IBM Java Generic Security Service (JGSS)

 

The Java™ Generic Security Service (JGSS) provides a generic interface for authentication and secure messaging. Under this interface you can plug a variety of security mechanisms based on secret-key, public-key, or other security technologies.

By abstracting the complexity and peculiarities of the underlying security mechanisms to a standardized interface, JGSS provides the following benefits to the development of secure networking applications:

JGSS defines the Java bindings for the Generic Security Service Application Programming Interface (GSS-API), which is a cryptographic API that has been standardized by the Internet Engineering Task Force (IETF) and adopted by the X/Open Group.

The IBM® implementation of JGSS is called IBM JGSS. IBM JGSS is an implementation of the GSS-API framework that uses Kerberos V5 as the default underlying security system. It also features a Java Authentication and Authorization Service (JAAS) login module for creating and using Kerberos credentials. In addition, you can have JGSS perform JAAS authorization checks when you use those credentials.

IBM JGSS includes a native System i5™ JGSS provider, a Java JGSS provider, and Java versions of the Kerberos credential managerment tools (kinit, ktab, and klist).

The native System i5 JGSS provider uses the native System i5 Network Authentication Services (NAS) library. When you use the native provider, use the native System i5 Kerberos utilities. For more information, see JGSS providers.

 

Parent topic:

Java security

Related concepts
Java security model Java Cryptography Extension Java Secure Socket Extension Java Authentication and Authorization Service