src/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Server.java

Print this page 







  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.security.sasl.gsskerb;
  27 
  28 import javax.security.sasl.*;
  29 import java.io.*;
  30 import java.util.Map;
  31 import java.util.logging.Logger;
  32 import java.util.logging.Level;
  33 
  34 // JAAS
  35 import javax.security.auth.callback.*;
  36 
  37 // JGSS
  38 import org.ietf.jgss.*;
  39 
  40 /**
  41   * Implements the GSSAPI SASL server mechanism for Kerberos V5.
  42   * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>,
  43   * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-00.txt">draft-ietf-cat-sasl-gssapi-00.txt</a>).
  44   *
  45   * Expects thread's Subject to contain server's Kerberos credentials
  46   * - If not, underlying KRB5 mech will attempt to acquire Kerberos creds
  47   *   by logging into Kerberos (via default TextCallbackHandler).
  48   * - These creds will be used for exchange with client.
  49   *
  50   * Required callbacks:
  51   * - AuthorizeCallback
  52   *      handler must verify that authid/authzids are allowed and set
  53   *      authorized ID to be the canonicalized authzid (if applicable).
  54   *
  55   * Environment properties that affect behavior of implementation:
  56   *
  57   * javax.security.sasl.qop
  58   * - quality of protection; list of auth, auth-int, auth-conf; default is "auth"
  59   * javax.security.sasl.maxbuf
  60   * - max receive buffer size; default is 65536
  61   * javax.security.sasl.sendmaxbuffer
  62   * - max send buffer size; default is 65536; (min with client max recv size)






  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package com.sun.security.sasl.gsskerb;
  27 
  28 import javax.security.sasl.*;
  29 import java.io.*;
  30 import java.util.Map;
  31 import java.util.logging.Logger;
  32 import java.util.logging.Level;
  33 
  34 // JAAS
  35 import javax.security.auth.callback.*;
  36 
  37 // JGSS
  38 import org.ietf.jgss.*;
  39 
  40 /**
  41   * Implements the GSSAPI SASL server mechanism for Kerberos V5.
  42   * (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>,
  43   * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-00.txt">draft-ietf-cat-sasl-gssapi-00.txt</a>).
  44   *
  45   * Expects thread's Subject to contain server's Kerberos credentials
  46   * - If not, underlying KRB5 mech will attempt to acquire Kerberos creds
  47   *   by logging into Kerberos (via default TextCallbackHandler).
  48   * - These creds will be used for exchange with client.
  49   *
  50   * Required callbacks:
  51   * - AuthorizeCallback
  52   *      handler must verify that authid/authzids are allowed and set
  53   *      authorized ID to be the canonicalized authzid (if applicable).
  54   *
  55   * Environment properties that affect behavior of implementation:
  56   *
  57   * javax.security.sasl.qop
  58   * - quality of protection; list of auth, auth-int, auth-conf; default is "auth"
  59   * javax.security.sasl.maxbuf
  60   * - max receive buffer size; default is 65536
  61   * javax.security.sasl.sendmaxbuffer
  62   * - max send buffer size; default is 65536; (min with client max recv size)