Java Generic Security Service (JGSS)

Java™ Generic Security Service (JGSS) API provides secure exchange of messages between communicating applications.

JGSS is an API framework that uses Kerberos V5 as the underlying default security mechanism. The API is a standardized abstract interface under which you can plug different security mechanisms that are based on private-key, public-key, and other security technologies.

JGSS shields secure applications from the complexities and peculiarities of the different underlying security mechanisms. JGSS provides identity and message origin authentication, message integrity, and message confidentiality. JGSS also features an optional Java Authentication and Authorization Service (JAAS) Kerberos login interface, and authorization checks. JAAS augments the access control features of Java, which is based on CodeSource with access controls based on authenticated principal identities.

Differences between the IBM and Oracle versions of JGSS

The IBM® version of JGSS differs from the Oracle version in the following ways:

• The com.sun.* packages are reimplemented by IBM and renamed com.ibm.* packages.
• The format of the parameters passed to the Java tools kinit, ktab, and klist is different from the equivalent tools provided in the Oracle version of JGSS.