org.ietf.jgss

Interface GSSName


  • public interface GSSName
    This interface encapsulates a single GSS-API principal entity. The application obtains an implementation of this interface through one of the createName methods that exist in the GSSManager class. Conceptually a GSSName contains many representations of the entity or many primitive name elements, one for each supported underlying mechanism. In GSS terminology, a GSSName that contains an element from just one mechanism is called a Mechanism Name (MN)

    Since different authentication mechanisms may employ different namespaces for identifying their principals, GSS-API's naming support is necessarily complex in multi-mechanism environments (or even in some single-mechanism environments where the underlying mechanism supports multiple namespaces). Different name formats and their definitions are identified with Oid's and some standard types are defind in this interface. The format of the names can be derived based on the unique Oid of its name type.

    Included below are code examples utilizing the GSSName interface. The code below creates a GSSName, converts it to an MN, performs a comparison, obtains a printable representation of the name, exports it to a byte array and then re-imports to obtain a new GSSName.

          GSSManager manager = GSSManager.getInstance();
    
          // create a host based service name
          GSSName name = manager.createName("service@host",
                       GSSName.NT_HOSTBASED_SERVICE);
    
          Oid krb5 = new Oid("1.2.840.113554.1.2.2");
    
          GSSName mechName = name.canonicalize(krb5);
    
          // the above two steps are equivalent to the following
          GSSName mechName = manager.createName("service@host",
                          GSSName.NT_HOSTBASED_SERVICE, krb5);
    
          // perform name comparison
          if (name.equals(mechName))
                  print("Names are equals.");
    
          // obtain textual representation of name and its printable
          // name type
          print(mechName.toString() +
                          mechName.getStringNameType().toString());
    
          // export and re-import the name
          byte [] exportName = mechName.export();
    
          // create a new name object from the exported buffer
          GSSName newName = manager.createName(exportName,
                          GSSName.NT_EXPORT_NAME);
    
     
    Since:
    1.4
    See Also:
    export(), equals(GSSName), GSSManager.createName(String, Oid), GSSManager.createName(String, Oid, Oid), GSSManager.createName(byte[], Oid)
    • Method Summary

      Methods 
      Modifier and Type Method and Description
      GSSName canonicalize(Oid mech)
      Creates a name that is canonicalized for some mechanism.
      boolean equals(GSSName another)
      Compares two GSSName objects to determine if they refer to the same entity.
      boolean equals(Object another)
      Compares this GSSName object to another Object that might be a GSSName.
      byte[] export()
      Returns a canonical contiguous byte representation of a mechanism name (MN), suitable for direct, byte by byte comparison by authorization functions.
      Oid getStringNameType()
      Returns the name type of the printable representation of this name that can be obtained from the toString method.
      int hashCode()
      Returns a hashcode value for this GSSName.
      boolean isAnonymous()
      Tests if this name object represents an anonymous entity.
      boolean isMN()
      Tests if this name object represents a Mechanism Name (MN).
      String toString()
      Returns a textual representation of the GSSName object.

      Erste Seite von API Java Inhaltsverzeichnis Haut

    • Field Detail

      • NT_HOSTBASED_SERVICE

        static final Oid NT_HOSTBASED_SERVICE
        Oid indicating a host-based service name form. It is used to represent services associated with host computers. This name form is constructed using two elements, "service" and "hostname", as follows: service@hostname.

        It represents the following Oid value:
        { iso(1) member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) generic(1) service_name(4) }

      • NT_USER_NAME

        static final Oid NT_USER_NAME
        Name type to indicate a named user on a local system.

        It represents the following Oid value:
        { iso(1) member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) generic(1) user_name(1) }

      • NT_MACHINE_UID_NAME

        static final Oid NT_MACHINE_UID_NAME
        Name type to indicate a numeric user identifier corresponding to a user on a local system. (e.g. Uid).

        It represents the following Oid value:
        { iso(1) member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) generic(1) machine_uid_name(2) }

      • NT_STRING_UID_NAME

        static final Oid NT_STRING_UID_NAME
        Name type to indicate a string of digits representing the numeric user identifier of a user on a local system.

        It represents the following Oid value:
        { iso(1) member-body(2) United States(840) mit(113554) infosys(1) gssapi(2) generic(1) string_uid_name(3) }

      • NT_ANONYMOUS

        static final Oid NT_ANONYMOUS
        Name type for representing an anonymous entity.

        It represents the following Oid value:
        { 1(iso), 3(org), 6(dod), 1(internet), 5(security), 6(nametypes), 3(gss-anonymous-name) }

      • NT_EXPORT_NAME

        static final Oid NT_EXPORT_NAME
        Name type used to indicate an exported name produced by the export method.

