public class

GSSUtil

extends Object
java.lang.Object
   ↳ sun.security.jgss.GSSUtil

Class Overview

The GSSUtilImplementation that knows how to work with the internals of the GSS-API.

Summary

Constants
int CALLER_ACCEPT
int CALLER_HTTP_NEGOTIATE
int CALLER_INITIATE
int CALLER_SSL_CLIENT
int CALLER_SSL_SERVER
int CALLER_UNKNOWN
Fields
public static final Oid GSS_KRB5_MECH_OID
public static final Oid GSS_KRB5_MECH_OID2
public static final Oid GSS_SPNEGO_MECH_OID
public static final Oid NT_GSS_KRB5_PRINCIPAL
public static final Oid NT_HOSTBASED_SERVICE2
Public Constructors
GSSUtil()
Public Methods
static Oid createOid(String oidStr)
static String getMechStr(Oid oid)
static Subject getSubject(GSSName name, GSSCredential creds)
Note: The current impl only works with Sun's impl of GSSName and GSSCredential since it depends on package private APIs.
static boolean isKerberosMech(Oid oid)
static boolean isSpNegoMech(Oid oid)
static Subject login(int caller, Oid mech)
Authenticate using the login module from the specified configuration entry.
static Vector searchSubject(GSSNameSpi name, Oid mech, boolean initiate, Class credCls)
Searches the private credentials of current Subject with the specified criteria and returns the matching GSSCredentialSpi object out of Sun's impl of GSSCredential.
static boolean useMSInterop()
Determines the SPNEGO interoperability mode with Microsoft; by default it is set to true.
static boolean useSubjectCredsOnly(int caller)
Determines if the application doesn't mind if the mechanism obtains the required credentials from outside of the current Subject.
[Expand]
Inherited Methods
From class java.lang.Object

Constants

public static final int CALLER_ACCEPT

Constant Value: 2 (0x00000002)

public static final int CALLER_HTTP_NEGOTIATE

Constant Value: 5 (0x00000005)

public static final int CALLER_INITIATE

Constant Value: 1 (0x00000001)

public static final int CALLER_SSL_CLIENT

Constant Value: 3 (0x00000003)

public static final int CALLER_SSL_SERVER

Constant Value: 4 (0x00000004)

public static final int CALLER_UNKNOWN

Constant Value: -1 (0xffffffff)

Fields

public static final Oid GSS_KRB5_MECH_OID

public static final Oid GSS_KRB5_MECH_OID2

public static final Oid GSS_SPNEGO_MECH_OID

public static final Oid NT_GSS_KRB5_PRINCIPAL

public static final Oid NT_HOSTBASED_SERVICE2

Public Constructors

public GSSUtil ()

Public Methods

public static Oid createOid (String oidStr)

public static String getMechStr (Oid oid)

public static Subject getSubject (GSSName name, GSSCredential creds)

Note: The current impl only works with Sun's impl of GSSName and GSSCredential since it depends on package private APIs.

public static boolean isKerberosMech (Oid oid)

public static boolean isSpNegoMech (Oid oid)

public static Subject login (int caller, Oid mech)

Authenticate using the login module from the specified configuration entry.

Parameters
caller the caller of JAAS Login
mech the mech to be used
Returns
  • the authenticated subject

public static Vector searchSubject (GSSNameSpi name, Oid mech, boolean initiate, Class credCls)

Searches the private credentials of current Subject with the specified criteria and returns the matching GSSCredentialSpi object out of Sun's impl of GSSCredential. Returns null if no Subject present or a Vector which contains 0 or more matching GSSCredentialSpi objects.

public static boolean useMSInterop ()

Determines the SPNEGO interoperability mode with Microsoft; by default it is set to true. To disable it, the application indicates this by explicitly setting the system property sun.security.spnego.interop to false.

public static boolean useSubjectCredsOnly (int caller)

Determines if the application doesn't mind if the mechanism obtains the required credentials from outside of the current Subject. Our Kerberos v5 mechanism would do a JAAS login on behalf of the application if this were the case. The application indicates this by explicitly setting the system property javax.security.auth.useSubjectCredsOnly to false.