directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny" <elecha...@gmail.com>
Subject Kerberos PrincipalName
Date Mon, 02 Jul 2007 11:44:49 GMT
Hi,

in order to facilitate the codec work, we may need to implement our
own PrincipalName instead of using
javax.security.auth.kerberos.KerberosPrincipal.

We will have to define a new API for this class, which should be close
to the existing KerberosPrincipal class. The main differences I see
are :

- Principal Type : we will have all the different types in an enum,
outside of the PrincipalName (PN) class (KerberosPrincipal contains
those types constant)
- We should be able to construct a new PrincipalName by passing a
KerberosPrincipal object as an argument. Also, as we may have more
than a component into the name, we should be able to add some
component to an existing PN and also to initialize a PN with a list of
component names.
- we have to implement RFC 1964, part 2.1
- the getNameType() method will return a reference to the
PrincipalType enum instead of an int
- the getName() method should remain the same
- we should add some getRealm() method
- we should also add a getNameComponents() method, returning a lost of
NameComponent (a list of String)
- internally, instead of keeping the PN as a String, we should
decompose it into a list of NameComponent and a REALM.

wdyt ?


-- 
Regards,
Cordialement,
Emmanuel L├ęcharny
www.iktek.com

Mime
View raw message