org.ietf.jgss
Class GSSManager

java.lang.Object sample code for java.lang.Object definition code for java.lang.Object 
  extended by org.ietf.jgss.GSSManager

public abstract class GSSManager
extends Object sample code for java.lang.Object definition code for java.lang.Object

This class serves as a factory for other important GSS-API classes and also provides information about the mechanisms that are supported. It can create instances of classes implementing the following three GSS-API interfaces: GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName , GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential , and GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext . It also has methods to query for the list of available mechanisms and the nametypes that each mechanism supports.

An instance of the default GSSManager subclass may be obtained through the static method getInstance sample code for org.ietf.jgss.GSSManager.getInstance() definition code for org.ietf.jgss.GSSManager.getInstance() , but applications are free to instantiate other subclasses of GSSManager. The default GSSManager instance will support the Kerberos v5 GSS-API mechanism in addition to any others. This mechanism is identified by the Oid "1.2.840.113554.1.2.2" and is defined in RFC 1964.

A subclass extending the GSSManager abstract class may be implemented as a modular provider based layer that utilizes some well known service provider specification. The GSSManager API allows the application to set provider preferences on such an implementation. These methods also allow the implementation to throw a well-defined exception in case provider based configuration is not supported. Applications that expect to be portable should be aware of this and recover cleanly by catching the exception.

It is envisioned that there will be three most common ways in which providers will be used:

  1. The application does not care about what provider is used (the default case).
  2. The application wants a particular provider to be used preferentially, either for a particular mechanism or all the time, irrespective of mechanism.
  3. The application wants to use the locally configured providers as far as possible but if support is missing for one or more mechanisms then it wants to fall back on its own provider.

The GSSManager class has two methods that enable these modes of usage: addProviderAtFront sample code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid) and addProviderAtEnd sample code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid) . These methods have the effect of creating an ordered list of <provider, oid> pairs where each pair indicates a preference of provider for a given oid.

It is important to note that there are certain interactions between the different GSS-API objects that are created by a GSSManager, where the provider that is used for a particular mechanism might need to be consistent across all objects. For instance, if a GSSCredential contains elements from a provider p for a mechanism m, it should generally be passed in to a GSSContext that will use provider p for the mechanism m. A simple rule of thumb that will maximize portability is that objects created from different GSSManager's should not be mixed, and if possible, a different GSSManager instance should be created if the application wants to invoke the addProviderAtFront method on a GSSManager that has already created an object.

Here is some sample code showing how the GSSManager might be used:

     GSSManager manager = GSSManager.getInstance();

     Oid krb5Mechanism = new Oid("1.2.840.113554.1.2.2");
     Oid krb5PrincipalNameType = new Oid("1.2.840.113554.1.2.2.1");

     // Identify who the client wishes to be
     GSSName userName = manager.createName("duke", GSSName.NT_USER_NAME);

     // Identify the name of the server. This uses a Kerberos specific
     // name format.
     GSSName serverName = manager.createName("nfs/foo.sun.com", 
                                             krb5PrincipalNameType);

     // Acquire credentials for the user
     GSSCredential userCreds = manager.createCredential(userName,
                                             GSSCredential.DEFAULT_LIFETIME,
                                             krb5Mechanism,
                                             GSSCredential.INITIATE_ONLY);

     // Instantiate and initialize a security context that will be
     // established with the server
     GSSContext context = manager.createContext(serverName,
                                                krb5Mechanism,
                                                userCreds,
                                                GSSContext.DEFAULT_LIFETIME);
 

The server side might use the following variation of this source:

     // Acquire credentials for the server
     GSSCredential serverCreds = manager.createCredential(serverName, 
                                             GSSCredential.DEFAULT_LIFETIME, 
                                             krb5Mechanism, 
                                             GSSCredential.ACCEPT_ONLY); 
 
     // Instantiate and initialize a security context that will
     // wait for an establishment request token from the client
     GSSContext context = manager.createContext(serverCreds);
 

Since:
1.4
See Also:
GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName , GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential , GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext

Constructor Summary
GSSManager sample code for org.ietf.jgss.GSSManager.GSSManager() definition code for org.ietf.jgss.GSSManager.GSSManager() ()
           
 
Method Summary
abstract  void addProviderAtEnd sample code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid) (Provider sample code for java.security.Provider definition code for java.security.Provider  p, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
          This method is used to indicate to the GSSManager that the application would like a particular provider to be used if no other provider can be found that supports the given mechanism.
abstract  void addProviderAtFront sample code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid) (Provider sample code for java.security.Provider definition code for java.security.Provider  p, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
          This method is used to indicate to the GSSManager that the application would like a particular provider to be used ahead of all others when support is desired for the given mechanism.
abstract  GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext createContext sample code for org.ietf.jgss.GSSManager.createContext(byte[]) definition code for org.ietf.jgss.GSSManager.createContext(byte[]) (byte[] interProcessToken)
          Factory method for creating a previously exported context.
abstract  GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext createContext sample code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSCredential) definition code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSCredential) (GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  myCred)
          Factory method for creating a context on the acceptor' side.
abstract  GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext createContext sample code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSName, org.ietf.jgss.Oid, org.ietf.jgss.GSSCredential, int) definition code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSName, org.ietf.jgss.Oid, org.ietf.jgss.GSSCredential, int) (GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  peer, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech, GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  myCred, int lifetime)
          Factory method for creating a context on the initiator's side.
abstract  GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential createCredential sample code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid[], int) definition code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid[], int) (GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  name, int lifetime, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] mechs, int usage)
          Factory method for acquiring credentials over a set of mechanisms.
abstract  GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential createCredential sample code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid, int) definition code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid, int) (GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  name, int lifetime, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech, int usage)
          Factory method for acquiring a single mechanism credential.
abstract  GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential createCredential sample code for org.ietf.jgss.GSSManager.createCredential(int) definition code for org.ietf.jgss.GSSManager.createCredential(int) (int usage)
          Factory method for acquiring default credentials.
abstract  GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) (byte[] name, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
          Factory method to convert a byte array containing a name from the specified namespace to a GSSName object.
abstract  GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid, org.ietf.jgss.Oid) (byte[] name, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
          Factory method to convert a byte array containing a name from the specified namespace to a GSSName object and canonicalize it at the same time for a mechanism.
abstract  GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName createName sample code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid) (String sample code for java.lang.String definition code for java.lang.String  nameStr, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
          Factory method to convert a string name from the specified namespace to a GSSName object.
abstract  GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName createName sample code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid, org.ietf.jgss.Oid) (String sample code for java.lang.String definition code for java.lang.String  nameStr, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType, Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
          Factory method to convert a string name from the specified namespace to a GSSName object and canonicalize it at the same time for a mechanism.
static GSSManager sample code for org.ietf.jgss.GSSManager definition code for org.ietf.jgss.GSSManager getInstance sample code for org.ietf.jgss.GSSManager.getInstance() definition code for org.ietf.jgss.GSSManager.getInstance() ()
          Returns the default GSSManager implementation.
abstract  Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getMechs sample code for org.ietf.jgss.GSSManager.getMechs() definition code for org.ietf.jgss.GSSManager.getMechs() ()
          Returns a list of mechanisms that are available to GSS-API callers through this GSSManager.
abstract  Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getMechsForName sample code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid) (Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
          Returns a list of mechanisms that support the indicated name type.
abstract  Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getNamesForMech sample code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid) (Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
          Returns then name types supported by the indicated mechanism.
 
