22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.security.sasl.gsskerb;
27
28 import javax.security.sasl.*;
29 import java.io.*;
30 import java.util.Map;
31 import java.util.logging.Logger;
32 import java.util.logging.Level;
33
34 // JAAS
35 import javax.security.auth.callback.*;
36
37 // JGSS
38 import org.ietf.jgss.*;
39
40 /**
41 * Implements the GSSAPI SASL server mechanism for Kerberos V5.
42 * (<A HREF="ftp://ftp.isi.edu/in-notes/rfc2222.txt">RFC 2222</A>,
43 * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-00.txt">draft-ietf-cat-sasl-gssapi-00.txt</a>).
44 *
45 * Expects thread's Subject to contain server's Kerberos credentials
46 * - If not, underlying KRB5 mech will attempt to acquire Kerberos creds
47 * by logging into Kerberos (via default TextCallbackHandler).
48 * - These creds will be used for exchange with client.
49 *
50 * Required callbacks:
51 * - AuthorizeCallback
52 * handler must verify that authid/authzids are allowed and set
53 * authorized ID to be the canonicalized authzid (if applicable).
54 *
55 * Environment properties that affect behavior of implementation:
56 *
57 * javax.security.sasl.qop
58 * - quality of protection; list of auth, auth-int, auth-conf; default is "auth"
59 * javax.security.sasl.maxbuf
60 * - max receive buffer size; default is 65536
61 * javax.security.sasl.sendmaxbuffer
62 * - max send buffer size; default is 65536; (min with client max recv size)
|
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package com.sun.security.sasl.gsskerb;
27
28 import javax.security.sasl.*;
29 import java.io.*;
30 import java.util.Map;
31 import java.util.logging.Logger;
32 import java.util.logging.Level;
33
34 // JAAS
35 import javax.security.auth.callback.*;
36
37 // JGSS
38 import org.ietf.jgss.*;
39
40 /**
41 * Implements the GSSAPI SASL server mechanism for Kerberos V5.
42 * (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>,
43 * <a HREF="http://www.ietf.org/internet-drafts/draft-ietf-cat-sasl-gssapi-00.txt">draft-ietf-cat-sasl-gssapi-00.txt</a>).
44 *
45 * Expects thread's Subject to contain server's Kerberos credentials
46 * - If not, underlying KRB5 mech will attempt to acquire Kerberos creds
47 * by logging into Kerberos (via default TextCallbackHandler).
48 * - These creds will be used for exchange with client.
49 *
50 * Required callbacks:
51 * - AuthorizeCallback
52 * handler must verify that authid/authzids are allowed and set
53 * authorized ID to be the canonicalized authzid (if applicable).
54 *
55 * Environment properties that affect behavior of implementation:
56 *
57 * javax.security.sasl.qop
58 * - quality of protection; list of auth, auth-int, auth-conf; default is "auth"
59 * javax.security.sasl.maxbuf
60 * - max receive buffer size; default is 65536
61 * javax.security.sasl.sendmaxbuffer
62 * - max send buffer size; default is 65536; (min with client max recv size)
|