org.ietf.jgss
Class ChannelBinding

java.lang.Object sample code for java.lang.Object definition code for java.lang.Object 
  extended by org.ietf.jgss.ChannelBinding

public class ChannelBinding
extends Object sample code for java.lang.Object definition code for java.lang.Object

This class encapsulates the concept of caller-provided channel binding information. Channel bindings are used to strengthen the quality with which peer entity authentication is provided during context establishment. They enable the GSS-API callers to bind the establishment of the security context to relevant characteristics like addresses or to application specific data.

The caller initiating the security context must determine the appropriate channel binding values to set in the GSSContext object. The acceptor must provide an identical binding in order to validate that received tokens possess correct channel-related characteristics.

Use of channel bindings is optional in GSS-API. ChannelBinding can be set for the GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext using the setChannelBinding sample code for org.ietf.jgss.GSSContext.setChannelBinding(org.ietf.jgss.ChannelBinding) definition code for org.ietf.jgss.GSSContext.setChannelBinding(org.ietf.jgss.ChannelBinding) method before the first call to initSecContext sample code for org.ietf.jgss.GSSContext.initSecContext(byte[], int, int) definition code for org.ietf.jgss.GSSContext.initSecContext(byte[], int, int) or acceptSecContext sample code for org.ietf.jgss.GSSContext.acceptSecContext(byte[], int, int) definition code for org.ietf.jgss.GSSContext.acceptSecContext(byte[], int, int) has been performed. Unless the setChannelBinding method has been used to set the ChannelBinding for a GSSContext object, null ChannelBinding will be assumed.

Conceptually, the GSS-API concatenates the initiator and acceptor address information, and the application supplied byte array to form an octet string. The mechanism calculates a MIC over this octet string and binds the MIC to the context establishment token emitted by initSecContext method of the GSSContext interface. The same bindings are set by the context acceptor for its GSSContext object and during processing of the acceptSecContext method a MIC is calculated in the same way. The calculated MIC is compared with that found in the token, and if the MICs differ, accept will throw a GSSException with the major code set to BAD_BINDINGS sample code for org.ietf.jgss.GSSException.BAD_BINDINGS definition code for org.ietf.jgss.GSSException.BAD_BINDINGS , and the context will not be established. Some mechanisms may include the actual channel binding data in the token (rather than just a MIC); applications should therefore not use confidential data as channel-binding components.

Individual mechanisms may impose additional constraints on addresses that may appear in channel bindings. For example, a mechanism may verify that the initiator address field of the channel binding contains the correct network address of the host system. Portable applications should therefore ensure that they either provide correct information for the address fields, or omit setting of the addressing information.

Since:
1.4

Constructor Summary
ChannelBinding sample code for org.ietf.jgss.ChannelBinding.ChannelBinding(byte[]) definition code for org.ietf.jgss.ChannelBinding.ChannelBinding(byte[]) (byte[] appData)
          Creates a ChannelBinding object without any addressing information.
ChannelBinding sample code for org.ietf.jgss.ChannelBinding.ChannelBinding(java.net.InetAddress, java.net.InetAddress, byte[]) definition code for org.ietf.jgss.ChannelBinding.ChannelBinding(java.net.InetAddress, java.net.InetAddress, byte[]) (InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  initAddr, InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  acceptAddr, byte[] appData)
          Create a ChannelBinding object with user supplied address information and data.
 
Method Summary
 boolean equals sample code for org.ietf.jgss.ChannelBinding.equals(java.lang.Object) definition code for org.ietf.jgss.ChannelBinding.equals(java.lang.Object) (Object sample code for java.lang.Object definition code for java.lang.Object  obj)
          Compares two instances of ChannelBinding.
 InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress getAcceptorAddress sample code for org.ietf.jgss.ChannelBinding.getAcceptorAddress() definition code for org.ietf.jgss.ChannelBinding.getAcceptorAddress() ()
          Get the acceptor's address for this channel binding.
 byte[] getApplicationData sample code for org.ietf.jgss.ChannelBinding.getApplicationData() definition code for org.ietf.jgss.ChannelBinding.getApplicationData() ()
          Get the application specified data for this channel binding.
 InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress getInitiatorAddress sample code for org.ietf.jgss.ChannelBinding.getInitiatorAddress() definition code for org.ietf.jgss.ChannelBinding.getInitiatorAddress() ()
          Get the initiator's address for this channel binding.
 int hashCode sample code for org.ietf.jgss.ChannelBinding.hashCode() definition code for org.ietf.jgss.ChannelBinding.hashCode() ()
          Returns a hashcode value for this ChannelBinding object.
 
