com.ibm.security.krb5
Class KDCOptions
- java.lang.Object
com.ibm.security.krb5.internal.util.KrbBitArray
com.ibm.security.krb5.KDCOptions
Direct known subclasses:
- public class KDCOptions
- extends KrbBitArray
This definition reflects the Network Working Group RFC 1510 specifications dated September 1993 and available at http://www.ietf.org/rfc/rfc1510.txt.
This class appears as data field in the initial request(KRB_AS_REQ) or subsequent request (KRB_TGS_REQ) to the KDC and indicates the flags that the client wants to set on the tickets. The optional bits are:
- KDCOptions.RESERVED
- KDCOptions.FORWARDABLE
- KDCOptions.FORWARDED
- KDCOptions.PROXIABLE
- KDCOptions.PROXY
- KDCOptions.ALLOW_POSTDATE
- KDCOptions.POSTDATED
- KDCOptions.RENEWABLE
- KDCOptions.RENEWABLE_OK
- KDCOptions.ENC_TKT_IN_SKEY
- KDCOptions.RENEW
- KDCOptions.VALIDATE
Various checks must be made before honoring an option. The restrictions on the use of some options are as follows:
- FORWARDABLE, FORWARDED, PROXIABLE, RENEWABLE options may be set in subsequent request only if the ticket_granting ticket on which it is based has the same options (FORWARDABLE, FORWARDED, PROXIABLE, RENEWABLE) set.
- ALLOW_POSTDATE may be set in subsequent request only if the ticket-granting ticket on which it is based also has its MAY_POSTDATE flag set.
- POSTDATED may be set in subsequent request only if the ticket-granting ticket on which it is based also has its MAY_POSTDATE flag set.
- RENEWABLE or RENEW may be set in subsequent request only if the ticket-granting ticket on which it is based also has its RENEWABLE flag set.
- POXY may be set in subsequent request only if the ticket-granting ticket on which it is based also has its PROXIABLE flag set, and the address(es) of the host from which the resulting ticket is to be valid should be included in the addresses field of the request.
- FORWARDED, PROXY, ENC_TKT_IN_SKEY, RENEW, VALIDATE are used only in subsequent requests.
Field Summary
Modifier and Type | Field and Description |
---|---|
|
ALLOW_POSTDATE
|
|
ENC_TKT_IN_SKEY
|
|
FORWARDABLE
|
|
FORWARDED
|
|
HARDWARE_AUTH
|
|
KDC_OPT_ALLOW_POSTDATE
|
|
KDC_OPT_DISABLE_TRANSITED_CHECK
|
|
KDC_OPT_ENC_TKT_IN_SKEY
|
|
KDC_OPT_FORWARDABLE
|
|
KDC_OPT_FORWARDED
|
|
KDC_OPT_POSTDATED
|
|
KDC_OPT_PROXIABLE
|
|
KDC_OPT_PROXY
|
|
KDC_OPT_RENEW
|
|
KDC_OPT_RENEWABLE
|
|
KDC_OPT_RENEWABLE_OK
|
|
KDC_OPT_REQUEST_ANONYMOUS
|
|
KDC_OPT_VALIDATE
|
|
MAX
|
|
POSTDATED
|
|
PROXIABLE
|
|
PROXY
|
|
RENEW
|
|
RENEWABLE
|
|
RENEWABLE_OK
|
|
RESERVED
|
|
UNUSED10
|
|
UNUSED7
|
|
UNUSED9
|
|
VALIDATE
|
Constructor Summary
Constructor and Description |
---|
KDCOptions()
|
KDCOptions(boolean[] data)
Constructs a KDCOptions from the specified bit settings.
|
KDCOptions(byte[] options)
Constructs a KDCOptions from the passed bit settings.
|
KDCOptions(com.ibm.security.util.DerValue encoding)
|
KDCOptions(int size,byte[] data)
|
Method Summary
Modifier and Type | Method and Description |
---|---|
|
asn1Encode()
Writes the encoded data.
|
|
get(int option)
Gets the value(true/false) for one of the
KDCOptions .
|
|
parse(com.ibm.security.util.DerInputStream data,byte explicitTag,boolean optional)
Parse (unmarshal) a KDCOptions from a DER input stream.
|
|
set(int option,boolean value)
Sets the value(true/false) for one of the
KDCOptions .
