org.globus.gsi.gssapi
Class GSSConstants

java.lang.Object
  extended by org.globus.gsi.gssapi.GSSConstants

public abstract class GSSConstants
extends java.lang.Object

Defines common GSI-GSS constants.


Field Summary
static org.ietf.jgss.Oid ACCEPT_NO_CLIENT_CERTS
          Context option.
static org.ietf.jgss.Oid AUTHZ_REQUIRED_WITH_DELEGATION
          Context option.
static org.ietf.jgss.Oid CHECK_CONTEXT_EXPIRATION
          Context option.
static org.ietf.jgss.Oid DELEGATION_TYPE
          Context option.
static org.ietf.jgss.Oid FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM
          Context option.
static org.ietf.jgss.Oid GRIM_POLICY_HANDLER
          Deprecated. Please use GSSConstants.PROXY_POLICY_HANDLERS option instead.
static int GSI_BIG
          Quality-of-Protection (QOP) value, indicates large block size support.
static org.ietf.jgss.Oid GSS_MODE
          Context option.
static org.ietf.jgss.Oid MECH_OID
          Globus GSI GSS mechanism Oid
static org.ietf.jgss.Oid PROXY_POLICY_HANDLERS
          Context option.
static org.ietf.jgss.Oid RECEIVED_LIMITED_PROXY
          Used in inquireByOid method.
static org.ietf.jgss.Oid REJECT_LIMITED_PROXY
          Context option.
static org.ietf.jgss.Oid REQUIRE_CLIENT_AUTH
          Context option.
static org.ietf.jgss.Oid TRUSTED_CERTIFICATES
          Context option.
static org.ietf.jgss.Oid X509_CERT_CHAIN
          Used in inquireByOid function.
 
Constructor Summary
GSSConstants()
           
 
Method Summary
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

MECH_OID

public static final org.ietf.jgss.Oid MECH_OID
Globus GSI GSS mechanism Oid


GSS_MODE

public static final org.ietf.jgss.Oid GSS_MODE
Context option. It is used to configure the GSS mode. It can be set to GSIConstants.MODE_GSI or GSIConstants.MODE_SSL. By default GSI mode is enabled.


REJECT_LIMITED_PROXY

public static final org.ietf.jgss.Oid REJECT_LIMITED_PROXY
Context option. It is used to enable/disable the rejection of limited proxies during authentication. In can be set to either Boolean.TRUE or Boolean.FALSE. By default limited proxies are accepted.


DELEGATION_TYPE

public static final org.ietf.jgss.Oid DELEGATION_TYPE
Context option. It is used to configure delegation type to be performed either during authentication or using the delegation API. It can be set to GSIConstants.DELEGATION_TYPE_LIMITED or GSIConstants.DELEGATION_TYPE_FULL By default limited delegation is performed.


CHECK_CONTEXT_EXPIRATION

public static final org.ietf.jgss.Oid CHECK_CONTEXT_EXPIRATION
Context option. It is used to enable/disable context expiration checking for methods like wrap, unwrap, verifyMIC, getMIC. In can be set to either Boolean.TRUE or Boolean.FALSE. By default context expiration checking is disabled.


REQUIRE_CLIENT_AUTH

public static final org.ietf.jgss.Oid REQUIRE_CLIENT_AUTH
Context option. It is used to enable/disable client authentication on acceptor side. In can be set to either Boolean.TRUE or Boolean.FALSE. By default client authentication is enabled.


ACCEPT_NO_CLIENT_CERTS

public static final org.ietf.jgss.Oid ACCEPT_NO_CLIENT_CERTS
Context option. It is only used when client authentication is enabled. In can be set to either Boolean.TRUE or Boolean.FALSE. If set to Boolean.TRUE a context will be successfully established even though client send no certificates and client authentication was required. If set to Boolean.FALSE, the context establishment will fail if client does not send its certificates and client authentication was requested.


GRIM_POLICY_HANDLER

public static final org.ietf.jgss.Oid GRIM_POLICY_HANDLER
Deprecated. Please use GSSConstants.PROXY_POLICY_HANDLERS option instead.
Context option. It is used to set a policy handler for GRIM credentials. The value is an instance of ProxyPolicyHandler


PROXY_POLICY_HANDLERS

public static final org.ietf.jgss.Oid PROXY_POLICY_HANDLERS
Context option. It is used to pass a set of proxy policy handlers. The value if a Map type. It contains mappings of proxy policy language oids and instances of ProxyPolicyHandler


TRUSTED_CERTIFICATES

public static final org.ietf.jgss.Oid TRUSTED_CERTIFICATES
Context option. It is used to set a list of trusted certificates to use during authentication (by default, the trusted certificates are loaded from a standard location) The value is an instance of TrustedCertificates


X509_CERT_CHAIN

public static final org.ietf.jgss.Oid X509_CERT_CHAIN
Used in inquireByOid function. Returns the certificate chain.


RECEIVED_LIMITED_PROXY

public static final org.ietf.jgss.Oid RECEIVED_LIMITED_PROXY
Used in inquireByOid method. Retuns if peer presented a limited credential


AUTHZ_REQUIRED_WITH_DELEGATION

public static final org.ietf.jgss.Oid AUTHZ_REQUIRED_WITH_DELEGATION
Context option. It is set to a Boolean value and if false, client authorization requirement with delegation is disabled. By default, client side authorization (to authorize the server) is required for delegation of credentials.


FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM

public static final org.ietf.jgss.Oid FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM
Context option. It is set to a Boolean value and if true, the GSI/GSSAPI layer will force the underlying SSL/TLS to use SSLv3 and a narrow set of cipher suites so communication with GRAM servers can succeed.


GSI_BIG

public static final int GSI_BIG
Quality-of-Protection (QOP) value, indicates large block size support. Can be passed to wrap or set by unwrap methods

See Also:
Constant Field Values
Constructor Detail

GSSConstants

public GSSConstants()


Copyright © 2013. All Rights Reserved.