public interface ExtendedGSSContext extends GSSContext
ExtendedGSSContext client = .... ExtendedGSSContext server = .... byte [] input = new byte[0]; byte [] output = null; do { output = client.initDelegation(null, null, 0, input, 0, input.length); input = server.acceptDelegation(0, output, 0, output.length); } while (!client.isDelegationFinished()); GSSCredential cred = server.getDelegatedCredential(); ...Because delegation can be performed multiple times on the same contexts, the
do { ... } while ();
block should be used to properly reset the delegation state (The state of isDelegationFinished
is reset on the initial call to initDelegation
or acceptDelegation
.DEFAULT_LIFETIME, INDEFINITE_LIFETIME
Modifier and Type | Method and Description |
---|---|
byte[] |
acceptDelegation(int lifetime,
byte[] but,
int off,
int len)
Accept a delegated credential.
|
GSSCredential |
getDelegatedCredential()
Returns the delegated credential that was delegated using
the
initDelegation and acceptDelegation
functions. |
Object |
getOption(Oid option)
Gets a context option.
|
byte[] |
initDelegation(GSSCredential cred,
Oid mechanism,
int lifetime,
byte[] buf,
int off,
int len)
Initiate the delegation of a credential.
|
Object |
inquireByOid(Oid oid)
Retrieves arbitrary data about this context.
|
boolean |
isDelegationFinished()
Used during delegation to determine the state of the delegation.
|
void |
setBannedCiphers(String[] ciphers)
Specifies a list of ciphers that will not be used.
|
void |
setOption(Oid option,
Object value)
Sets a context option.
|
acceptSecContext, acceptSecContext, dispose, export, getAnonymityState, getConfState, getCredDelegState, getDelegCred, getIntegState, getLifetime, getMech, getMIC, getMIC, getMutualAuthState, getReplayDetState, getSequenceDetState, getSrcName, getTargName, getWrapSizeLimit, initSecContext, initSecContext, isEstablished, isInitiator, isProtReady, isTransferable, requestAnonymity, requestConf, requestCredDeleg, requestInteg, requestLifetime, requestMutualAuth, requestReplayDet, requestSequenceDet, setChannelBinding, unwrap, unwrap, verifyMIC, verifyMIC, wrap, wrap
void setOption(Oid option, Object value) throws GSSException
option
- option type.value
- option value.GSSException
- containing the following major error codes:
GSSException.FAILURE
Object getOption(Oid option) throws GSSException
option
- option type.GSSException
- containing the following major error codes:
GSSException.FAILURE
byte[] initDelegation(GSSCredential cred, Oid mechanism, int lifetime, byte[] buf, int off, int len) throws GSSException
acceptDelegation
function.cred
- The credential to be delegated. May be null
in which case the credential associated with the security
context is used.mechanism
- The desired security mechanism. May be null.lifetime
- The requested period of validity (seconds) of the delegated
credential.acceptDelegation
if
isDelegationFinished
returns false. May be null.GSSException
- containing the following major error codes:
GSSException.FAILURE
byte[] acceptDelegation(int lifetime, byte[] but, int off, int len) throws GSSException
initDelegation
function.lifetime
- The requested period of validity (seconds) of the delegated
credential.initDelegation
if
isDelegationFinished
returns false. May be null.GSSException
- containing the following major error codes:
GSSException.FAILURE
GSSCredential getDelegatedCredential()
initDelegation
and acceptDelegation
functions. This is to be called on the delegation accepting
side once once isDelegationFinished
returns true.boolean isDelegationFinished()
Object inquireByOid(Oid oid) throws GSSException
oid
- the oid of the information desired.GSSException
- containing the following major error codes:
GSSException.FAILURE
void setBannedCiphers(String[] ciphers)
ciphers
- The list of banned ciphers.Copyright © 2016. All rights reserved.