|
Methods inherited from class com.ibm.security.krb5.internal.util.KrbBitArray |
---|
toBooleanArray |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail
KDC_OPT_FORWARDABLE
- public final int KDC_OPT_FORWARDABLE
See Also:
KDC_OPT_FORWARDED
- public final int KDC_OPT_FORWARDED
See Also:
KDC_OPT_PROXIABLE
- public final int KDC_OPT_PROXIABLE
See Also:
KDC_OPT_PROXY
- public final int KDC_OPT_PROXY
See Also:
KDC_OPT_ALLOW_POSTDATE
- public final int KDC_OPT_ALLOW_POSTDATE
See Also:
KDC_OPT_POSTDATED
- public final int KDC_OPT_POSTDATED
See Also:
KDC_OPT_RENEWABLE
- public final int KDC_OPT_RENEWABLE
See Also:
KDC_OPT_REQUEST_ANONYMOUS
- public final int KDC_OPT_REQUEST_ANONYMOUS
See Also:
KDC_OPT_DISABLE_TRANSITED_CHECK
- public final int KDC_OPT_DISABLE_TRANSITED_CHECK
See Also:
KDC_OPT_RENEWABLE_OK
- public final int KDC_OPT_RENEWABLE_OK
See Also:
KDC_OPT_ENC_TKT_IN_SKEY
- public final int KDC_OPT_ENC_TKT_IN_SKEY
See Also:
KDC_OPT_RENEW
- public final int KDC_OPT_RENEW
See Also:
KDC_OPT_VALIDATE
- public final int KDC_OPT_VALIDATE
See Also:
RESERVED
- public static final int RESERVED
See Also:
FORWARDABLE
- public static final int FORWARDABLE
See Also:
FORWARDED
- public static final int FORWARDED
See Also:
PROXIABLE
- public static final int PROXIABLE
See Also:
PROXY
- public static final int PROXY
See Also:
ALLOW_POSTDATE
- public static final int ALLOW_POSTDATE
See Also:
POSTDATED
- public static final int POSTDATED
See Also:
UNUSED7
- public static final int UNUSED7
See Also:
RENEWABLE
- public static final int RENEWABLE
See Also:
UNUSED9
- public static final int UNUSED9
See Also:
UNUSED10
- public static final int UNUSED10
See Also:
HARDWARE_AUTH
- public static final int HARDWARE_AUTH
See Also:
RENEWABLE_OK
- public static final int RENEWABLE_OK
See Also:
ENC_TKT_IN_SKEY
- public static final int ENC_TKT_IN_SKEY
See Also:
RENEW
- public static final int RENEW
See Also:
VALIDATE
- public static final int VALIDATE
See Also:
MAX
- public static final int MAX
See Also:
Constructor Detail
KDCOptions
- public KDCOptions()
KDCOptions
- public KDCOptions(int size,
- byte[] data)
- throws Asn1Exception
Throws:
KDCOptions
- public KDCOptions(boolean[] data)
- throws Asn1Exception
Constructs a KDCOptions from the specified bit settings.
Parameters:
data
- the bits to be set for the KDCOptions. Throws:
Asn1Exception
- if an error occurs while decoding an ASN1 encoded data. KDCOptions
- public KDCOptions(com.ibm.security.util.DerValue encoding)
- throws Asn1Exception
- java.io.IOException
KDCOptions
- public KDCOptions(byte[] options)
Constructs a KDCOptions from the passed bit settings.
Parameters:
options
- the bits to be set for the KDCOptions. Method Detail
parse
- public static KDCOptions parse( com.ibm.security.util.DerInputStream data,
- byte explicitTag,
- boolean optional)
- throws Asn1Exception
- java.io.IOException
Parse (unmarshal) a KDCOptions from a DER input stream. This form
parsing might be used when expanding a value which is part of
a constructed sequence and uses explicitly tagged type.
Parameters:
data
- the Der input stream value, which contains one or more marshaled value. explicitTag
- tag number. optional
- indicate if this data field is optional Returns:
an instance of KDCOptions.
Throws:
Asn1Exception
- if an error occurs while decoding an ASN1 encoded data. java.io.IOException
- if an I/O error occurs while reading encoded data. asn1Encode
- public byte[] asn1Encode()
- throws java.io.IOException
Writes the encoded data.
Returns:
an byte array of encoded KDCOptions.
Throws:
java.io.IOException
- if an I/O error occurs while reading encoded data. set
- public void set(int option,
- boolean value)
- throws java.lang.ArrayIndexOutOfBoundsException
Sets the value(true/false) for one of the
KDCOptions
.
Overrides:
set
in class KrbBitArray
Parameters:
option
- an option bit. value
- true if the option is selected, false if the option is not selected. Throws:
java.lang.ArrayIndexOutOfBoundsException
- if array index out of bound occurs. See Also:
get
- public boolean get(int option)
- throws java.lang.ArrayIndexOutOfBoundsException
Gets the value(true/false) for one of the
KDCOptions
.
Overrides:
get
in class KrbBitArray
Parameters:
option
- an option bit. Returns:
value true if the option is selected, false if the option is not selected.
Throws:
java.lang.ArrayIndexOutOfBoundsException
- if array index out of bound occurs. See Also: