Class NegTokenInit2


public class NegTokenInit2 extends NegTokenInit
This class can encode and decode the MS extension of the SPNEGO negTokenInit2 Token.

The NegTokenInit2 message extends the NegTokenInit message with a

negHints
field.

The entire token is an ASN.1 DER encoded sequence of bytes in little endian byte encoding.

The following is the full ASN.1 specification of the token:

 GSSAPI          ::=  [APPLICATION 0] IMPLICIT SEQUENCE {
   mech                MechType,
   negTokenInit        NegotiationToken
 }

 NegotiationToken ::=  CHOICE {
   negTokenInit   [0]  NegTokenInit2,
   negTokenTarg   [1]  NegTokenTarg
 }

 NegTokenInit2    ::=  SEQUENCE {
   mechTypes      [0]  MechTypeList  OPTIONAL,
   reqFlags       [1]  ContextFlags  OPTIONAL,
   mechToken      [2]  OCTET STRING  OPTIONAL,
   negHints       [3]  NegHints OPTIONAL,
   mechListMIC    [4]  OCTET STRING  OPTIONAL
 }

 MechTypeList     ::=  SEQUENCE of MechType

 ContextFlags     ::=  BIT_STRING {
   delegFlag      (0),
   mutualFlag     (1),
   replayFlag     (2),
   sequenceFlag   (3),
   anonFlag       (4),
   confFlag       (5),
   integFlag      (6)
 }

 NegHints         ::=  SEQUENCE {
   hintName       [0] GeneralString OPTIONAL,
   hintAddress    [1] OCTET STRING OPTIONAL
 }

 MechType         ::=  OBJECT IDENTIFIER
 

In the context of this class only the NegTokenInit is covered.

  • When an InitToken is sent, it is prepended by the generic GSSAPI header.
  • The "mech" field of the GSSAPI header is always set to the SPNEGO OID (1.3.6.1.5.5.2)
  • The negTokenInit will have a lead byte of 0xa0 (the CHOICE tagged object).
  • Constructor Details

    • NegTokenInit2

      public NegTokenInit2()
  • Method Details