WS-Security and GSS-API: How do I get the session key?
Max (Weijun) Wang
Weijun.Wang at Sun.COM
Sun Mar 8 21:34:36 EDT 2009
On Mar 7, 2009, at 4:54 AM, Michael B Allen wrote:
> On Thu, Mar 5, 2009 at 9:29 PM, <weijun.wang at sun.com> wrote:
>> Hi Luke
>> On Feb 24, 9:36 pm, Luke Howard <lu... at padl.com> wrote:
>>>> I don't recall offhand if there's been an IETF draft proposing the
>>>> specific extension we've got for extracting the session key.
>>> major = gss_inquire_sec_context_by_oid(&minor,
>> Cool, we (Java SE Team at Sun) are also preparing to add a new method
>> getSessionKey() to OpenJDK's JGSS-API for Java EE needs.
> I think it would be better to have a GSSContext method that could
> return an Object that is specific to the OID supplied. For example, in
> the case of the session key, it would return a byte array like:
> Oid sspiSessionKeyOid = new Oid("1.2.840.113518.104.22.168.5.5");
> byte sessionKey =
> Otherwise you're going to end up just adding more methods in an
> already overwhelming API.
Sure, if we are going to support other OIDs, we would use a method
name like inquireSecContext(Oid).
> Michael B Allen
> Java Active Directory Integration
More information about the Kerberos