Methods inherited from class java.lang.Object sample code for java.lang.Object definition code for java.lang.Object
clone sample code for java.lang.Object.clone() definition code for java.lang.Object.clone() , equals sample code for java.lang.Object.equals(java.lang.Object) definition code for java.lang.Object.equals(java.lang.Object) , finalize sample code for java.lang.Object.finalize() definition code for java.lang.Object.finalize() , getClass sample code for java.lang.Object.getClass() definition code for java.lang.Object.getClass() , hashCode sample code for java.lang.Object.hashCode() definition code for java.lang.Object.hashCode() , notify sample code for java.lang.Object.notify() definition code for java.lang.Object.notify() , notifyAll sample code for java.lang.Object.notifyAll() definition code for java.lang.Object.notifyAll() , toString sample code for java.lang.Object.toString() definition code for java.lang.Object.toString() , wait sample code for java.lang.Object.wait() definition code for java.lang.Object.wait() , wait sample code for java.lang.Object.wait(long) definition code for java.lang.Object.wait(long) , wait sample code for java.lang.Object.wait(long, int) definition code for java.lang.Object.wait(long, int)
 

Constructor Detail

GSSManager sample code for org.ietf.jgss.GSSManager() definition code for org.ietf.jgss.GSSManager()

public GSSManager()
Method Detail

getInstance sample code for org.ietf.jgss.GSSManager.getInstance() definition code for org.ietf.jgss.GSSManager.getInstance()

public static GSSManager sample code for org.ietf.jgss.GSSManager definition code for org.ietf.jgss.GSSManager  getInstance()
Returns the default GSSManager implementation.

Returns:
a GSSManager implementation

getMechs sample code for org.ietf.jgss.GSSManager.getMechs() definition code for org.ietf.jgss.GSSManager.getMechs()

public abstract Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getMechs()
Returns a list of mechanisms that are available to GSS-API callers through this GSSManager. The default GSSManager obtained from the getInstance() sample code for org.ietf.jgss.GSSManager.getInstance() definition code for org.ietf.jgss.GSSManager.getInstance() method includes the Oid "1.2.840.113554.1.2.2" in its list. This Oid identifies the Kerberos v5 GSS-API mechanism that is defined in RFC 1964.

Returns:
an array of Oid objects corresponding to the mechanisms that are available. A null value is returned when no mechanism are available (an example of this would be when mechanism are dynamically configured, and currently no mechanisms are installed).

getNamesForMech sample code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid)

public abstract Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getNamesForMech(Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
                               throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Returns then name types supported by the indicated mechanism.

The default GSSManager instance includes support for the Kerberos v5 mechanism. When this mechanism ("1.2.840.113554.1.2.2") is indicated, the returned list will contain at least the following nametypes: GSSName.NT_HOSTBASED_SERVICE sample code for org.ietf.jgss.GSSName.NT_HOSTBASED_SERVICE definition code for org.ietf.jgss.GSSName.NT_HOSTBASED_SERVICE , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME , and the Kerberos v5 specific Oid "1.2.840.113554.1.2.2.1". The namespace for the Oid "1.2.840.113554.1.2.2.1" is defined in RFC 1964.

Parameters:
mech - the Oid of the mechanism to query
Returns:
an array of Oid objects corresponding to the name types that the mechanism supports.
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
getMechsForName(Oid) sample code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid)

getMechsForName sample code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getMechsForName(org.ietf.jgss.Oid)

public abstract Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] getMechsForName(Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
Returns a list of mechanisms that support the indicated name type.

The Kerberos v5 mechanism ("1.2.840.113554.1.2.2") will always be returned in this list when the indicated nametype is one of GSSName.NT_HOSTBASED_SERVICE sample code for org.ietf.jgss.GSSName.NT_HOSTBASED_SERVICE definition code for org.ietf.jgss.GSSName.NT_HOSTBASED_SERVICE , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME , or "1.2.840.113554.1.2.2.1".

Parameters:
nameType - the Oid of the name type to look for
Returns:
an array of Oid objects corresponding to the mechanisms that support the specified name type. null is returned when no mechanisms are found to support the specified name type.
See Also:
getNamesForMech(Oid) sample code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.getNamesForMech(org.ietf.jgss.Oid)

createName sample code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid)

public abstract GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  createName(String sample code for java.lang.String definition code for java.lang.String  nameStr,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
                            throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method to convert a string name from the specified namespace to a GSSName object. In general, the GSSName object created will contain multiple representations of the name, one for each mechanism that is supported; two examples that are exceptions to this are when the namespace type parameter indicates NT_EXPORT_NAME or when the GSS-API implementation is not multi-mechanism. It is not recommended to use this method with a NT_EXPORT_NAME type because representing a previously exported name consisting of abitrary bytes as a String might cause problems with character encoding schemes. In such cases it is recommended that the bytes be passed in directly to the overloaded form of this method createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) .

