Class Overview
The GSSUtilImplementation that knows how to work with the internals of
the GSS-API.
Summary
Public Methods |
static
Oid
|
createOid(String oidStr)
|
static
String
|
getMechStr(Oid oid)
|
static
Subject
|
getSubject(GSSName name, GSSCredential creds)
Note: The current impl only works with Sun's impl of
GSSName and GSSCredential since it depends on package
private APIs.
|
static
boolean
|
isKerberosMech(Oid oid)
|
static
boolean
|
isSpNegoMech(Oid oid)
|
static
Subject
|
login(int caller, Oid mech)
Authenticate using the login module from the specified
configuration entry.
|
static
Vector
|
searchSubject(GSSNameSpi name, Oid mech, boolean initiate, Class credCls)
Searches the private credentials of current Subject with the
specified criteria and returns the matching GSSCredentialSpi
object out of Sun's impl of GSSCredential.
|
static
boolean
|
useMSInterop()
Determines the SPNEGO interoperability mode with Microsoft;
by default it is set to true.
|
static
boolean
|
useSubjectCredsOnly(int caller)
Determines if the application doesn't mind if the mechanism obtains
the required credentials from outside of the current Subject.
|
[Expand]
Inherited Methods |
From class
java.lang.Object
Object
|
clone()
Creates and returns a copy of this object.
|
boolean
|
equals(Object obj)
Indicates whether some other object is "equal to" this one.
|
void
|
finalize()
Called by the garbage collector on an object when garbage collection
determines that there are no more references to the object.
|
final
Class<?>
|
getClass()
Returns the runtime class of this Object .
|
int
|
hashCode()
Returns a hash code value for the object.
|
final
void
|
notify()
Wakes up a single thread that is waiting on this object's
monitor.
|
final
void
|
notifyAll()
Wakes up all threads that are waiting on this object's monitor.
|
String
|
toString()
Returns a string representation of the object.
|
final
void
|
wait()
Causes the current thread to wait until another thread invokes the
notify() method or the
notifyAll() method for this object.
|
final
void
|
wait(long timeout, int nanos)
Causes the current thread to wait until another thread invokes the
notify() method or the
notifyAll() method for this object, or
some other thread interrupts the current thread, or a certain
amount of real time has elapsed.
|
final
void
|
wait(long timeout)
Causes the current thread to wait until either another thread invokes the
notify() method or the
notifyAll() method for this object, or a
specified amount of time has elapsed.
|
|
Constants
public
static
final
int
CALLER_ACCEPT
Constant Value:
2
(0x00000002)
public
static
final
int
CALLER_HTTP_NEGOTIATE
Constant Value:
5
(0x00000005)
public
static
final
int
CALLER_INITIATE
Constant Value:
1
(0x00000001)
public
static
final
int
CALLER_SSL_CLIENT
Constant Value:
3
(0x00000003)
public
static
final
int
CALLER_SSL_SERVER
Constant Value:
4
(0x00000004)
public
static
final
int
CALLER_UNKNOWN
Constant Value:
-1
(0xffffffff)
Fields
public
static
final
Oid
GSS_KRB5_MECH_OID
public
static
final
Oid
GSS_KRB5_MECH_OID2
public
static
final
Oid
GSS_SPNEGO_MECH_OID
public
static
final
Oid
NT_GSS_KRB5_PRINCIPAL
public
static
final
Oid
NT_HOSTBASED_SERVICE2
Public Constructors
Public Methods
Note: The current impl only works with Sun's impl of
GSSName and GSSCredential since it depends on package
private APIs.
public
static
boolean
isKerberosMech
(Oid oid)
public
static
boolean
isSpNegoMech
(Oid oid)
public
static
Subject
login
(int caller, Oid mech)
Authenticate using the login module from the specified
configuration entry.
Parameters
caller
| the caller of JAAS Login |
mech
| the mech to be used |
Returns
- the authenticated subject
public
static
Vector
searchSubject
(GSSNameSpi name, Oid mech, boolean initiate, Class credCls)
Searches the private credentials of current Subject with the
specified criteria and returns the matching GSSCredentialSpi
object out of Sun's impl of GSSCredential. Returns null if
no Subject present or a Vector which contains 0 or more
matching GSSCredentialSpi objects.
public
static
boolean
useMSInterop
()
Determines the SPNEGO interoperability mode with Microsoft;
by default it is set to true.
To disable it, the application indicates this by explicitly setting
the system property sun.security.spnego.interop to false.
public
static
boolean
useSubjectCredsOnly
(int caller)
Determines if the application doesn't mind if the mechanism obtains
the required credentials from outside of the current Subject. Our
Kerberos v5 mechanism would do a JAAS login on behalf of the
application if this were the case.
The application indicates this by explicitly setting the system
property javax.security.auth.useSubjectCredsOnly to false.