Class HostAuthorization

java.lang.Object

org.globus.gsi.gssapi.auth.Authorization

org.globus.gsi.gssapi.auth.GSSAuthorization

org.globus.gsi.gssapi.auth.HostAuthorization

public class HostAuthorization
extends GSSAuthorization

Implements a simple host authorization mechanism. The peer's host name (in FQDN form) is compared with the host name specified in the peer's certificate chain.

Field Summary

Fields

Modifier and Type	Field	Description
private String	_service
private static HostAuthorization	hostAuthorization
static final HostAuthorization	ldapAuthorization
private static org.apache.commons.logging.Log	logger

Constructor Summary

Constructors

Constructor	Description
HostAuthorization(String service)

Method Summary

Modifier and Type	Method	Description
void	authorize(GSSContext context, String host)	Performs host authentication.
boolean	equals(Object o)
GSSName	getExpectedName(GSSCredential cred, String host)	Returns expected GSSName used for authorization purposes.
static HostAuthorization	getInstance()	Returns an instance of host authentication.
int	hashCode()

Methods inherited from class Authorization

generateAuthorizationException

Methods inherited from class Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

private static org.apache.commons.logging.Log logger

ldapAuthorization

public static final HostAuthorization ldapAuthorization

_service

private String _service

hostAuthorization

private static HostAuthorization hostAuthorization

Constructor Details

HostAuthorization

public HostAuthorization(String service)

Method Details

getInstance

public static HostAuthorization getInstance()

Returns an instance of host authentication.

Returns:

an instance of this class initialized with host as a service.

getExpectedName

public GSSName getExpectedName(GSSCredential cred,
 String host)
                        throws GSSException

Description copied from class: GSSAuthorization

Returns expected GSSName used for authorization purposes. Can returns null for self authorization.

Specified by:

getExpectedName in class GSSAuthorization

Parameters:

cred - credentials used

host - host address of the peer.

Throws:

GSSException - if unable to create the name.

authorize

public void authorize(GSSContext context,
 String host)
               throws AuthorizationException

Performs host authentication. The hostname of the peer is compared with the hostname specified in the peer's (topmost) certificate in the certificate chain. The hostnames must match exactly (in case-insensitive way)

Specified by:

authorize in class Authorization

Parameters:

context - the security context

host - host address of the peer.

Throws:

AuthorizationException - if the hostnames do not match.

equals

public boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public int hashCode()

Overrides:

hashCode in class Object