Parameters:
nameStr - the string representing a printable form of the name to create.
nameType - the Oid specifying the namespace of the printable name supplied. null can be used to specify that a mechanism specific default printable syntax should be assumed by each mechanism that examines nameStr. It is not advisable to use the nametype NT_EXPORT_NAME with this method.
Returns:
a GSSName representing the indicated principal
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME

createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid)

public abstract GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  createName(byte[] name,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType)
                            throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method to convert a byte array containing a name from the specified namespace to a GSSName object. In general, the GSSName object created will contain multiple representations of the name, one for each mechanism that is supported; two examples that are exceptions to this are when the namespace type parameter indicates NT_EXPORT_NAME or when the GSS-API implementation is not multi-mechanism. The bytes that are passed in are interpreted by each underlying mechanism according to some encoding scheme of its choice for the given nametype.

Parameters:
name - the byte array containing the name to create
nameType - the Oid specifying the namespace of the name supplied in the byte array. null can be used to specify that a mechanism specific default syntax should be assumed by each mechanism that examines the byte array.
Returns:
a GSSName representing the indicated principal
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME

createName sample code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid, org.ietf.jgss.Oid)

public abstract GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  createName(String sample code for java.lang.String definition code for java.lang.String  nameStr,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
                            throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method to convert a string name from the specified namespace to a GSSName object and canonicalize it at the same time for a mechanism. In other words, this method is a utility that does the equivalent of two steps: the createName sample code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(java.lang.String, org.ietf.jgss.Oid) and then also the GSSName.canonicalize sample code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) .

Parameters:
nameStr - the string representing a printable form of the name to create.
nameType - the Oid specifying the namespace of the printable name supplied. null can be used to specify that a mechanism specific default printable syntax should be assumed by each mechanism that examines nameStr. It is not advisable to use the nametype NT_EXPORT_NAME with this method.
mech - Oid specifying the mechanism for which the name should be canonicalized
Returns:
a GSSName representing the indicated principal
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSName.canonicalize(Oid) sample code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME

createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid, org.ietf.jgss.Oid)

public abstract GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  createName(byte[] name,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  nameType,
                                   Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
                            throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method to convert a byte array containing a name from the specified namespace to a GSSName object and canonicalize it at the same time for a mechanism. In other words, this method is a utility that does the equivalent of two steps: the createName sample code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.createName(byte[], org.ietf.jgss.Oid) and then also GSSName.canonicalize sample code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) .

Parameters:
name - the byte array containing the name to create
nameType - the Oid specifying the namespace of the name supplied in the byte array. null can be used to specify that a mechanism specific default syntax should be assumed by each mechanism that examines the byte array.
mech - Oid specifying the mechanism for which the name should be canonicalized
Returns:
a GSSName representing the indicated principal
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSName.canonicalize(Oid) sample code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSName.canonicalize(org.ietf.jgss.Oid) , GSSName.NT_EXPORT_NAME sample code for org.ietf.jgss.GSSName.NT_EXPORT_NAME definition code for org.ietf.jgss.GSSName.NT_EXPORT_NAME

createCredential sample code for org.ietf.jgss.GSSManager.createCredential(int) definition code for org.ietf.jgss.GSSManager.createCredential(int)

public abstract GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  createCredential(int usage)
                                        throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for acquiring default credentials. This will cause the GSS-API to use system specific defaults for the set of mechanisms, name, and lifetime.

