1
/*
2
 * Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved.
3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4
 *
5
 * This code is free software; you can redistribute it and/or modify it
6
 * under the terms of the GNU General Public License version 2 only, as
7
 * published by the Free Software Foundation.  Oracle designates this
8
 * particular file as subject to the "Classpath" exception as provided
9
 * by Oracle in the LICENSE file that accompanied this code.
10
 *
11
 * This code is distributed in the hope that it will be useful, but WITHOUT
12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14
 * version 2 for more details (a copy is included in the LICENSE file that
15
 * accompanied this code).
16
 *
17
 * You should have received a copy of the GNU General Public License version
18
 * 2 along with this work; if not, write to the Free Software Foundation,
19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20
 *
21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22
 * or visit www.oracle.com if you need additional information or have any
23
 * questions.
24
 */
25

26
package com.sun.security.jgss;
27

28
import org.ietf.jgss.*;
29

30
/**
31
 * The extended GSSContext interface for supporting additional
32
 * functionalities not defined by {@code org.ietf.jgss.GSSContext},
33
 * such as querying context-specific attributes.
34
 */
35
@jdk.Exported
36
public interface ExtendedGSSContext extends GSSContext {
37
    /**
38
     * Return the mechanism-specific attribute associated with {@code type}.
39
     * <br><br>
40
     * For each supported attribute type, the type for the output are
41
     * defined below.
42
     * <ol>
43
     * <li>{@code KRB5_GET_TKT_FLAGS}:
44
     * the returned object is a boolean array for the service ticket flags,
45
     * which is long enough to contain all true bits. This means if
46
     * the user wants to get the <em>n</em>'th bit but the length of the
47
     * returned array is less than <em>n</em>, it is regarded as false.
48
     * <li>{@code KRB5_GET_SESSION_KEY}:
49
     * the returned object is an instance of {@link java.security.Key},
50
     * which has the following properties:
51
     *    <ul>
52
     *    <li>Algorithm: enctype as a string, where
53
     *        enctype is defined in RFC 3961, section 8.
54
     *    <li>Format: "RAW"
55
     *    <li>Encoded form: the raw key bytes, not in any ASN.1 encoding
56
     *    </ul>
57
     * <li>{@code KRB5_GET_AUTHZ_DATA}:
58
     * the returned object is an array of
59
     * {@link com.sun.security.jgss.AuthorizationDataEntry}, or null if the
60
     * optional field is missing in the service ticket.
61
     * <li>{@code KRB5_GET_AUTHTIME}:
62
     * the returned object is a String object in the standard KerberosTime
63
     * format defined in RFC 4120 5.2.3
64
     * </ol>
65
     *
66
     * If there is a security manager, an {@link InquireSecContextPermission}
67
     * with the name {@code type.mech} must be granted. Otherwise, this could
68
     * result in a {@link SecurityException}.<p>
69
     *
70
     * Example:
71
     * <pre>
72
     *      GSSContext ctxt = m.createContext(...)
73
     *      // Establishing the context
74
     *      if (ctxt instanceof ExtendedGSSContext) {
75
     *          ExtendedGSSContext ex = (ExtendedGSSContext)ctxt;
76
     *          try {
77
     *              Key key = (key)ex.inquireSecContext(
78
     *                      InquireType.KRB5_GET_SESSION_KEY);
79
     *              // read key info
80
     *          } catch (GSSException gsse) {
81
     *              // deal with exception
82
     *          }
83
     *      }
84
     * </pre>
85
     * @param type the type of the attribute requested
86
     * @return the attribute, see the method documentation for details.
87
     * @throws GSSException containing  the following
88
     * major error codes:
89
     *   {@link GSSException#BAD_MECH GSSException.BAD_MECH} if the mechanism
90
     *   does not support this method,
91
     *   {@link GSSException#UNAVAILABLE GSSException.UNAVAILABLE} if the
92
     *   type specified is not supported,
93
     *   {@link GSSException#NO_CONTEXT GSSException.NO_CONTEXT} if the
94
     *   security context is invalid,
95
     *   {@link GSSException#FAILURE GSSException.FAILURE} for other
96
     *   unspecified failures.
97
     * @throws SecurityException if a security manager exists and a proper
98
     *   {@link InquireSecContextPermission} is not granted.
99
     * @see InquireSecContextPermission
100
     */
101
    public Object inquireSecContext(InquireType type)
102
            throws GSSException;
103

104
    /**
105
     * Requests that the delegation policy be respected. When a true value is
106
     * requested, the underlying context would use the delegation policy
107
     * defined by the environment as a hint to determine whether credentials
108
     * delegation should be performed. This request can only be made on the
109
     * context initiator's side and it has to be done prior to the first
110
     * call to <code>initSecContext</code>.
111
     * <p>
112
     * When this flag is false, delegation will only be tried when the
113
     * {@link GSSContext#requestCredDeleg(boolean) credentials delegation flag}
114
     * is true.
115
     * <p>
116
     * When this flag is true but the
117
     * {@link GSSContext#requestCredDeleg(boolean) credentials delegation flag}
118
     * is false, delegation will be only tried if the delegation policy permits
119
     * delegation.
120
     * <p>
121
     * When both this flag and the
122
     * {@link GSSContext#requestCredDeleg(boolean) credentials delegation flag}
123
     * are true, delegation will be always tried. However, if the delegation
124
     * policy does not permit delegation, the value of
125
     * {@link #getDelegPolicyState} will be false, even
126
     * if delegation is performed successfully.
127
     * <p>
128
     * In any case, if the delegation is not successful, the value returned
129
     * by {@link GSSContext#getCredDelegState()} is false, and the value
130
     * returned by {@link #getDelegPolicyState()} is also false.
131
     * <p>
132
     * Not all mechanisms support delegation policy. Therefore, the
133
     * application should check to see if the request was honored with the
134
     * {@link #getDelegPolicyState() getDelegPolicyState} method. When
135
     * delegation policy is not supported, <code>requestDelegPolicy</code>
136
     * should return silently without throwing an exception.
137
     * <p>
138
     * Note: for the Kerberos 5 mechanism, the delegation policy is expressed
139
     * through the OK-AS-DELEGATE flag in the service ticket. When it's true,
140
     * the KDC permits delegation to the target server. In a cross-realm
141
     * environment, in order for delegation be permitted, all cross-realm TGTs
142
     * on the authentication path must also have the OK-AS-DELAGATE flags set.
143
     * @param state true if the policy should be respected
144
     * @throws GSSException containing the following
145
     * major error codes:
146
     *   {@link GSSException#FAILURE GSSException.FAILURE}
147
     */
148
    public void requestDelegPolicy(boolean state) throws GSSException;
149

150
    /**
151
     * Returns the delegation policy response. Called after a security context
152
     * is established. This method can be only called on the initiator's side.
153
     * See {@link ExtendedGSSContext#requestDelegPolicy}.
154
     * @return the delegation policy response
155
     */
156
    public boolean getDelegPolicyState();
157
}
158

159