1 /*
   2  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package sun.security.ssl;
  27 
  28 import java.security.AccessControlContext;
  29 import java.security.Permission;
  30 import java.security.Principal;
  31 import javax.crypto.SecretKey;
  32 import javax.security.auth.Subject;
  33 import javax.security.auth.login.LoginException;
  34 
  35 /**
  36  * An interface to a subset of the Kerberos APIs to avoid a static dependency
  37  * on the types defined by these APIs.
  38  */
  39 public interface Krb5Proxy {
  40 
  41     /**
  42      * Returns the Subject associated with the client-side of the SSL socket.
  43      */
  44     Subject getClientSubject(AccessControlContext acc) throws LoginException;
  45 
  46     /**
  47      * Returns the Subject associated with the server-side of the SSL socket.
  48      */
  49     Subject getServerSubject(AccessControlContext acc) throws LoginException;
  50 
  51 
  52     /**
  53      * Returns the KerberosKeys for the default server-side principal.
  54      */
  55     SecretKey[] getServerKeys(AccessControlContext acc) throws LoginException;
  56 
  57     /**
  58      * Returns the server-side principal name associated with the KerberosKey.
  59      */
  60     String getServerPrincipalName(SecretKey kerberosKey);
  61 
  62     /**
  63      * Returns the hostname embedded in the principal name.
  64      */
  65     String getPrincipalHostName(Principal principal);
  66 
  67     /**
  68      * Returns a ServicePermission for the principal name and action.
  69      */
  70     Permission getServicePermission(String principalName, String action);
  71 }