22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.security.sasl.gsskerb; 27 28 import java.io.IOException; 29 import java.util.Map; 30 import java.util.logging.Logger; 31 import java.util.logging.Level; 32 import javax.security.sasl.*; 33 34 // JAAS 35 import javax.security.auth.callback.CallbackHandler; 36 37 // JGSS 38 import org.ietf.jgss.*; 39 40 /** 41 * Implements the GSSAPI SASL client mechanism for Kerberos V5. 42 * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>, 43 * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-04.txt">draft-ietf-cat-sasl-gssapi-04.txt</a>). 44 * It uses the Java Bindings for GSSAPI 45 * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2853.txt">RFC 2853</A>) 46 * for getting GSSAPI/Kerberos V5 support. 47 * 48 * The client/server interactions are: 49 * C0: bind (GSSAPI, initial response) 50 * S0: sasl-bind-in-progress, challenge 1 (output of accept_sec_context or []) 51 * C1: bind (GSSAPI, response 1 (output of init_sec_context or [])) 52 * S1: sasl-bind-in-progress challenge 2 (security layer, server max recv size) 53 * C2: bind (GSSAPI, response 2 (security layer, client max recv size, authzid)) 54 * S2: bind success response 55 * 56 * Expects the client's credentials to be supplied from the 57 * javax.security.sasl.credentials property or from the thread's Subject. 58 * Otherwise the underlying KRB5 mech will attempt to acquire Kerberos creds 59 * by logging into Kerberos (via default TextCallbackHandler). 60 * These creds will be used for exchange with server. 61 * 62 * Required callbacks: none. 63 * 64 * Environment properties that affect behavior of implementation: 65 * | 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.security.sasl.gsskerb; 27 28 import java.io.IOException; 29 import java.util.Map; 30 import java.util.logging.Logger; 31 import java.util.logging.Level; 32 import javax.security.sasl.*; 33 34 // JAAS 35 import javax.security.auth.callback.CallbackHandler; 36 37 // JGSS 38 import org.ietf.jgss.*; 39 40 /** 41 * Implements the GSSAPI SASL client mechanism for Kerberos V5. 42 * (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>, 43 * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-04.txt">draft-ietf-cat-sasl-gssapi-04.txt</a>). 44 * It uses the Java Bindings for GSSAPI 45 * (<A HREF="http://www.ietf.org/rfc/rfc2853.txt">RFC 2853</A>) 46 * for getting GSSAPI/Kerberos V5 support. 47 * 48 * The client/server interactions are: 49 * C0: bind (GSSAPI, initial response) 50 * S0: sasl-bind-in-progress, challenge 1 (output of accept_sec_context or []) 51 * C1: bind (GSSAPI, response 1 (output of init_sec_context or [])) 52 * S1: sasl-bind-in-progress challenge 2 (security layer, server max recv size) 53 * C2: bind (GSSAPI, response 2 (security layer, client max recv size, authzid)) 54 * S2: bind success response 55 * 56 * Expects the client's credentials to be supplied from the 57 * javax.security.sasl.credentials property or from the thread's Subject. 58 * Otherwise the underlying KRB5 mech will attempt to acquire Kerberos creds 59 * by logging into Kerberos (via default TextCallbackHandler). 60 * These creds will be used for exchange with server. 61 * 62 * Required callbacks: none. 63 * 64 * Environment properties that affect behavior of implementation: 65 * |