GSSCredential inside Subject?
Wang Weijun
weijun.wang at oracle.com
Tue May 27 10:50:28 UTC 2014
Hi Valerie
I am working on breaking JGSS into modules and is now looking at sun/security/jgss/GSSUtil.java. There is a method
public static <T extends GSSCredentialSpi> Vector<T>
searchSubject(final GSSNameSpi name,
final Oid mech,
final boolean initiate,
final Class<? extends T> credCls) {
which goes inside a Subject's priv cred sets looking for GSSCredentialImpl objects. I searched thru other JDK codes and cannot see who is putting those objects there. Do you remember anything? Or we are thinking about applications putting them there? I cannot think of any such convention.
In fact, all I can see JAAS/JGSS/krb5 doing with a Subject is putting KerberosPrincipal into princ set and KerberosKey/KerberosTicket/KeyTab into priv cred set. Nothing else.
Thanks
Max
More information about the security-dev
mailing list