| java.lang.Object
 sun.security.jgss.GSSContextImpl
| GSSContextImpl | | class GSSContextImpl implements GSSContext(Code) | | This class represents the JGSS security context and its associated
operations. JGSS security contexts are established between
peers using locally established credentials. Multiple contexts
may exist simultaneously between a pair of peers, using the same
or different set of credentials. The JGSS is independent of
the underlying transport protocols and depends on its callers to
transport the tokens between peers.
The context object can be thought of as having 3 implicit states:
before it is established, during its context establishment, and
after a fully established context exists.
Before the context establishment phase is initiated, the context
initiator may request specific characteristics desired of the
established context. These can be set using the set methods. After the
context is established, the caller can check the actual characteristic
and services offered by the context using the query methods.
The context establishment phase begins with the first call to the
initSecContext method by the context initiator. During this phase the
initSecContext and acceptSecContext methods will produce GSS-API
authentication tokens which the calling application needs to send to its
peer. The initSecContext and acceptSecContext methods may
return a CONTINUE_NEEDED code which indicates that a token is needed
from its peer in order to continue the context establishment phase. A
return code of COMPLETE signals that the local end of the context is
established. This may still require that a token be sent to the peer,
depending if one is produced by GSS-API. The isEstablished method can
also be used to determine if the local end of the context has been
fully established. During the context establishment phase, the
isProtReady method may be called to determine if the context can be
used for the per-message operations. This allows implementation to
use per-message operations on contexts which aren't fully established.
After the context has been established or the isProtReady method
returns "true", the query routines can be invoked to determine the actual
characteristics and services of the established context. The
application can also start using the per-message methods of wrap and
getMIC to obtain cryptographic operations on application supplied data.
When the context is no longer needed, the application should call
dispose to release any system resources the context may be using.
- RFC 2078
- This class corresponds to the context level calls together with
the per message calls of RFC 2078. The gss_init_sec_context and
gss_accept_sec_context calls have been made simpler by only taking
required parameters. The context can have its properties set before
the first call to initSecContext. The supplementary status codes for the
per-message operations are returned in an instance of the MessageProp
class, which is used as an argument in these calls.
|
| Constructor Summary | |
| public | GSSContextImpl(GSSManagerImpl gssManager, GSSName peer, Oid mech, GSSCredential myCred, int lifetime)
Creates a GSSContextImp on the context initiator's side. | | public | GSSContextImpl(GSSManagerImpl gssManager, GSSCredential myCred)
Creates a GSSContextImpl on the context acceptor's side. | | public | GSSContextImpl(GSSManagerImpl gssManager, byte[] interProcessToken)
Creates a GSSContextImpl out of a previously exported
GSSContext. |
| Method Summary | |
| public byte[] | acceptSecContext(byte inTok, int offset, int len)
| | public void | acceptSecContext(InputStream inStream, OutputStream outStream)
| | public void | dispose()
| | public byte[] | export()
| | public boolean | getAnonymityState()
| | public boolean | getConfState()
| | public boolean | getCredDelegState()
| | public GSSCredential | getDelegCred()
| | public boolean | getIntegState()
| | public int | getLifetime()
| | public byte[] | getMIC(byte[] inMsg, int offset, int len, MessageProp msgProp)
| | public void | getMIC(InputStream inStream, OutputStream outStream, MessageProp msgProp)
| | public Oid | getMech()
| | public boolean | getMutualAuthState()
| | public boolean | getReplayDetState()
| | public boolean | getSequenceDetState()
| | public GSSName | getSrcName()
| | public GSSName | getTargName()
| | public int | getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize)
| | public byte[] | initSecContext(byte inputBuf, int offset, int len)
| | public int | initSecContext(InputStream inStream, OutputStream outStream)
| | public boolean | isEstablished()
| | public boolean | isInitiator()
| | public boolean | isProtReady()
| | public boolean | isTransferable()
| | public void | requestAnonymity(boolean state)
| | public void | requestConf(boolean state)
| | public void | requestCredDeleg(boolean state)
| | public void | requestInteg(boolean state)
| | public void | requestLifetime(int lifetime)
| | public void | requestMutualAuth(boolean state)
| | public void | requestReplayDet(boolean state)
| | public void | requestSequenceDet(boolean state)
| | public void | setChannelBinding(ChannelBinding channelBindings)
| | public byte[] | unwrap(byte[] inBuf, int offset, int len, MessageProp msgProp)
| | public void | unwrap(InputStream inStream, OutputStream outStream, MessageProp msgProp)
| | public void | verifyMIC(byte[] inTok, int tokOffset, int tokLen, byte[] inMsg, int msgOffset, int msgLen, MessageProp msgProp)
| | public void | verifyMIC(InputStream tokStream, InputStream msgStream, MessageProp msgProp)
| | public byte[] | wrap(byte inBuf, int offset, int len, MessageProp msgProp)
| | public void | wrap(InputStream inStream, OutputStream outStream, MessageProp msgProp)
|
| GSSContextImpl | | public GSSContextImpl(GSSManagerImpl gssManager, GSSName peer, Oid mech, GSSCredential myCred, int lifetime) throws GSSException(Code) | | Creates a GSSContextImp on the context initiator's side.