Methods inherited from class java.lang.Object sample code for java.lang.Object definition code for java.lang.Object
clone sample code for java.lang.Object.clone() definition code for java.lang.Object.clone() , finalize sample code for java.lang.Object.finalize() definition code for java.lang.Object.finalize() , getClass sample code for java.lang.Object.getClass() definition code for java.lang.Object.getClass() , notify sample code for java.lang.Object.notify() definition code for java.lang.Object.notify() , notifyAll sample code for java.lang.Object.notifyAll() definition code for java.lang.Object.notifyAll() , toString sample code for java.lang.Object.toString() definition code for java.lang.Object.toString() , wait sample code for java.lang.Object.wait() definition code for java.lang.Object.wait() , wait sample code for java.lang.Object.wait(long) definition code for java.lang.Object.wait(long) , wait sample code for java.lang.Object.wait(long, int) definition code for java.lang.Object.wait(long, int)
 

Constructor Detail

ChannelBinding sample code for org.ietf.jgss.ChannelBinding(java.net.InetAddress, java.net.InetAddress, byte[]) definition code for org.ietf.jgss.ChannelBinding(java.net.InetAddress, java.net.InetAddress, byte[])

public ChannelBinding(InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  initAddr,
                      InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  acceptAddr,
                      byte[] appData)
Create a ChannelBinding object with user supplied address information and data. null values can be used for any fields which the application does not want to specify.

Parameters:
initAddr - the address of the context initiator. null value can be supplied to indicate that the application does not want to set this value.
acceptAddr - the address of the context acceptor. null value can be supplied to indicate that the application does not want to set this value.
appData - application supplied data to be used as part of the channel bindings. null value can be supplied to indicate that the application does not want to set this value.

ChannelBinding sample code for org.ietf.jgss.ChannelBinding(byte[]) definition code for org.ietf.jgss.ChannelBinding(byte[])

public ChannelBinding(byte[] appData)
Creates a ChannelBinding object without any addressing information.

Parameters:
appData - application supplied data to be used as part of the channel bindings.
Method Detail

getInitiatorAddress sample code for org.ietf.jgss.ChannelBinding.getInitiatorAddress() definition code for org.ietf.jgss.ChannelBinding.getInitiatorAddress()

public InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  getInitiatorAddress()
Get the initiator's address for this channel binding.

Returns:
the initiator's address. null is returned if the address has not been set.

getAcceptorAddress sample code for org.ietf.jgss.ChannelBinding.getAcceptorAddress() definition code for org.ietf.jgss.ChannelBinding.getAcceptorAddress()

public InetAddress sample code for java.net.InetAddress definition code for java.net.InetAddress  getAcceptorAddress()
Get the acceptor's address for this channel binding.

Returns:
the acceptor's address. null is returned if the address has not been set.

getApplicationData sample code for org.ietf.jgss.ChannelBinding.getApplicationData() definition code for org.ietf.jgss.ChannelBinding.getApplicationData()

public byte[] getApplicationData()
Get the application specified data for this channel binding.

Returns:
the application data being used as part of the ChannelBinding. null is returned if no application data has been specified for the channel binding.

equals sample code for org.ietf.jgss.ChannelBinding.equals(java.lang.Object) definition code for org.ietf.jgss.ChannelBinding.equals(java.lang.Object)

public boolean equals(Object sample code for java.lang.Object definition code for java.lang.Object  obj)
Compares two instances of ChannelBinding.

Overrides:
equals sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) in class Object sample code for java.lang.Object definition code for java.lang.Object
Parameters:
obj - another ChannelBinding to compare this one with
Returns:
true if the two ChannelBinding's contain the same values for the initiator and acceptor addresses and the application data.
See Also:
Object.hashCode() sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable

hashCode sample code for org.ietf.jgss.ChannelBinding.hashCode() definition code for org.ietf.jgss.ChannelBinding.hashCode()

public int hashCode()
Returns a hashcode value for this ChannelBinding object.

Overrides:
hashCode sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() in class Object sample code for java.lang.Object definition code for java.lang.Object
Returns:
a hashCode value
See Also:
Object.equals(java.lang.Object) sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) , Hashtable sample code for java.util.Hashtable definition code for java.util.Hashtable