1 /* 2 * Copyright (c) 2000, 2003, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.security.jgss; 27 28 import javax.security.auth.Subject; 29 import org.ietf.jgss.GSSName; 30 import org.ietf.jgss.GSSCredential; 31 32 /** 33 * GSS-API Utilities for using in conjunction with Sun Microsystem's 34 * implementation of Java GSS-API. 35 */ 36 public class GSSUtil { 37 38 /** 39 * Use this method to convert a GSSName and GSSCredential into a 40 * Subject. Typically this would be done by a server that wants to 41 * impersonate a client thread at the Java level by setting a client 42 * Subject in the current access control context. If the server is merely 43 * interested in using a principal based policy in its local JVM, then 44 * it only needs to provide the GSSName of the client. 45 * 46 * The elements from the GSSName are placed in the principals set of this 47 * Subject and those from the GSSCredential are placed in the private 48 * credentials set of the Subject. Any Kerberos specific elements that 49 * are added to the subject will be instances of the standard Kerberos 50 * implementation classes defined in javax.security.auth.kerberos. 51 * 52 * @return a Subject with the entries that contain elements from the 53 * given GSSName and GSSCredential. 54 * 55 * @param principals a GSSName containing one or more mechanism specific 56 * representations of the same entity. These mechanism specific 57 * representations will be populated in the returned Subject's principal 58 * set. 59 * 60 * @param credentials a GSSCredential containing one or more mechanism 61 * specific credentials for the same entity. These mechanism specific 62 * credentials will be populated in the returned Subject's private 63 * credential set. Passing in a value of null will imply that the private 64 * credential set should be left empty. 65 */ 66 public static Subject createSubject(GSSName principals, 67 GSSCredential credentials) { 68 69 return sun.security.jgss.GSSUtil.getSubject(principals, 70 credentials); 71 } 72 }