Krb5Util (CXF Utils 2.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

sun.security.mule.jgss.krb5
Class Krb5Util

java.lang.Object
  sun.security.mule.jgss.krb5.Krb5Util

public class Krb5Util
extends Object
extends Object

Utilities for obtaining and converting Kerberos tickets.

Method Summary
`static KerberosTicket`	`credsToTicket(Credentials serviceCreds)`
`static KerberosKey[]`	`getKeys(int caller, String serverPrincipal, AccessControlContext acc)` Retrieves the keys for the specified server principal from the Subject in the specified AccessControlContext.
`static Subject`	`getSubject(int caller, AccessControlContext acc)` Retrieves the caller's Subject, or Subject obtained by logging in via the specified caller.
`static KerberosTicket`	`getTicketFromSubjectAndTgs(int caller, String clientPrincipal, String serverPrincipal, String tgsPrincipal, AccessControlContext acc, Config kerberosConfig)` Retrieve the service ticket for serverPrincipal from caller's Subject or from Subject obtained by logging in, or if not found, via the Ticket Granting Service using the TGT obtained from the Subject.
`static Credentials`	`ticketToCreds(KerberosTicket kerbTicket, Config kerberosConfig)`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

getTicketFromSubjectAndTgs

public static KerberosTicket getTicketFromSubjectAndTgs(int caller,
                                                        String clientPrincipal,
                                                        String serverPrincipal,
                                                        String tgsPrincipal,
                                                        AccessControlContext acc,
                                                        Config kerberosConfig)
                                                 throws LoginException,
                                                        KrbException,
                                                        IOException

Retrieve the service ticket for serverPrincipal from caller's Subject or from Subject obtained by logging in, or if not found, via the Ticket Granting Service using the TGT obtained from the Subject. Caller must have permission to: - access and update Subject's private credentials - create LoginContext - read the auth.login.defaultCallbackHandler security property NOTE: This method is used by JSSE Kerberos Cipher Suites

Throws:: LoginException; KrbException; IOException

getSubject

public static Subject getSubject(int caller,
                                 AccessControlContext acc)
                          throws LoginException

Retrieves the caller's Subject, or Subject obtained by logging in via the specified caller. Caller must have permission to: - access the Subject - create LoginContext - read the auth.login.defaultCallbackHandler security property NOTE: This method is used by JSSE Kerberos Cipher Suites

Throws:: LoginException

getKeys

public static KerberosKey[] getKeys(int caller,
                                    String serverPrincipal,
                                    AccessControlContext acc)
                             throws LoginException

Retrieves the keys for the specified server principal from the Subject in the specified AccessControlContext. If the ticket can not be found in the Subject, and if useSubjectCredsOnly is false, then obtain keys from a LoginContext. NOTE: This method is used by JSSE Kerberos Cipher Suites

Throws:: LoginException

credsToTicket

public static KerberosTicket credsToTicket(Credentials serviceCreds)

ticketToCreds

public static Credentials ticketToCreds(KerberosTicket kerbTicket,
                                        Config kerberosConfig)
                                 throws KrbException,
                                        IOException

Throws:: KrbException; IOException