< prev index next >
src/jdk.security.jgss/share/classes/com/sun/security/sasl/gsskerb/GssKrb5Client.java
Print this page
@@ -33,10 +33,11 @@
// JAAS
import javax.security.auth.callback.CallbackHandler;
// JGSS
+import sun.security.jgss.krb5.internal.TlsChannelBindingImpl;
import org.ietf.jgss.*;
/**
* Implements the GSSAPI SASL client mechanism for Kerberos V5.
* (<A HREF="http://www.ietf.org/rfc/rfc2222.txt">RFC 2222</A>,
@@ -148,10 +149,18 @@
mutual = "true".equalsIgnoreCase(prop);
}
}
secCtx.requestMutualAuth(mutual);
+ if (props != null) {
+ // TLS Channel Binding
+ byte[] tlsCB = (byte[])props.get("jdk.internal.sasl.tlschannelbinding");
+ if (tlsCB != null) {
+ secCtx.setChannelBinding(new TlsChannelBindingImpl(tlsCB));
+ }
+ }
+
// Always specify potential need for integrity and confidentiality
// Decision will be made during final handshake
secCtx.requestConf(true);
secCtx.requestInteg(true);
< prev index next >