GSS-API mechanism providers must impose a local access-control policy on callers to prevent unauthorized callers from acquiring credentials to which they are not entitled. The kinds of permissions needed by different mechanism providers will be documented on a per-mechanism basis. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Parameters:
usage - The intended usage for this credential object. The value of this parameter must be one of: GSSCredential.INITIATE_AND_ACCEPT sample code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT definition code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT , GSSCredential.ACCEPT_ONLY sample code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY definition code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY , and GSSCredential.INITIATE_ONLY sample code for org.ietf.jgss.GSSCredential.INITIATE_ONLY definition code for org.ietf.jgss.GSSCredential.INITIATE_ONLY .
Returns:
a GSSCredential of the requested type.
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.CREDENTIALS_EXPIRED sample code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED definition code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED , GSSException.NO_CRED sample code for org.ietf.jgss.GSSException.NO_CRED definition code for org.ietf.jgss.GSSException.NO_CRED , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential

createCredential sample code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid, int) definition code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid, int)

public abstract GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  createCredential(GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  name,
                                               int lifetime,
                                               Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech,
                                               int usage)
                                        throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for acquiring a single mechanism credential.

GSS-API mechanism providers must impose a local access-control policy on callers to prevent unauthorized callers from acquiring credentials to which they are not entitled. The kinds of permissions needed by different mechanism providers will be documented on a per-mechanism basis. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Non-default values for lifetime cannot always be honored by the underlying mechanisms, thus applications should be prepared to call getRemainingLifetime sample code for org.ietf.jgss.GSSCredential.getRemainingLifetime() definition code for org.ietf.jgss.GSSCredential.getRemainingLifetime() on the returned credential.

Parameters:
name - the name of the principal for whom this credential is to be acquired. Use null to specify the default principal.
lifetime - The number of seconds that credentials should remain valid. Use GSSCredential.INDEFINITE_LIFETIME sample code for org.ietf.jgss.GSSCredential.INDEFINITE_LIFETIME definition code for org.ietf.jgss.GSSCredential.INDEFINITE_LIFETIME to request that the credentials have the maximum permitted lifetime. Use GSSCredential.DEFAULT_LIFETIME sample code for org.ietf.jgss.GSSCredential.DEFAULT_LIFETIME definition code for org.ietf.jgss.GSSCredential.DEFAULT_LIFETIME to request default credential lifetime.
mech - the Oid of the desired mechanism. Use (Oid) null to request the default mechanism.
usage - The intended usage for this credential object. The value of this parameter must be one of: GSSCredential.INITIATE_AND_ACCEPT sample code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT definition code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT , GSSCredential.ACCEPT_ONLY sample code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY definition code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY , and GSSCredential.INITIATE_ONLY sample code for org.ietf.jgss.GSSCredential.INITIATE_ONLY definition code for org.ietf.jgss.GSSCredential.INITIATE_ONLY .
Returns:
a GSSCredential of the requested type.
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.CREDENTIALS_EXPIRED sample code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED definition code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED , GSSException.NO_CRED sample code for org.ietf.jgss.GSSException.NO_CRED definition code for org.ietf.jgss.GSSException.NO_CRED , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential

createCredential sample code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid[], int) definition code for org.ietf.jgss.GSSManager.createCredential(org.ietf.jgss.GSSName, int, org.ietf.jgss.Oid[], int)

public abstract GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  createCredential(GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  name,
                                               int lifetime,
                                               Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid [] mechs,
                                               int usage)
                                        throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for acquiring credentials over a set of mechanisms. This method attempts to acquire credentials for each of the mechanisms specified in the array called mechs. To determine the list of mechanisms for which the acquisition of credentials succeeded, the caller should use the GSSCredential.getMechs sample code for org.ietf.jgss.GSSCredential.getMechs() definition code for org.ietf.jgss.GSSCredential.getMechs() method.

GSS-API mechanism providers must impose a local access-control policy on callers to prevent unauthorized callers from acquiring credentials to which they are not entitled. The kinds of permissions needed by different mechanism providers will be documented on a per-mechanism basis. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Non-default values for lifetime cannot always be honored by the underlying mechanisms, thus applications should be prepared to call getRemainingLifetime sample code for org.ietf.jgss.GSSCredential.getRemainingLifetime() definition code for org.ietf.jgss.GSSCredential.getRemainingLifetime() on the returned credential.

