Java Generic Security Services (Java GSS)
and Kerberos Enhancements for Java 6
The following enhancements were added to the Java GSS/Kerberos
implementation in Java SE 6. For details, see the JGSS Feature Enhancements List.
- Support for AES Encryption Type
Support for AES encryption type (AES128 and AES256) in Java
GSS/Kerberos is available. This improves interoperability of the
Java SE Kerberos implementation with other Kerberos
implementations, such as Solaris 10 and MIT Kerberos.
- Support for RC4-HMAC Encryption Type
Support for RC4-HMAC encryption type in Java GSS/Kerberos is
available. This improves interoperability of the Java SE Kerberos
implementation with other Kerberos implementations, such as
Windows, Solaris 10 and MIT Kerberos. Windows Active Directoiory
supports RC4-HMAC as the default Kerberos encryption type.
- Support for SPNEGO in Java GSS
Support for SPNEGO mechanism in Java GSS is now available. The
Simple and Protected GSS-API Negotiation (SPNEGO) mechanism is a
pseudo security mechanism that enables GSS-API peers to securely
negotiate a common security mechanism to be used.
Support for SPNEGO authentication scheme in HTTP is also
available.
- Support for new Pre-Authentication Mechanisms
Java GSS/Kerberos now includes support for the new
pre-authentication mechanisms as described in the latest Kerberos
specification.
- Native Platform GSS Integration
This feature allows Java GSS applications to take advantage of
features in the native GSS implementation available on the
platform.