Java SASL API, Version 1.1

Description

Maintenance version of the Java SASL API specification (JSR 28), version 1.1.

Maintenance Lead

ACCEPTED

  1. Declare RealmCallback and RealmChoiceCallback to be serializable.
    javax.security.sasl.RealmCallback and javax.security.sasl.RealmChoiceCallback extend from javax.security.auth.callback.TextInputCallback and javax.security.auth.callback.ChoiceCallback, respectively. In the Java 2 Platform, Standard Edition, v 1.4 (J2SE 1.4), javax.security.auth.callback.TextInputCallback and javax.security.auth.callback.ChoiceCallback are serializable.

    JSR 28's TCK already expects javax.security.sasl.RealmCallback and javax.security.sasl.RealmChoiceCallback to be serializable, but JSR 28's specification does not declare them to be serializable. The proposal is to fix the specification (javadocs) to match the JSR 28 TCK and J2SE 1.4.

  2. Make AuthorizeCallback serializable.
    The proposal is to make javax.security.sasl.AuthorizeCallback serializable, so that it is consistent with other callback classes in JSR 28 and J2SE 1.4. The serializable fields from this class will be:
    /**
     * The (authenticated) authentication id to check.
     * @serial
     */
    private String authenticationID;
    
    /**
     * The authorization id to check.
     * @serial
     */
    private String authorizationID;
    
    /**
     * The id of the authorized entity. If null, the id of
     * the authorized entity is authorizationID.
     * @serial
     */
    private String authorizedID;
    
    /**
     * A flag indicating whether the authentication id is allowed to
     * act on behalf of the authorization id. 
     * @serial
     */
    private boolean authorized;