com.dstc.security.kerberos
Interface AuthorizationDataElement
- public interface AuthorizationDataElement
An interface to a Kerberos authorization data component.
Authorization data is an optional inclusion in the encrypted
part of a Kerberos Ticket. It is passed from the principal on whose
behalf the ticket was issued to the target (application) service.
An authorization data element is a typed application-specific byte array.
Several data types have been or are being standardized at the IETF.
The Kerberos AuthorizationData is defined in RFC1510 as
the ASN.1 structure
AuthorizationData ::= SEQUENCE OF SEQUENCE {
ad-type[0] INTEGER,
ad-data[1] OCTET STRING
}
Method Summary |
byte[] |
data()
Returns the data for this AuthorizationDataElement |
int |
type()
Returns the authorization data type for this AuthorizationDataElement |
AD_KDC_ISSUED
public static final int AD_KDC_ISSUED
AD_INTENDED_FOR_SERVER
public static final int AD_INTENDED_FOR_SERVER
AD_INTENDED_FOR_APPLICATION_CLASS
public static final int AD_INTENDED_FOR_APPLICATION_CLASS
AD_IF_RELEVANT
public static final int AD_IF_RELEVANT
AD_OR
public static final int AD_OR
AD_MANDATORY_TICKET_EXTENSIONS
public static final int AD_MANDATORY_TICKET_EXTENSIONS
AD_IN_TICKET_EXTENSIONS
public static final int AD_IN_TICKET_EXTENSIONS
type
public int type()
- Returns the authorization data type for this AuthorizationDataElement
data
public byte[] data()
- Returns the data for this AuthorizationDataElement