1 /**
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20 package org.apache.wss4j.common.kerberos;
21
22 import javax.security.auth.Subject;
23
24 /**
25 * This interface defines a pluggable way to obtain a session key given an AP-REQ Kerberos token and a
26 * Subject. The session key is needed on the receiving side when it is used for message signature or
27 * encryption. A default implementation is not shipped with WSS4J due to a dependency on internal APIs
28 * or ASN1 parsers.
29 */
30 public interface KerberosTokenDecoder {
31
32 /**
33 * Set the AP-REQ Kerberos Token
34 * @param token the AP-REQ Kerberos Token
35 */
36 void setToken(byte[] token);
37
38 /**
39 * Set the Subject
40 * @param subject the Subject
41 */
42 void setSubject(Subject subject);
43
44 /**
45 * Get the session key from the token
46 * @return the session key from the token
47 */
48 byte[] getSessionKey() throws KerberosTokenDecoderException;
49
50 /**
51 * Clear all internal information
52 */
53 void clear();
54
55 }