get('@authenticator')
  auths.delete_if {|i| i.is_a?(HTTPClient::SSPINegotiateAuth)}
  service ||= 'HTTP'
  @service = "#{service}/#{@endpoint.host}@#{realm}"
  init_krb
end

Instance Method Details

#send_request(msg) ⇒ Object 



114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
 
# File 'lib/winrm/http/transport.rb', line 114

def send_request(msg)
  original_length = msg.length
  pad_len, emsg = winrm_encrypt(msg)
  hdr = {
    "Connection" => "Keep-Alive",
    "Content-Type" => "multipart/encrypted;protocol=\"application/HTTP-Kerberos-session-encrypted\";boundary=\"Encrypted Boundary\""
  }

  body = "--Encrypted Boundary\\r\nContent-Type: application/HTTP-Kerberos-session-encrypted\\r\nOriginalContent: type=application/soap+xml;charset=UTF-8;Length=\#{original_length + pad_len}\\r\n--Encrypted Boundary\\r\nContent-Type: application/octet-stream\\r\n\#{emsg}--Encrypted Boundary\\r\n  EOF\n\n  r = @httpcli.post(@endpoint, body, hdr)\n\n  winrm_decrypt(r.http_body.content)\nend\n"

#set_auth(user, pass) ⇒ Object 



110
111
112
 
# File 'lib/winrm/http/transport.rb', line 110

def set_auth(user,pass)
  # raise Error
end