Parameters:
name - the name of the principal for whom this credential is to be acquired. Use null to specify the default principal.
lifetime - The number of seconds that credentials should remain valid. Use GSSCredential.INDEFINITE_LIFETIME sample code for org.ietf.jgss.GSSCredential.INDEFINITE_LIFETIME definition code for org.ietf.jgss.GSSCredential.INDEFINITE_LIFETIME to request that the credentials have the maximum permitted lifetime. Use GSSCredential.DEFAULT_LIFETIME sample code for org.ietf.jgss.GSSCredential.DEFAULT_LIFETIME definition code for org.ietf.jgss.GSSCredential.DEFAULT_LIFETIME to request default credential lifetime.
mechs - an array of Oid's indicating the mechanisms over which the credential is to be acquired. Use (Oid[]) null for requesting a system specific default set of mechanisms.
usage - The intended usage for this credential object. The value of this parameter must be one of: GSSCredential.INITIATE_AND_ACCEPT sample code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT definition code for org.ietf.jgss.GSSCredential.INITIATE_AND_ACCEPT , GSSCredential.ACCEPT_ONLY sample code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY definition code for org.ietf.jgss.GSSCredential.ACCEPT_ONLY , and GSSCredential.INITIATE_ONLY sample code for org.ietf.jgss.GSSCredential.INITIATE_ONLY definition code for org.ietf.jgss.GSSCredential.INITIATE_ONLY .
Returns:
a GSSCredential of the requested type.
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH , GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE , GSSException.BAD_NAME sample code for org.ietf.jgss.GSSException.BAD_NAME definition code for org.ietf.jgss.GSSException.BAD_NAME , GSSException.CREDENTIALS_EXPIRED sample code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED definition code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED , GSSException.NO_CRED sample code for org.ietf.jgss.GSSException.NO_CRED definition code for org.ietf.jgss.GSSException.NO_CRED , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential

createContext sample code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSName, org.ietf.jgss.Oid, org.ietf.jgss.GSSCredential, int) definition code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSName, org.ietf.jgss.Oid, org.ietf.jgss.GSSCredential, int)

public abstract GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext  createContext(GSSName sample code for org.ietf.jgss.GSSName definition code for org.ietf.jgss.GSSName  peer,
                                         Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech,
                                         GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  myCred,
                                         int lifetime)
                                  throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for creating a context on the initiator's side. Some mechanism providers might require that the caller be granted permission to initiate a security context. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Non-default values for lifetime cannot always be honored by the underlying mechanism, thus applications should be prepared to call getLifetime sample code for org.ietf.jgss.GSSContext.getLifetime() definition code for org.ietf.jgss.GSSContext.getLifetime() on the returned context.

Parameters:
peer - the name of the target peer.
mech - the Oid of the desired mechanism. Use null to request the default mechanism.
myCred - the credentials of the initiator. Use null to act as the default initiator principal.
lifetime - the lifetime, in seconds, requested for the context. Use GSSContext.INDEFINITE_LIFETIME sample code for org.ietf.jgss.GSSContext.INDEFINITE_LIFETIME definition code for org.ietf.jgss.GSSContext.INDEFINITE_LIFETIME to request that the context have the maximum permitted lifetime. Use GSSContext.DEFAULT_LIFETIME sample code for org.ietf.jgss.GSSContext.DEFAULT_LIFETIME definition code for org.ietf.jgss.GSSContext.DEFAULT_LIFETIME to request a default lifetime for the context.
Returns:
an unestablished GSSContext
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.NO_CRED sample code for org.ietf.jgss.GSSException.NO_CRED definition code for org.ietf.jgss.GSSException.NO_CRED GSSException.CREDENTIALS_EXPIRED sample code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED definition code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED GSSException.BAD_NAMETYPE sample code for org.ietf.jgss.GSSException.BAD_NAMETYPE definition code for org.ietf.jgss.GSSException.BAD_NAMETYPE GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext

createContext sample code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSCredential) definition code for org.ietf.jgss.GSSManager.createContext(org.ietf.jgss.GSSCredential)

