A GSSCredential contains all the cryptographic information necessary to create a context on behalf of a principal and can contain credential information for multiple mechanisms.
GSSManager has three credential creation methods. Two of the methods take for parameters a GSSName, the lifetime of the credential, one or more mechanisms from which to get credentials, and the credential usage type. The third method takes only a usage type and uses the default values for other parameters. Specifying a null mechanism also uses the default mechanism. Specifying a null array of mechanisms causes the method to return credentials for the default set of mechanisms.
Your application can create only one of the three credentials types (initiate, accept, or initiate and accept) at a time.
Examples: Obtaining credentials
The following example obtains the default credentials for an initiator:
GSSCredentials fooCreds = manager.createCredentials(GSSCredential.INITIATE)
The following example obtains Kerberos V5 credentials for the initiator foo that have the default validity period:
GSSCredential fooCreds = manager.createCredential(fooName, GSSCredential.DEFAULT_LIFETIME,
krb5Mech,GSSCredential.INITIATE);
The following example obtains an all-default acceptor credential:
GSSCredential serverCreds = manager.createCredential(null, GSSCredential.DEFAULT_LIFETIME,
(Oid)null, GSSCredential.ACCEPT);