src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java

Print this page 







  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.security.sasl.gsskerb;
  27 
  28 import java.io.IOException;
  29 import java.util.Map;
  30 import java.util.logging.Logger;
  31 import java.util.logging.Level;
  32 import javax.security.sasl.*;
  33 
  34 // JAAS
  35 import javax.security.auth.callback.CallbackHandler;
  36 
  37 // JGSS
  38 import org.ietf.jgss.*;
  39 
  40 /**
  41   * Implements the GSSAPI SASL client mechanism for Kerberos V5.
  42   * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>,
  43   * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-04.txt">draft-ietf-cat-sasl-gssapi-04.txt</a>).
  44   * It uses the Java Bindings for GSSAPI
  45   * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2853.txt">RFC 2853</A>)
  46   * for getting GSSAPI/Kerberos V5 support.
  47   *
  48   * The client/server interactions are:
  49   * C0: bind (GSSAPI, initial response)
  50   * S0: sasl-bind-in-progress, challenge 1 (output of accept_sec_context or [])
  51   * C1: bind (GSSAPI, response 1 (output of init_sec_context or []))
  52   * S1: sasl-bind-in-progress challenge 2 (security layer, server max recv size)
  53   * C2: bind (GSSAPI, response 2 (security layer, client max recv size, authzid))
  54   * S2: bind success response
  55   *
  56   * Expects the client's credentials to be supplied from the
  57   * javax.security.sasl.credentials property or from the thread's Subject.
  58   * Otherwise the underlying KRB5 mech will attempt to acquire Kerberos creds
  59   * by logging into Kerberos (via default TextCallbackHandler).
  60   * These creds will be used for exchange with server.
  61   *
  62   * Required callbacks: none.
  63   *
  64   * Environment properties that affect behavior of implementation:
  65   *






  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.security.sasl.gsskerb;
  27 
  28 import java.io.IOException;
  29 import java.util.Map;
  30 import java.util.logging.Logger;
  31 import java.util.logging.Level;
  32 import javax.security.sasl.*;
  33 
  34 // JAAS
  35 import javax.security.auth.callback.CallbackHandler;
  36 
  37 // JGSS
  38 import org.ietf.jgss.*;
  39 
  40 /**
  41   * Implements the GSSAPI SASL client mechanism for Kerberos V5.
  42   * (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>,
  43   * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-04.txt">draft-ietf-cat-sasl-gssapi-04.txt</a>).
  44   * It uses the Java Bindings for GSSAPI
  45   * (<A HREF="http://www.ietf.org/rfc/rfc2853.txt">RFC 2853</A>)
  46   * for getting GSSAPI/Kerberos V5 support.
  47   *
  48   * The client/server interactions are:
  49   * C0: bind (GSSAPI, initial response)
  50   * S0: sasl-bind-in-progress, challenge 1 (output of accept_sec_context or [])
  51   * C1: bind (GSSAPI, response 1 (output of init_sec_context or []))
  52   * S1: sasl-bind-in-progress challenge 2 (security layer, server max recv size)
  53   * C2: bind (GSSAPI, response 2 (security layer, client max recv size, authzid))
  54   * S2: bind success response
  55   *
  56   * Expects the client's credentials to be supplied from the
  57   * javax.security.sasl.credentials property or from the thread's Subject.
  58   * Otherwise the underlying KRB5 mech will attempt to acquire Kerberos creds
  59   * by logging into Kerberos (via default TextCallbackHandler).
  60   * These creds will be used for exchange with server.
  61   *
  62   * Required callbacks: none.
  63   *
  64   * Environment properties that affect behavior of implementation:
  65   *