Exporting GSSCredential to byte array and vice versa

170 views Asked by At

I am implementing S4U protocol using GSS in java. Since java 7 does not support this protocol, I plan to write a JNI wrapper over the gss api methods in C that do not have equivalent in java.

As part of this I am writing a JNI over gss_acquire_cred_impersonate_name as described in http://k5wiki.kerberos.org/wiki/Projects/Services4User#gss_acquire_cred_impersonate_name .

This method takes an previously populated input credential handle (gss_cred_id_t) and populates an output credential handle. In my java code I have a GSSCredential created which I need to pass to C function in form of gss_cred_id_t and convert the output credential handle from gss_cred_id_t back to GSSCredential for further use.

How can I export GSSCredential object to byte array and vice versa in order to communicate with the C function ?

Thanks

2

There are 2 answers

0
Michael-O On
  1. You should rather Java 8 code, it has built-in support.
  2. Export cred us a custom extension for GSS-API and therefore not available. The Globus JGSS implementation support this extension.
0
armb On

When I had a similar problem I used https://github.com/cconlon/kerberos-java-gssapi and did all my GSS-API work though the wrapper. (But that was only a temporary stage before discarding Java altogether.)