The following enhancements were added to the Java GSS/Kerberos implementation in Java SE 6. For details, see the JGSS Feature Enhancements List.

• Support for AES Encryption Type
  
  Support for AES encryption type (AES128 and AES256) in Java GSS/Kerberos is available. This improves interoperability of the Java SE Kerberos implementation with other Kerberos implementations, such as Solaris 10 and MIT Kerberos.
  
  
• Support for RC4-HMAC Encryption Type
  
  Support for RC4-HMAC encryption type in Java GSS/Kerberos is available. This improves interoperability of the Java SE Kerberos implementation with other Kerberos implementations, such as Windows, Solaris 10 and MIT Kerberos. Windows Active Directoiory supports RC4-HMAC as the default Kerberos encryption type.
  
  
• Support for SPNEGO in Java GSS
  
  Support for SPNEGO mechanism in Java GSS is now available. The Simple and Protected GSS-API Negotiation (SPNEGO) mechanism is a pseudo security mechanism that enables GSS-API peers to securely negotiate a common security mechanism to be used.
  
  Support for SPNEGO authentication scheme in HTTP is also available.
  
  
• Support for new Pre-Authentication Mechanisms
  
  Java GSS/Kerberos now includes support for the new pre-authentication mechanisms as described in the latest Kerberos specification.
  
  
• Native Platform GSS Integration
  
  This feature allows Java GSS applications to take advantage of features in the native GSS implementation available on the platform.
  
  

Copyright © 1995-2006 Sun Microsystems, Inc. All Rights Reserved. Please send comments to: java-security@sun.com.

Java Software