com.dstc.security.kerberos
Interface AuthorizationDataElement


public interface AuthorizationDataElement

An interface to a Kerberos authorization data component.

Authorization data is an optional inclusion in the encrypted part of a Kerberos Ticket. It is passed from the principal on whose behalf the ticket was issued to the target (application) service. An authorization data element is a typed application-specific byte array. Several data types have been or are being standardized at the IETF.

The Kerberos AuthorizationData is defined in RFC1510 as the ASN.1 structure

    AuthorizationData ::=  SEQUENCE OF SEQUENCE {
                        ad-type[0]             INTEGER,
                        ad-data[1]             OCTET STRING
                           }
 


Field Summary
static int AD_IF_RELEVANT
           
static int AD_IN_TICKET_EXTENSIONS
           
static int AD_INTENDED_FOR_APPLICATION_CLASS
           
static int AD_INTENDED_FOR_SERVER
           
static int AD_KDC_ISSUED
           
static int AD_MANDATORY_TICKET_EXTENSIONS
           
static int AD_OR
           
 
Method Summary
 byte[] data()
          Returns the data for this AuthorizationDataElement
 int type()
          Returns the authorization data type for this AuthorizationDataElement
 

Field Detail

AD_KDC_ISSUED

public static final int AD_KDC_ISSUED

AD_INTENDED_FOR_SERVER

public static final int AD_INTENDED_FOR_SERVER

AD_INTENDED_FOR_APPLICATION_CLASS

public static final int AD_INTENDED_FOR_APPLICATION_CLASS

AD_IF_RELEVANT

public static final int AD_IF_RELEVANT

AD_OR

public static final int AD_OR

AD_MANDATORY_TICKET_EXTENSIONS

public static final int AD_MANDATORY_TICKET_EXTENSIONS

AD_IN_TICKET_EXTENSIONS

public static final int AD_IN_TICKET_EXTENSIONS
Method Detail

type

public int type()
Returns the authorization data type for this AuthorizationDataElement

data

public byte[] data()
Returns the data for this AuthorizationDataElement