public abstract GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext  createContext(GSSCredential sample code for org.ietf.jgss.GSSCredential definition code for org.ietf.jgss.GSSCredential  myCred)
                                  throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for creating a context on the acceptor' side. The context's properties will be determined from the input token supplied to the accept method. Some mechanism providers might require that the caller be granted permission to accept a security context. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Parameters:
myCred - the credentials for the acceptor. Use null to act as a default acceptor principal.
Returns:
an unestablished GSSContext
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.NO_CRED sample code for org.ietf.jgss.GSSException.NO_CRED definition code for org.ietf.jgss.GSSException.NO_CRED GSSException.CREDENTIALS_EXPIRED sample code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED definition code for org.ietf.jgss.GSSException.CREDENTIALS_EXPIRED GSSException.BAD_MECH sample code for org.ietf.jgss.GSSException.BAD_MECH definition code for org.ietf.jgss.GSSException.BAD_MECH GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext

createContext sample code for org.ietf.jgss.GSSManager.createContext(byte[]) definition code for org.ietf.jgss.GSSManager.createContext(byte[])

public abstract GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext  createContext(byte[] interProcessToken)
                                  throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
Factory method for creating a previously exported context. The context properties will be determined from the input token and cannot be modified through the set methods.

Implementations are not required to support the inter-process transfer of security contexts. Before exporting a context, calling the GSSContext.isTransferable sample code for org.ietf.jgss.GSSContext.isTransferable() definition code for org.ietf.jgss.GSSContext.isTransferable() will indicate if the context is transferable. Calling this method in an implementation that does not support it will result in a GSSException with the error code GSSException.UNAVAILABLE sample code for org.ietf.jgss.GSSException.UNAVAILABLE definition code for org.ietf.jgss.GSSException.UNAVAILABLE . Some mechanism providers might require that the caller be granted permission to initiate or accept a security context. A failed permission check might cause a SecurityException sample code for java.lang.SecurityException definition code for java.lang.SecurityException to be thrown from this method.

Parameters:
interProcessToken - the token previously emitted from the export method.
Returns:
the previously established GSSContext
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.NO_CONTEXT sample code for org.ietf.jgss.GSSException.NO_CONTEXT definition code for org.ietf.jgss.GSSException.NO_CONTEXT , GSSException.DEFECTIVE_TOKEN sample code for org.ietf.jgss.GSSException.DEFECTIVE_TOKEN definition code for org.ietf.jgss.GSSException.DEFECTIVE_TOKEN , GSSException.UNAVAILABLE sample code for org.ietf.jgss.GSSException.UNAVAILABLE definition code for org.ietf.jgss.GSSException.UNAVAILABLE , GSSException.UNAUTHORIZED sample code for org.ietf.jgss.GSSException.UNAUTHORIZED definition code for org.ietf.jgss.GSSException.UNAUTHORIZED , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE
See Also:
GSSContext sample code for org.ietf.jgss.GSSContext definition code for org.ietf.jgss.GSSContext

addProviderAtFront sample code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtFront(java.security.Provider, org.ietf.jgss.Oid)

public abstract void addProviderAtFront(Provider sample code for java.security.Provider definition code for java.security.Provider  p,
                                        Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
                                 throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
This method is used to indicate to the GSSManager that the application would like a particular provider to be used ahead of all others when support is desired for the given mechanism. When a value of null is used instead of an Oid for the mechanism, the GSSManager must use the indicated provider ahead of all others no matter what the mechanism is. Only when the indicated provider does not support the needed mechanism should the GSSManager move on to a different provider.

Calling this method repeatedly preserves the older settings but lowers them in preference thus forming an ordered list of provider and Oid pairs that grows at the top.

Calling addProviderAtFront with a null Oid will remove all previous preferences that were set for this provider in the GSSManager instance. Calling addProviderAtFront with a non-null Oid will remove any previous preference that was set using this mechanism and this provider together.

If the GSSManager implementation does not support an SPI with a pluggable provider architecture it should throw a GSSException with the status code GSSException.UNAVAILABLE to indicate that the operation is unavailable.

