See: Description
| Class | Description |
|---|---|
| DelegationPermission |
This class is used to restrict the usage of the Kerberos
delegation model, ie: forwardable and proxiable tickets.
|
| KerberosKey |
This class encapsulates a long term secret key for a Kerberos
principal.
|
| KerberosPrincipal |
This class encapsulates a Kerberos principal.
|
| KerberosTicket |
This class encapsulates a Kerberos ticket and associated
information as viewed from the client's point of view.
|
| KeyTab |
This class encapsulates a keytab file.
|
| ServicePermission |
This class is used to protect Kerberos services and the
credentials necessary to access those services.
|
The Kerberos network authentication protocol is defined in
RFC 4120. The Java
platform contains support for the client side of Kerberos via the
org.ietf.jgss package. There might also be
a login module that implements
LoginModule to authenticate
Kerberos principals.
You can provide the name of your default realm and Key Distribution
Center (KDC) host for that realm using the system properties
java.security.krb5.realm and java.security.krb5.kdc.
Both properties must be set.
Alternatively, the java.security.krb5.conf system property can
be set to the location of an MIT style krb5.conf configuration
file. If none of these system properties are set, the krb5.conf
file is searched for in an implementation-specific manner. Typically,
an implementation will first look for a krb5.conf file in
<java-home>/lib/security and failing that, in an OS-specific
location.
Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2017, Oracle and/or its affiliates. All rights reserved. Use is subject to license terms. Also see the documentation redistribution policy.