Home » openjdk-7 » javax.security » auth » kerberos » [javadoc | source]
public class: KerberosKey [javadoc | source]

All Implemented Interfaces:
    Destroyable, SecretKey

This class encapsulates a long term secret key for a Kerberos principal.

All Kerberos JAAS login modules that obtain a principal's password and generate the secret key from it should use this class. Sometimes, such as when authenticating a server in the absence of user-to-user authentication, the login module will store an instance of this class in the private credential set of a Subject during the commit phase of the authentication process.

A Kerberos service using a keytab to read secret keys should use the KeyTab class, where latest keys can be read when needed.

It might be necessary for the application to be granted a PrivateCredentialPermission if it needs to access the KerberosKey instance from a Subject. This permission is not needed when the application depends on the default JGSS Kerberos mechanism to access the KerberosKey. In that case, however, the application will need an appropriate ServicePermission .

 public KerberosKey(KerberosPrincipal principal,
    char[] password,
    String algorithm) 
    Constructs a KerberosKey from a principal's password.
    principal - the principal that this password belongs to
    password - the password that should be used to compute the key
    algorithm - the name for the algorithm that this key will be used for. This parameter may be null in which case the default algorithm "DES" will be assumed.
    IllegalArgumentException - if the name of the algorithm passed is unsupported.
 public KerberosKey(KerberosPrincipal principal,
    byte[] keyBytes,
    int keyType,
    int versionNum) 
    Constructs a KerberosKey from the given bytes when the key type and key version number are known. This can be used when reading the secret key information from a Kerberos "keytab".
    principal - the principal that this secret key belongs to
    keyBytes - the raw bytes for the secret key
    keyType - the key type for the secret key as defined by the Kerberos protocol specification.
    versionNum - the version number of this secret key
Method from javax.security.auth.kerberos.KerberosKey Summary:
destroy,   equals,   getAlgorithm,   getEncoded,   getFormat,   getKeyType,   getPrincipal,   getVersionNumber,   hashCode,   isDestroyed,   toString
Methods from java.lang.Object:
clone,   equals,   finalize,   getClass,   hashCode,   notify,   notifyAll,   toString,   wait,   wait,   wait
Method from javax.security.auth.kerberos.KerberosKey Detail:
 public  void destroy() throws DestroyFailedException 
    Destroys this key. A call to any of its other methods after this will cause an IllegalStateException to be thrown.
 public boolean equals(Object other) 
    Compares the specified Object with this KerberosKey for equality. Returns true if the given object is also a KerberosKey and the two KerberosKey instances are equivalent.
 public final String getAlgorithm() 
 public final byte[] getEncoded() 
    Returns the key material of this secret key.
 public final String getFormat() 
    Returns the name of the encoding format for this secret key.
 public final int getKeyType() 
    Returns the key type for this long-term key.
 public final KerberosPrincipal getPrincipal() 
    Returns the principal that this key belongs to.
 public final int getVersionNumber() 
    Returns the key version number.
 public int hashCode() 
    Returns a hashcode for this KerberosKey.
 public boolean isDestroyed() 
    Determines if this key has been destroyed.
 public String toString()