Suppose an application desired that the provider A always be checked first when any mechanism is needed, it would call:

         GSSManager mgr = GSSManager.getInstance();
         // mgr may at this point have its own pre-configured list
         // of provider preferences. The following will prepend to
         // any such list:

         mgr.addProviderAtFront(A, null);
 
Now if it also desired that the mechanism of Oid m1 always be obtained from the provider B before the previously set A was checked, it would call:

         mgr.addProviderAtFront(B, m1);
 
The GSSManager would then first check with B if m1 was needed. In case B did not provide support for m1, the GSSManager would continue on to check with A. If any mechanism m2 is needed where m2 is different from m1 then the GSSManager would skip B and check with A directly.

Suppose at a later time the following call is made to the same GSSManager instance:

         mgr.addProviderAtFront(B, null)
 
then the previous setting with the pair (B, m1) is subsumed by this and should be removed. Effectively the list of preferences now becomes {(B, null), (A, null), ... //followed by the pre-configured list.

Please note, however, that the following call:

         mgr.addProviderAtFront(A, m3)
 
does not subsume the previous setting of (A, null) and the list will effectively become {(A, m3), (B, null), (A, null), ...}

Parameters:
p - the provider instance that should be used whenever support is needed for mech.
mech - the mechanism for which the provider is being set
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.UNAVAILABLE sample code for org.ietf.jgss.GSSException.UNAVAILABLE definition code for org.ietf.jgss.GSSException.UNAVAILABLE , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE

addProviderAtEnd sample code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid) definition code for org.ietf.jgss.GSSManager.addProviderAtEnd(java.security.Provider, org.ietf.jgss.Oid)

public abstract void addProviderAtEnd(Provider sample code for java.security.Provider definition code for java.security.Provider  p,
                                      Oid sample code for org.ietf.jgss.Oid definition code for org.ietf.jgss.Oid  mech)
                               throws GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException 
This method is used to indicate to the GSSManager that the application would like a particular provider to be used if no other provider can be found that supports the given mechanism. When a value of null is used instead of an Oid for the mechanism, the GSSManager must use the indicated provider for any mechanism.

Calling this method repeatedly preserves the older settings but raises them above newer ones in preference thus forming an ordered list of providers and Oid pairs that grows at the bottom. Thus the older provider settings will be utilized first before this one is.

If there are any previously existing preferences that conflict with the preference being set here, then the GSSManager should ignore this request.

If the GSSManager implementation does not support an SPI with a pluggable provider architecture it should throw a GSSException with the status code GSSException.UNAVAILABLE to indicate that the operation is unavailable.

Suppose an application desired that when a mechanism of Oid m1 is needed the system default providers always be checked first, and only when they do not support m1 should a provider A be checked. It would then make the call:

         GSSManager mgr = GSSManager.getInstance();
         mgr.addProviderAtEnd(A, m1);
 
Now, if it also desired that for all mechanisms the provider B be checked after all configured providers have been checked, it would then call:

         mgr.addProviderAtEnd(B, null);
 
Effectively the list of preferences now becomes {..., (A, m1), (B, null)}.

Suppose at a later time the following call is made to the same GSSManager instance:

         mgr.addProviderAtEnd(B, m2)
 
then the previous setting with the pair (B, null) subsumes this and therefore this request should be ignored. The same would happen if a request is made for the already existing pairs of (A, m1) or (B, null).

Please note, however, that the following call:

         mgr.addProviderAtEnd(A, null)
 
is not subsumed by the previous setting of (A, m1) and the list will effectively become {..., (A, m1), (B, null), (A, null)}

Parameters:
p - the provider instance that should be used whenever support is needed for mech.
mech - the mechanism for which the provider is being set
Throws:
GSSException sample code for org.ietf.jgss.GSSException definition code for org.ietf.jgss.GSSException - containing the following major error codes: GSSException.UNAVAILABLE sample code for org.ietf.jgss.GSSException.UNAVAILABLE definition code for org.ietf.jgss.GSSException.UNAVAILABLE , GSSException.FAILURE sample code for org.ietf.jgss.GSSException.FAILURE definition code for org.ietf.jgss.GSSException.FAILURE