Class GSSConstants

java.lang.Object
org.globus.gsi.gssapi.GSSConstants
public abstract class GSSConstants extends Object
Defines common GSI-GSS constants.

  • Field Details

    • MECH_OID

      public static final Oid MECH_OID
      Globus GSI GSS mechanism Oid

    • GSS_MODE

      public static final Oid GSS_MODE
      Context option. It is used to configure the GSS mode. It can be set to GSIConstants.MODE_GSI or GSIConstants.MODE_SSL. By default GSI mode is enabled.

    • REJECT_LIMITED_PROXY

      public static final Oid REJECT_LIMITED_PROXY
      Context option. It is used to enable/disable the rejection of limited proxies during authentication. In can be set to either Boolean.TRUE or Boolean.FALSE. By default limited proxies are accepted.

    • DELEGATION_TYPE

      public static final Oid DELEGATION_TYPE
      Context option. It is used to configure delegation type to be performed either during authentication or using the delegation API. It can be set to GSIConstants.DELEGATION_TYPE_LIMITED or GSIConstants.DELEGATION_TYPE_FULL By default limited delegation is performed.

    • CHECK_CONTEXT_EXPIRATION

      public static final Oid CHECK_CONTEXT_EXPIRATION
      Context option. It is used to enable/disable context expiration checking for methods like wrap, unwrap, verifyMIC, getMIC. In can be set to either Boolean.TRUE or Boolean.FALSE. By default context expiration checking is disabled.

    • REQUIRE_CLIENT_AUTH

      public static final Oid REQUIRE_CLIENT_AUTH
      Context option. It is used to enable/disable client authentication on acceptor side. In can be set to either Boolean.TRUE or Boolean.FALSE. By default client authentication is enabled.

    • ACCEPT_NO_CLIENT_CERTS

      public static final Oid ACCEPT_NO_CLIENT_CERTS
      Context option. It is only used when client authentication is enabled. In can be set to either Boolean.TRUE or Boolean.FALSE. If set to Boolean.TRUE a context will be successfully established even though client send no certificates and client authentication was required. If set to Boolean.FALSE, the context establishment will fail if client does not send its certificates and client authentication was requested.

    • GRIM_POLICY_HANDLER

      public static final Oid GRIM_POLICY_HANDLER
      Deprecated.
      Please use GSSConstants.PROXY_POLICY_HANDLERS option instead.
      Context option. It is used to set a policy handler for GRIM credentials. The value is an instance of ProxyPolicyHandler

    • PROXY_POLICY_HANDLERS

      public static final Oid PROXY_POLICY_HANDLERS
      Context option. It is used to pass a set of proxy policy handlers. The value if a Map type. It contains mappings of proxy policy language oids and instances of ProxyPolicyHandler

    • TRUSTED_CERTIFICATES

      public static final Oid TRUSTED_CERTIFICATES
      Context option. It is used to set a list of trusted certificates to use during authentication (by default, the trusted certificates are loaded from a standard location) The value is an instance of TrustedCertificates

    • X509_CERT_CHAIN

      public static final Oid X509_CERT_CHAIN
      Used in inquireByOid function. Returns the certificate chain.

    • RECEIVED_LIMITED_PROXY

      public static final Oid RECEIVED_LIMITED_PROXY
      Used in inquireByOid method. Retuns if peer presented a limited credential

    • AUTHZ_REQUIRED_WITH_DELEGATION

      public static final Oid AUTHZ_REQUIRED_WITH_DELEGATION
      Context option. It is set to a Boolean value and if false, client authorization requirement with delegation is disabled. By default, client side authorization (to authorize the server) is required for delegation of credentials.

    • GSI_BIG

      public static final int GSI_BIG
      Quality-of-Protection (QOP) value, indicates large block size support. Can be passed to wrap or set by unwrap methods
      See Also:

  • Constructor Details

    • GSSConstants

      public GSSConstants()