java.lang.Object
- net.sf.michaelo.tomcat.pac.Pac

```
public class Pac
extends Object
```
A class representing the PAC Data structure from MS-PAC. This implementation only parses the embedded structures which are required for the purpose of this component, everything else is skipped.
Important: It is imperative to pass a suitable signature verifier implementation and the long term Kerberos keys for the principal from the keytab which were used to establish the security context. The simplest implementation is the PrivateSunPacSignatureVerifier which uses private Sun classes to perform the calculation.

Field Summary

Fields
Modifier and Type Field Description

protected Log logger

Constructor Summary

Constructors
Constructor Description

Pac(byte[] pacDataBytes, PacSignatureVerifier signatureVerifier)
Parses a PAC data object from a byte array.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`PacSignatureData`	`getKdcSignature()`
`KerbValidationInfo`	`getKerbValidationInfo()`
`PacClientInfo`	`getPacClientInfo()`
`PacSignatureData`	`getServerSignature()`
`UpnDnsInfo`	`getUpnDnsInfo()`
`void`	`verifySignature(Key[] keys)`	Verifies the server signature of this PAC data structure with zeroed server and KDC signature values with the supplied long term Kerberos keys.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - logger
```
protected final Log logger
```
- Constructor Detail
  - Pac
```
public Pac(byte[] pacDataBytes,
           PacSignatureVerifier signatureVerifier)
```
    Parses a PAC data object from a byte array.
    
    Parameters:
    
    pacDataBytes - PAC data structure encoded as bytes
    
    signatureVerifier - a signature verifier implementation
    
    Throws:
    
    NullPointerException - if infoBytes is null
    
    IllegalArgumentException - if infoBytes is empty
    
    NullPointerException - if signatureVerifier is null
    
    IllegalArgumentException - if PAC version is not 0
    
    IllegalArgumentException - if an embedded PAC_INFO_BUFFER structure offset is not a multiple of 8
    
    IllegalArgumentException - if any embedded structure is invalid
    
    IllegalArgumentException - if any of the required embedded structures (KERB_VALIDATION_INFO, PAC_CLIENT_INFO, PAC_SIGNATURE_DATA (Server Signature), PAC_SIGNATURE_DATA (KDC Signature)) is not present
- Method Detail
  - getKerbValidationInfo
```
public KerbValidationInfo getKerbValidationInfo()
```
  - getUpnDnsInfo
```
public UpnDnsInfo getUpnDnsInfo()
```
  - getPacClientInfo
```
public PacClientInfo getPacClientInfo()
```
  - getServerSignature
```
public PacSignatureData getServerSignature()
```
  - getKdcSignature
```
public PacSignatureData getKdcSignature()
```
  - verifySignature
```
public void verifySignature(Key[] keys)
                     throws SignatureException
```
    Verifies the server signature of this PAC data structure with zeroed server and KDC signature values with the supplied long term Kerberos keys.
    
    Parameters:
    
    keys - an array of long term Kerberos keys for the principal from the keytab which was used to establish the security context
    
    Throws:
    
    SignatureException - if the signature validation fails with all supplied keys
    
    See Also:
    
    PacSignatureVerifier

Class Pac

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

logger

Constructor Detail

Pac

Method Detail

getKerbValidationInfo

getUpnDnsInfo

getPacClientInfo

getServerSignature

getKdcSignature

verifySignature