        It represents the following Oid value:
        { 1(iso), 3(org), 6(dod), 1(internet), 5(security), 6(nametypes), 4(gss-api-exported-name) }

    • Method Detail

      • equals

        boolean equals(GSSName another)
                       throws GSSException
        Compares two GSSName objects to determine if they refer to the same entity.
        Parameters:
        another - the GSSName to compare this name with
        Returns:
        true if the two names contain at least one primitive element in common. If either of the names represents an anonymous entity, the method will return false.
        Throws:
        GSSException - when the names cannot be compared, containing the following major error codes: GSSException.BAD_NAMETYPE, GSSException.FAILURE
      • equals

        boolean equals(Object another)
        Compares this GSSName object to another Object that might be a GSSName. The behaviour is exactly the same as in equals except that no GSSException is thrown; instead, false will be returned in the situation where an error occurs.
        Overrides:
        equals in class Object
        Parameters:
        another - the object to compare this name to
        Returns:
        true if the object to compare to is also a GSSName and the two names refer to the same entity.
        See Also:
        equals(GSSName)
      • export

        byte[] export()
                      throws GSSException
        Returns a canonical contiguous byte representation of a mechanism name (MN), suitable for direct, byte by byte comparison by authorization functions. If the name is not an MN, implementations may throw a GSSException with the NAME_NOT_MN status code. If an implementation chooses not to throw an exception, it should use some system specific default mechanism to canonicalize the name and then export it. Structurally, an exported name object consists of a header containing an OID identifying the mechanism that authenticated the name, and a trailer containing the name itself, where the syntax of the trailer is defined by the individual mechanism specification. The format of the header of the output buffer is specified in RFC 2743.

        The exported name is useful when used in large access control lists where the overhead of creating a GSSName object on each name and invoking the equals method on each name from the ACL may be prohibitive.

        Exported names may be re-imported by using the byte array factory method GSSManager.createName and specifying the NT_EXPORT_NAME as the name type object identifier. The resulting GSSName name will also be a MN.

        Returns:
        a byte[] containing the exported name. RFC 2743 defines the "Mechanism-Independent Exported Name Object Format" for these bytes.
        Throws:
        GSSException - containing the following major error codes: GSSException.BAD_NAME, GSSException.BAD_NAMETYPE, GSSException.FAILURE
      • toString

        String toString()
        Returns a textual representation of the GSSName object. To retrieve the printed name format, which determines the syntax of the returned string, use the getStringNameType method.
        Overrides:
        toString in class Object
        Returns:
        a String representing this name in printable form.
      • getStringNameType

        Oid getStringNameType()
                              throws GSSException
        Returns the name type of the printable representation of this name that can be obtained from the toString method.
        Returns:
        an Oid representing the namespace of the name returned from the toString method.
        Throws:
        GSSException - containing the following major error codes: GSSException.FAILURE
      • isAnonymous

        boolean isAnonymous()
        Tests if this name object represents an anonymous entity.
        Returns:
        true if this is an anonymous name, false otherwise.
      • isMN

        boolean isMN()
        Tests if this name object represents a Mechanism Name (MN). An MN is a GSSName the contains exactly one mechanism's primitive name element.
        Returns:
        true if this is an MN, false otherwise.

Deutsche Übersetzung

Sie haben gebeten, diese Seite auf Deutsch zu besuchen. Momentan ist nur die Oberfläche übersetzt, aber noch nicht der gesamte Inhalt.

Wenn Sie mir bei Übersetzungen helfen wollen, ist Ihr Beitrag willkommen. Alles, was Sie tun müssen, ist, sich auf der Website zu registrieren und mir eine Nachricht zu schicken, in der Sie gebeten werden, Sie der Gruppe der Übersetzer hinzuzufügen, die Ihnen die Möglichkeit gibt, die gewünschten Seiten zu übersetzen. Ein Link am Ende jeder übersetzten Seite zeigt an, dass Sie der Übersetzer sind und einen Link zu Ihrem Profil haben.

Vielen Dank im Voraus.

Dokument erstellt 11/06/2005, zuletzt geändert 04/03/2020
Quelle des gedruckten Dokuments:https://www.gaudry.be/de/java-api-rf-org/ietf/jgss/gssname.html

Die Infobro ist eine persönliche Seite, deren Inhalt in meiner alleinigen Verantwortung liegt. Der Text ist unter der CreativeCommons-Lizenz (BY-NC-SA) verfügbar. Weitere Informationen auf die Nutzungsbedingungen und dem Autor.

Referenzen

  1. Zeigen Sie - html-Dokument Sprache des Dokuments:fr Manuel PHP : https://docs.oracle.com

Diese Verweise und Links verweisen auf Dokumente, die während des Schreibens dieser Seite konsultiert wurden, oder die zusätzliche Informationen liefern können, aber die Autoren dieser Quellen können nicht für den Inhalt dieser Seite verantwortlich gemacht werden.
Der Autor Diese Website ist allein dafür verantwortlich, wie die verschiedenen Konzepte und Freiheiten, die mit den Nachschlagewerken gemacht werden, hier dargestellt werden. Denken Sie daran, dass Sie mehrere Quellinformationen austauschen müssen, um das Risiko von Fehlern zu reduzieren.

Inhaltsverzeichnis Haut