RFR 8043071: Expose session key and KRB_CRED through extended GSS-API
Wang Weijun
weijun.wang at oracle.com
Fri Jul 4 06:12:25 UTC 2014
Hi All
Please review the change at
http://cr.openjdk.java.net/~weijun/8043071/webrev.00/
Two new inquire type KRB5_GET_SESSION_KEY_EX and KRB5_GET_KRB_CRED are added to get the session key (in a new format) and the KRB_CRED message. Two new classes are created as the types of their return values.
Spec for InquireType values are moved into the InquireType class itself.
For the existing KerberosKey class, the "A call to any of its other methods after this will cause an IllegalStateException to be thrown" in the spec of destroy() is not precise since we know isDestroyed() and toString/hashCode/equals() do not throw it. The sentence is removed and a @throws clause is added to those methods that do throw the exception. The new KerberosSessionKey and KerberosCredMessage have the same style.
Since the data class KeyImpl already throws IllegalStateException when it's destroyed, KerberosKey and KerberosSessionKey do not check again. If you think this makes the code difficult to read, I can add them back.
Thanks
Max
More information about the security-dev
mailing list