public interface: GSSCredential [javadoc | source]
All Implemented Interfaces:
Cloneable
All Known Implementing Classes:
GSSCredentialImpl
Credentials are instantiated using one of the
createCredential methods in the GSSManager class. GSS-API credential creation is not
intended to provide a "login to the network" function, as such a
function would involve the creation of new credentials rather than
merely acquiring a handle to existing credentials. The
section on credential
acquisition in the package level description describes
how existing credentials are acquired in the Java platform. GSS-API
implementations must impose a local access-control policy on callers to
prevent unauthorized callers from acquiring credentials to which they
are not entitled.
Applications will create a credential object passing the desired parameters. The application can then use the query methods to obtain specific information about the instantiated credential object. When the credential is no longer needed, the application should call the dispose method to release any resources held by the credential object and to destroy any cryptographically sensitive information.
This example code demonstrates the creation of a GSSCredential implementation for a specific entity, querying of its fields, and its release when it is no longer needed:
GSSManager manager = GSSManager.getInstance();
// start by creating a name object for the entity
GSSName name = manager.createName("myusername", GSSName.NT_USER_NAME);
// now acquire credentials for the entity
GSSCredential cred = manager.createCredential(name,
GSSCredential.ACCEPT_ONLY);
// display credential information - name, remaining lifetime,
// and the mechanisms it has been acquired over
System.out.println(cred.getName().toString());
System.out.println(cred.getRemainingLifetime());
Oid [] mechs = cred.getMechs();
if (mechs != null) {
for (int i = 0; i < mechs.length; i++)
System.out.println(mechs[i].toString());
}
// release system resources held by the credential
cred.dispose();
- Also see:
- GSSManager#createCredential(int)
- GSSManager#createCredential(GSSName, int, Oid, int)
- GSSManager#createCredential(GSSName, int, Oid[], int)
- dispose()
- author:
Mayank- Upadhyay - since:
1.4-
| Field Summary | ||
|---|---|---|
| public static final int | INITIATE_AND_ACCEPT | Credential usage flag requesting that it be usable for both context initiation and acceptance. |
| public static final int | INITIATE_ONLY | Credential usage flag requesting that it be usable for context initiation only. |
| public static final int | ACCEPT_ONLY | Credential usage flag requesting that it be usable for context acceptance only. |
| public static final int | DEFAULT_LIFETIME | A lifetime constant representing the default credential lifetime. This value it set to 0. |
| public static final int | INDEFINITE_LIFETIME | A lifetime constant representing indefinite credential lifetime. This value must is set to the maximum integer value in Java - Integer.MAX_VALUE . |
| Method from org.ietf.jgss.GSSCredential Summary: |
|---|
| add, dispose, equals, getMechs, getName, getName, getRemainingAcceptLifetime, getRemainingInitLifetime, getRemainingLifetime, getUsage, getUsage, hashCode |
| Method from org.ietf.jgss.GSSCredential Detail: |
|---|
This routine is envisioned to be used mainly by context acceptors during the creation of acceptor credentials which are to be used with a variety of clients using different security mechanisms.
This routine adds the new credential element "in-place". To add the
element in a new credential, first call As always, GSS-API implementations must impose a local access-control policy on callers to prevent unauthorized callers from acquiring credentials to which they are not entitled. Non-default values for initLifetime and acceptLifetime cannot always be honored by the underlying mechanisms, thus callers should be prepared to call getRemainingInitLifetime and getRemainingAcceptLifetime on the credential. |
|
|
|
|
|
|
|
|
|
|
|
public void