11.1. Java GSS-API

When we introduced Java GSS-API in Section 8.5.2, we described its general facility for authenticating a distributed end entity. In this section, we go into the details of using the Java GSS-API. Typically, the establishment of a Java GSS-API security context required for securely exchanging messages between entities, such as a client and a server, encompasses authentication, confidentiality, and integrity controls at the time the security context is negotiated.

11.1.1. Using Kerberos Credentials with Java GSS-API

The Java GSS-API framework itself is quite thin, with all security-related functionality delegated to components obtained from the underlying mechanisms. The framework classes and interfaces are in the org.ietf.jgss ...

Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.