Class Pac


  • public class Pac
    extends Object
    A class representing the PAC Data structure from MS-PAC. This implementation only parses the embedded structures which are required for the purpose of this component, everything else is skipped.

    Important: It is imperative to pass a suitable signature verifier implementation and the long term Kerberos keys for the principal from the keytab which were used to establish the security context. The simplest implementation is the PrivateSunPacSignatureVerifier which uses private Sun classes to perform the calculation.

    • Field Detail

      • logger

        protected final Log logger
    • Method Detail

      • getUpnDnsInfo

        public UpnDnsInfo getUpnDnsInfo()
      • verifySignature

        public void verifySignature​(Key[] keys)
                             throws SignatureException
        Verifies the server signature of this PAC data structure with zeroed server and KDC signature values with the supplied long term Kerberos keys.
        Parameters:
        keys - an array of long term Kerberos keys for the principal from the keytab which was used to establish the security context
        Throws:
        SignatureException - if the signature validation fails with all supplied keys
        See Also:
        PacSignatureVerifier