**/
public static AS_ContextSec createAuthenticationServiceContext(
IorSecurityConfigMetaData metadata
)
{
AS_ContextSec context = null;
// the content of the context
int support = 0;
int require = 0;
byte[] clientAuthMech = {};
byte[] targetName = {};
// get the AsContext metadata
AsContext asMeta = metadata.getAsContext();
// if no AS context metatada exists, or authentication method
// "none" is specified, we can produce an empty AS context
if( asMeta == null || asMeta.getAuthMethod().equals(AsContext.AUTH_METHOD_NONE)
/*|| asMeta.isRequired() == false*/ )
{
context = new AS_ContextSec((short) support,
(short) require,
clientAuthMech,
targetName);
}
else
{
// we do support
support = EstablishTrustInClient.value;
// required depends on the metadata
if( asMeta.isRequired() )
require = EstablishTrustInClient.value;
// we only support GSSUP authentication method
clientAuthMech = createGSSUPMechOID();
// finally, encode the "realm" name as a CSI.GSS_NT_ExportedName.
// clientAuthMech should contain the DER encoded GSSUPMechOID
// at this point.
String realm = asMeta.getRealm();
targetName = createGSSExportedName(clientAuthMech, realm.getBytes());
// wrap it up
context = new AS_ContextSec((short) support,
(short) require,
clientAuthMech,
targetName);
}