Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.wsrf.impl.security.descriptor
Class ContainerSecurityDescriptor

java.lang.Object
  extended by org.globus.wsrf.impl.security.descriptor.SecurityDescriptor
      extended by org.globus.wsrf.impl.security.descriptor.ContainerSecurityDescriptor
All Implemented Interfaces:
java.io.Serializable
public class ContainerSecurityDescriptor
extends SecurityDescriptor

Represents a contianer security descriptor. Only one static instance of this is stored in used ber JVM. So if multiple notification consumers are started and they overwrite the descriptor object, it affect the container and rest of the consumers started up.

See Also:
Serialized Form

Field Summary
(package private)  AuthorizationEngine adminAuthzEngine
           
(package private)  boolean adminBootstrapOverwrite
           
(package private)  java.lang.String certFilename
           
static java.lang.String CONT_SEC_DESCRIPTOR
           
(package private)  EntityAttributes containerEntityAttr
           
(package private)  EntityAttributes containerEntityIssuer
           
static java.lang.String DEFAULT_GRIDMAP_PDP
           
(package private)  ChainConfig defaultAuthzParams
           
(package private)  ContainerSecurityConfig descriptor
           
(package private)  java.lang.String descriptorFile
           
protected static org.globus.util.I18n i18n
           
(package private)  boolean initialized
           
(package private)  java.lang.String keyFilename
           
private static org.apache.commons.logging.Log logger
           
(package private)  java.lang.String proxyFilename
           
(package private)  org.globus.gsi.TrustedCertificates trustedCerts
           
(package private)  boolean usingDefaultCredential
           
 
Fields inherited from class org.globus.wsrf.impl.security.descriptor.SecurityDescriptor
authzEngine, bootstrapOverwrite, CERT_ENV_VARIABLE, KEY_ENV_VARIABLE, lastModified, PROXY_ENV_VARIABLE, RESOURCE, subject
 
Constructor Summary
ContainerSecurityDescriptor()
          Loads security descriptor from property "containerSecDesc" in global descriptor section in server-config.wsdd
ContainerSecurityDescriptor(ContainerSecurityConfig desc_)
           
ContainerSecurityDescriptor(java.lang.String descriptorFile_)
           
 
Method Summary
 AuthorizationEngine getAdminAuthzEngine()
           
private static AuthorizationEngine getAuthzEngine(AuthzChain authzChain, java.lang.String defaultAlg)
           
 java.lang.String getCertificateFilename()
           
 EntityAttributes getContainerEntity()
           
private  Attribute getContainerIdAttribute(EntityAttributes issuer)
           
 EntityAttributes getContainerIssuerEntity()
           
private  Attribute getContainerPrincipalAttribute(EntityAttributes issuer)
           
private  Attribute getContainerSubjectAttribute(EntityAttributes issuer)
           
 java.lang.Integer getContextLifetime()
           
 java.lang.Integer getContextTimerInterval()
           
 ChainConfig getDefaultAuthzParam()
           
 java.lang.Object getDefaultAuthzParamValue(java.lang.String prefix, java.lang.String property)
           
 org.globus.security.gridmap.GridMap getDefaultGridMap()
          Returns the GridMap configured for the container authorization engine.
 org.globus.security.gridmap.GridMap getDefaultParamGridMap()
          Returns the GridMap configured as the default authorization parameter.
 java.lang.String getDefaultParamGridMapFile()
          Returns the GridMap file configured as the default authorization parameter.
 java.lang.String getKeyFilename()
           
 java.lang.String getProxyFilename()
           
 java.lang.Boolean getRejectLimitedProxy()
           
 java.lang.Boolean getReplayAttackFilter()
           
 java.lang.Integer getReplayAttackWindow()
           
 java.lang.Integer getReplayTimerInterval()
           
static java.lang.String getSecurityDescFile()
          Returns the security descriptor file configured for container, if any
 ContainerSecurityConfig getSecurityDescriptor()
           
 java.lang.String getSecurityDescriptorFile()
           
 org.globus.gsi.TrustedCertificates getTrustedCertificates()
           
protected  void initialize()
           
 boolean isAdminBootstrapOverwrite()
           
 boolean isInitialized()
           
 boolean isRefreshRequired()
           
protected  java.lang.Long loadCredential(boolean load)
           
protected  void loadDescriptorFromFile()
           
private static InterceptorConfig[] parseInterceptors(Interceptor[] interceptor, java.util.HashMap parameters)
           
 void setAdminAuthzEngine(AuthorizationEngine _engine)
           
 void setAdminBootstrapOverwritee(boolean value)
           
 void setDefaultAuthzParam(ChainConfig config)
           
 void setDefaultAuthzParamValue(java.lang.String prefix, java.lang.String property, java.lang.Object object)
           
 void setDefaultGridMap(org.globus.security.gridmap.GridMap gridMap)
          Sets the GridMap configured for the container authorization engine.
 void setDefaultParamGridMap(org.globus.security.gridmap.GridMap gridMap)
          Sets the GridMap file configured as the default authorization parameter.
 void setInitialized(boolean initVal)
           
 void setSecurityDescriptor(ContainerSecurityConfig desc_)
           
 void setSecurityDescriptorFile(java.lang.String descriptorFile_)
           
 void setSubject(javax.security.auth.Subject subject_)
           
 void setTrustedCertificates(org.globus.gsi.TrustedCertificates certs)
           
 void useDefaultCredential(boolean useDef)
           