|
| GSSContextImpl | | public GSSContextImpl(GSSManagerImpl gssManager, GSSCredential myCred) throws GSSException(Code) | | Creates a GSSContextImpl on the context acceptor's side.
|
| acceptSecContext | | public byte[] acceptSecContext(byte inTok, int offset, int len) throws GSSException(Code) | | |
| dispose | | public void dispose() throws GSSException(Code) | | |
| export | | public byte[] export() throws GSSException(Code) | | |
| getAnonymityState | | public boolean getAnonymityState()(Code) | | |
| getConfState | | public boolean getConfState()(Code) | | |
| getCredDelegState | | public boolean getCredDelegState()(Code) | | |
| getDelegCred | | public GSSCredential getDelegCred() throws GSSException(Code) | | |
| getIntegState | | public boolean getIntegState()(Code) | | |
| getLifetime | | public int getLifetime()(Code) | | |
| getMIC | | public byte[] getMIC(byte[] inMsg, int offset, int len, MessageProp msgProp) throws GSSException(Code) | | |
| getMech | | public Oid getMech() throws GSSException(Code) | | |
| getMutualAuthState | | public boolean getMutualAuthState()(Code) | | |
| getReplayDetState | | public boolean getReplayDetState()(Code) | | |
| getSequenceDetState | | public boolean getSequenceDetState()(Code) | | |
| getSrcName | | public GSSName getSrcName() throws GSSException(Code) | | |
| getTargName | | public GSSName getTargName() throws GSSException(Code) | | |
| getWrapSizeLimit | | public int getWrapSizeLimit(int qop, boolean confReq, int maxTokenSize) throws GSSException(Code) | | |
| initSecContext | | public byte[] initSecContext(byte inputBuf, int offset, int len) throws GSSException(Code) | | |
| isEstablished | | public boolean isEstablished()(Code) | | |
| isInitiator | | public boolean isInitiator() throws GSSException(Code) | | |
| isProtReady | | public boolean isProtReady()(Code) | | |
| isTransferable | | public boolean isTransferable() throws GSSException(Code) | | |
| requestAnonymity | | public void requestAnonymity(boolean state) throws GSSException(Code) | | |
| requestConf | | public void requestConf(boolean state) throws GSSException(Code) | | |
| requestCredDeleg | | public void requestCredDeleg(boolean state) throws GSSException(Code) | | |
| requestInteg | | public void requestInteg(boolean state) throws GSSException(Code) | | |
| requestLifetime | | public void requestLifetime(int lifetime) throws GSSException(Code) | | |
| requestMutualAuth | | public void requestMutualAuth(boolean state) throws GSSException(Code) | | |
| requestReplayDet | | public void requestReplayDet(boolean state) throws GSSException(Code) | | |
| requestSequenceDet | | public void requestSequenceDet(boolean state) throws GSSException(Code) | | |
| setChannelBinding | | public void setChannelBinding(ChannelBinding channelBindings) throws GSSException(Code) | | |
| unwrap | | public byte[] unwrap(byte[] inBuf, int offset, int len, MessageProp msgProp) throws GSSException(Code) | | |
| verifyMIC | | public void verifyMIC(byte[] inTok, int tokOffset, int tokLen, byte[] inMsg, int msgOffset, int msgLen, MessageProp msgProp) throws GSSException(Code) | | |
| wrap | | public byte[] wrap(byte inBuf, int offset, int len, MessageProp msgProp) throws GSSException(Code) | | |
|
|