org.globus.gsi.gssapi.auth
Class HostAuthorization
java.lang.Object
org.globus.gsi.gssapi.auth.Authorization
org.globus.gsi.gssapi.auth.GSSAuthorization
org.globus.gsi.gssapi.auth.HostAuthorization
public class HostAuthorization
- extends GSSAuthorization
Implements a simple host authorization mechanism.
The peer's host name (in FQDN form) is compared with the
host name specified in the peer's certificate chain.
Method Summary |
void |
authorize(org.ietf.jgss.GSSContext context,
java.lang.String host)
Performs host authentication. |
boolean |
equals(java.lang.Object o)
|
org.ietf.jgss.GSSName |
getExpectedName(org.ietf.jgss.GSSCredential cred,
java.lang.String host)
Returns expected GSSName used for authorization purposes. |
static HostAuthorization |
getInstance()
Returns an instance of host authentication. |
int |
hashCode()
|
Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
ldapAuthorization
public static final HostAuthorization ldapAuthorization
HostAuthorization
public HostAuthorization(java.lang.String service)
getInstance
public static HostAuthorization getInstance()
- Returns an instance of host authentication.
- Returns:
- an instance of this class initialized with
host as a service.
getExpectedName
public org.ietf.jgss.GSSName getExpectedName(org.ietf.jgss.GSSCredential cred,
java.lang.String host)
throws org.ietf.jgss.GSSException
- Description copied from class:
GSSAuthorization
- Returns expected
GSSName
used for authorization purposes.
Can returns null for self authorization.
- Specified by:
getExpectedName
in class GSSAuthorization
- Parameters:
cred
- credentials usedhost
- host address of the peer.
- Throws:
org.ietf.jgss.GSSException
- if unable to create the name.
authorize
public void authorize(org.ietf.jgss.GSSContext context,
java.lang.String host)
throws AuthorizationException
- Performs host authentication. The hostname of the peer is
compared with the hostname specified in the peer's (topmost)
certificate in the certificate chain. The hostnames must
match exactly (in case-insensitive way)
- Specified by:
authorize
in class Authorization
- Parameters:
context
- the security contexthost
- host address of the peer.
- Throws:
AuthorizationException
- if the hostnames
do not match.
equals
public boolean equals(java.lang.Object o)
- Overrides:
equals
in class java.lang.Object
hashCode
public int hashCode()
- Overrides:
hashCode
in class java.lang.Object
Copyright © 2013. All Rights Reserved.