Creating a GSSName

GSSName represents the identity of a GSS-API principal. A GSSName may contain many representations of the principal, one for each supported underlying mechanism. A GSSName that contains only one name representation is called a Mechanism Name (MN).

GSSManager has several overloaded methods for creating a GSSName from a string or a contiguous array of bytes. The methods interpret the string or byte array according to a specified name type. Typically, you use the GSSName byte-array methods to reconstitute an exported name. The exported name is usually a mechanism name of type GSSName.NT_EXPORT_NAME. Some of these methods allow you to specify a security mechanism with which to create the name.

Example: Using GSSName

The following basic code snippet shows how to use GSSName.

Note: Specify Kerberos service name strings as either <service> or <service@host> where <service> is the name of the service and <host> is the hostname of the machine on which the service runs. You can (but do not have to) use a fully qualified hostname. When you omit the @<host> portion of the string, GSSName uses the local hostname.
     // Create GSSName for user foo.
     GSSName fooName = manager.createName("foo", GSSName.NT_USER_NAME);

     // Create a Kerberos V5 mechanism name for user foo.
     Oid krb5Mech = new Oid("1.2.840.113554.1.2.2");
     GSSName fooName = manager.createName("foo", GSSName.NT_USER_NAME, krb5Mech);

     // Create a mechanism name from a non-mechanism name by using the GSSName
     // canonicalize method.
     GSSName fooName = manager.createName("foo", GSSName.NT_USER_NAME);
     GSSName fooKrb5Name = fooName.canonicalize(krb5Mech);
Parent topic: IBM JGSS application programming steps
Previous topic: Creating a GSSManager
Next topic: Creating a GSSCredential