Home | History | Annotate | Download | only in ssl 
      1 /*
      2  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
      3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
      4  *
      5  * This code is free software; you can redistribute it and/or modify it
      6  * under the terms of the GNU General Public License version 2 only, as
      7  * published by the Free Software Foundation.  Oracle designates this
      8  * particular file as subject to the "Classpath" exception as provided
      9  * by Oracle in the LICENSE file that accompanied this code.
     10  *
     11  * This code is distributed in the hope that it will be useful, but WITHOUT
     12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
     13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
     14  * version 2 for more details (a copy is included in the LICENSE file that
     15  * accompanied this code).
     16  *
     17  * You should have received a copy of the GNU General Public License version
     18  * 2 along with this work; if not, write to the Free Software Foundation,
     19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
     20  *
     21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
     22  * or visit www.oracle.com if you need additional information or have any
     23  * questions.
     24  */
     25 
     26 package sun.security.ssl;
     27 
     28 import java.security.AccessControlContext;
     29 import java.security.Permission;
     30 import java.security.Principal;
     31 import javax.crypto.SecretKey;
     32 import javax.security.auth.Subject;
     33 import javax.security.auth.login.LoginException;
     34 
     35 /**
     36  * An interface to a subset of the Kerberos APIs to avoid a static dependency
     37  * on the types defined by these APIs.
     38  */
     39 public interface Krb5Proxy {
     40 
     41     /**
     42      * Returns the Subject associated with the client-side of the SSL socket.
     43      */
     44     Subject getClientSubject(AccessControlContext acc) throws LoginException;
     45 
     46     /**
     47      * Returns the Subject associated with the server-side of the SSL socket.
     48      */
     49     Subject getServerSubject(AccessControlContext acc) throws LoginException;
     50 
     51 
     52     /**
     53      * Returns the KerberosKeys for the default server-side principal.
     54      */
     55     SecretKey[] getServerKeys(AccessControlContext acc) throws LoginException;
     56 
     57     /**
     58      * Returns the server-side principal name associated with the KerberosKey.
     59      */
     60     String getServerPrincipalName(SecretKey kerberosKey);
     61 
     62     /**
     63      * Returns the hostname embedded in the principal name.
     64      */
     65     String getPrincipalHostName(Principal principal);
     66 
     67     /**
     68      * Returns a ServicePermission for the principal name and action.
     69      */
     70     Permission getServicePermission(String principalName, String action);
     71 }
     72