org.globus.gsi.gssapi.auth
Class HostAuthorization

java.lang.Object
  extended by org.globus.gsi.gssapi.auth.Authorization
      extended by org.globus.gsi.gssapi.auth.GSSAuthorization
          extended by org.globus.gsi.gssapi.auth.HostAuthorization

public class HostAuthorization
extends GSSAuthorization

Implements a simple host authorization mechanism. The peer's host name (in FQDN form) is compared with the host name specified in the peer's certificate chain.


Field Summary
static HostAuthorization ldapAuthorization
           
 
Constructor Summary
HostAuthorization(java.lang.String service)
           
 
Method Summary
 void authorize(org.ietf.jgss.GSSContext context, java.lang.String host)
          Performs host authentication.
 boolean equals(java.lang.Object o)
           
 org.ietf.jgss.GSSName getExpectedName(org.ietf.jgss.GSSCredential cred, java.lang.String host)
          Returns expected GSSName used for authorization purposes.
static HostAuthorization getInstance()
          Returns an instance of host authentication.
 int hashCode()
           
 
Methods inherited from class org.globus.gsi.gssapi.auth.Authorization
generateAuthorizationException
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ldapAuthorization

public static final HostAuthorization ldapAuthorization
Constructor Detail

HostAuthorization

public HostAuthorization(java.lang.String service)
Method Detail

getInstance

public static HostAuthorization getInstance()
Returns an instance of host authentication.

Returns:
an instance of this class initialized with host as a service.

getExpectedName

public org.ietf.jgss.GSSName getExpectedName(org.ietf.jgss.GSSCredential cred,
                                             java.lang.String host)
                                      throws org.ietf.jgss.GSSException
Description copied from class: GSSAuthorization
Returns expected GSSName used for authorization purposes. Can returns null for self authorization.

Specified by:
getExpectedName in class GSSAuthorization
Parameters:
cred - credentials used
host - host address of the peer.
Throws:
org.ietf.jgss.GSSException - if unable to create the name.

authorize

public void authorize(org.ietf.jgss.GSSContext context,
                      java.lang.String host)
               throws AuthorizationException
Performs host authentication. The hostname of the peer is compared with the hostname specified in the peer's (topmost) certificate in the certificate chain. The hostnames must match exactly (in case-insensitive way)

Specified by:
authorize in class Authorization
Parameters:
context - the security context
host - host address of the peer.
Throws:
AuthorizationException - if the hostnames do not match.

equals

public boolean equals(java.lang.Object o)
Overrides:
equals in class java.lang.Object

hashCode

public int hashCode()
Overrides:
hashCode in class java.lang.Object


Copyright © 2013. All Rights Reserved.