This package contains utility classes related to the Kerberos network authentication protocol. They do not provide much Kerberos support themselves.

The Kerberos network authentication protocol is defined in RFC 4120. The Java platform contains support for the client side of Kerberos via the org.ietf.jgss package. There might also be a login module that implements LoginModule to authenticate Kerberos principals.

You can provide the name of your default realm and Key Distribution Center (KDC) host for that realm using the system properties and Alternatively, you can provide an MIT style configuration file called krb5.conf in <java-home>/lib/security. If you place this file elsewhere, you can indicate that location via the system property


DelegationPermission This class is used to restrict the usage of the Kerberos delegation model, ie: forwardable and proxiable tickets. 
KerberosKey This class encapsulates a long term secret key for a Kerberos principal. 
KerberosPrincipal This class encapsulates a Kerberos principal. 
KerberosTicket This class encapsulates a Kerberos ticket and associated information as viewed from the client's point of view. 
ServicePermission This class is used to protect Kerberos services and the credentials necessary to access those services.