51 * class and store the instance in the private credential set of a |
51 * class and store the instance in the private credential set of a |
52 * {@link javax.security.auth.Subject Subject}.<p> |
52 * {@link javax.security.auth.Subject Subject}.<p> |
53 * |
53 * |
54 * It might be necessary for the application to be granted a |
54 * It might be necessary for the application to be granted a |
55 * {@link javax.security.auth.PrivateCredentialPermission |
55 * {@link javax.security.auth.PrivateCredentialPermission |
56 * PrivateCredentialPermission} if it needs to access a KerberosTicket |
56 * PrivateCredentialPermission} if it needs to access a {@code KerberosTicket} |
57 * instance from a Subject. This permission is not needed when the |
57 * instance from a {@code Subject}. This permission is not needed when the |
58 * application depends on the default JGSS Kerberos mechanism to access the |
58 * application depends on the default JGSS Kerberos mechanism to access the |
59 * KerberosTicket. In that case, however, the application will need an |
59 * {@code KerberosTicket}. In that case, however, the application will need an |
60 * appropriate |
60 * appropriate |
61 * {@link javax.security.auth.kerberos.ServicePermission ServicePermission}. |
61 * {@link javax.security.auth.kerberos.ServicePermission ServicePermission}. |
62 * <p> |
62 * <p> |
63 * Note that this class is applicable to both ticket granting tickets and |
63 * Note that this class is applicable to both ticket granting tickets and |
64 * other regular service tickets. A ticket granting ticket is just a |
64 * other regular service tickets. A ticket granting ticket is just a |
191 private InetAddress[] clientAddresses; |
191 private InetAddress[] clientAddresses; |
192 |
192 |
193 private transient boolean destroyed = false; |
193 private transient boolean destroyed = false; |
194 |
194 |
195 /** |
195 /** |
196 * Constructs a KerberosTicket using credentials information that a |
196 * Constructs a {@code KerberosTicket} using credentials information that a |
197 * client either receives from a KDC or reads from a cache. |
197 * client either receives from a KDC or reads from a cache. |
198 * |
198 * |
199 * @param asn1Encoding the ASN.1 encoding of the ticket as defined by |
199 * @param asn1Encoding the ASN.1 encoding of the ticket as defined by |
200 * the Kerberos protocol specification. |
200 * the Kerberos protocol specification. |
201 * @param client the client that owns this service |
201 * @param client the client that owns this service |
563 Throwable e = null; |
563 Throwable e = null; |
564 sun.security.krb5.Credentials krb5Creds = null; |
564 sun.security.krb5.Credentials krb5Creds = null; |
565 |
565 |
566 try { |
566 try { |
567 krb5Creds = new sun.security.krb5.Credentials(asn1Encoding, |
567 krb5Creds = new sun.security.krb5.Credentials(asn1Encoding, |
568 client.toString(), |
568 client.getName(), |
569 server.toString(), |
569 server.getName(), |
570 sessionKey.getEncoded(), |
570 sessionKey.getEncoded(), |
571 sessionKey.getKeyType(), |
571 sessionKey.getKeyType(), |
572 flags, |
572 flags, |
573 authTime, |
573 authTime, |
574 startTime, |
574 startTime, |
642 */ |
642 */ |
643 public boolean isDestroyed() { |
643 public boolean isDestroyed() { |
644 return destroyed; |
644 return destroyed; |
645 } |
645 } |
646 |
646 |
|
647 /** |
|
648 * Returns an informative textual representation of this {@code KerberosTicket}. |
|
649 * |
|
650 * @return an informative textual representation of this {@code KerberosTicket}. |
|
651 */ |
647 public String toString() { |
652 public String toString() { |
648 if (destroyed) { |
653 if (destroyed) { |
649 return "Destroyed KerberosTicket"; |
654 return "Destroyed KerberosTicket"; |
650 } |
655 } |
651 StringBuilder caddrString = new StringBuilder(); |
656 StringBuilder caddrString = new StringBuilder(); |
712 result = result * 37 + Arrays.hashCode(clientAddresses); |
717 result = result * 37 + Arrays.hashCode(clientAddresses); |
713 return result * 37 + Arrays.hashCode(flags); |
718 return result * 37 + Arrays.hashCode(flags); |
714 } |
719 } |
715 |
720 |
716 /** |
721 /** |
717 * Compares the specified Object with this KerberosTicket for equality. |
722 * Compares the specified object with this {@code KerberosTicket} for equality. |
718 * Returns true if the given object is also a |
723 * Returns true if the given object is also a |
719 * {@code KerberosTicket} and the two |
724 * {@code KerberosTicket} and the two |
720 * {@code KerberosTicket} instances are equivalent. |
725 * {@code KerberosTicket} instances are equivalent. |
721 * |
726 * A destroyed {@code KerberosTicket} object is only equal to itself. |
722 * @param other the Object to compare to |
727 * |
723 * @return true if the specified object is equal to this KerberosTicket, |
728 * @param other the object to compare to |
724 * false otherwise. NOTE: Returns false if either of the KerberosTicket |
729 * @return true if the specified object is equal to this {@code KerberosTicket}, |
725 * objects has been destroyed. |
730 * false otherwise. |
726 * @since 1.6 |
731 * @since 1.6 |
727 */ |
732 */ |
728 public boolean equals(Object other) { |
733 public boolean equals(Object other) { |
729 |
734 |
730 if (other == this) { |
735 if (other == this) { |