 
Methods inherited from class org.globus.wsrf.impl.security.descriptor.SecurityDescriptor
getAuthzEngine, getLastModified, getSubject, isBootstrapOverwrite, refresh, setAuthzEngine, setBootstrapOverwrite, setLastModified
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

private static org.apache.commons.logging.Log logger

i18n

protected static org.globus.util.I18n i18n

CONT_SEC_DESCRIPTOR

public static final java.lang.String CONT_SEC_DESCRIPTOR
See Also:
Constant Field Values

DEFAULT_GRIDMAP_PDP

public static final java.lang.String DEFAULT_GRIDMAP_PDP
See Also:
Constant Field Values

initialized

boolean initialized

descriptorFile

java.lang.String descriptorFile

defaultAuthzParams

ChainConfig defaultAuthzParams

adminAuthzEngine

AuthorizationEngine adminAuthzEngine

descriptor

ContainerSecurityConfig descriptor

proxyFilename

java.lang.String proxyFilename

certFilename

java.lang.String certFilename

keyFilename

java.lang.String keyFilename

trustedCerts

org.globus.gsi.TrustedCertificates trustedCerts

containerEntityIssuer

EntityAttributes containerEntityIssuer

containerEntityAttr

EntityAttributes containerEntityAttr

adminBootstrapOverwrite

boolean adminBootstrapOverwrite

usingDefaultCredential

boolean usingDefaultCredential
Constructor Detail

ContainerSecurityDescriptor

public ContainerSecurityDescriptor()
                            throws ConfigException
Loads security descriptor from property "containerSecDesc" in global descriptor section in server-config.wsdd

Throws:
ConfigException

ContainerSecurityDescriptor

public ContainerSecurityDescriptor(java.lang.String descriptorFile_)
                            throws ConfigException
Throws:
ConfigException

ContainerSecurityDescriptor

ContainerSecurityDescriptor(ContainerSecurityConfig desc_)
                      throws ConfigException
Throws:
ConfigException
Method Detail

loadDescriptorFromFile

protected void loadDescriptorFromFile()
                               throws ConfigException
Throws:
ConfigException

getContainerIdAttribute

private Attribute getContainerIdAttribute(EntityAttributes issuer)

getContainerPrincipalAttribute

private Attribute getContainerPrincipalAttribute(EntityAttributes issuer)

getContainerSubjectAttribute

private Attribute getContainerSubjectAttribute(EntityAttributes issuer)

initialize

protected void initialize()
                   throws ConfigException
Throws:
ConfigException

loadCredential

protected java.lang.Long loadCredential(boolean load)
                                 throws ConfigException
Specified by:
loadCredential in class SecurityDescriptor
Throws:
ConfigException

getAuthzEngine

private static AuthorizationEngine getAuthzEngine(AuthzChain authzChain,
                                                  java.lang.String defaultAlg)
                                           throws ConfigException
Throws:
ConfigException

parseInterceptors

private static InterceptorConfig[] parseInterceptors(Interceptor[] interceptor,
                                                     java.util.HashMap parameters)
                                              throws ConfigException
Throws:
ConfigException

getSecurityDescFile

public static java.lang.String getSecurityDescFile()
                                            throws ConfigException
Returns the security descriptor file configured for container, if any

Throws:
ConfigException

getContainerEntity

public EntityAttributes getContainerEntity()

getContainerIssuerEntity

public EntityAttributes getContainerIssuerEntity()

getSecurityDescriptorFile

public java.lang.String getSecurityDescriptorFile()

setSecurityDescriptorFile

public void setSecurityDescriptorFile(java.lang.String descriptorFile_)

isInitialized

public boolean isInitialized()

setInitialized

public void setInitialized(boolean initVal)

getSecurityDescriptor

public ContainerSecurityConfig getSecurityDescriptor()

setSecurityDescriptor

public void setSecurityDescriptor(ContainerSecurityConfig desc_)

useDefaultCredential

public void useDefaultCredential(boolean useDef)

setSubject

public void setSubject(javax.security.auth.Subject subject_)
Overrides:
setSubject in class SecurityDescriptor

setAdminAuthzEngine

public void setAdminAuthzEngine(AuthorizationEngine _engine)

getAdminAuthzEngine

public AuthorizationEngine getAdminAuthzEngine()

setAdminBootstrapOverwritee

public void setAdminBootstrapOverwritee(boolean value)

isAdminBootstrapOverwrite

public boolean isAdminBootstrapOverwrite()

getTrustedCertificates

public org.globus.gsi.TrustedCertificates getTrustedCertificates()

setTrustedCertificates

public void setTrustedCertificates(org.globus.gsi.TrustedCertificates certs)

getContextLifetime

public java.lang.Integer getContextLifetime()

getContextTimerInterval

public java.lang.Integer getContextTimerInterval()

getRejectLimitedProxy

public java.lang.Boolean getRejectLimitedProxy()

getReplayTimerInterval

public java.lang.Integer getReplayTimerInterval()

getReplayAttackWindow

public java.lang.Integer getReplayAttackWindow()

getReplayAttackFilter

public java.lang.Boolean getReplayAttackFilter()

setDefaultAuthzParam

public void setDefaultAuthzParam(ChainConfig config)

getDefaultAuthzParam

public ChainConfig getDefaultAuthzParam()

getDefaultAuthzParamValue

public java.lang.Object getDefaultAuthzParamValue(java.lang.String prefix,
                                                  java.lang.String property)

setDefaultAuthzParamValue

public void setDefaultAuthzParamValue(java.lang.String prefix,
                                      java.lang.String property,
                                      java.lang.Object object)

isRefreshRequired

public boolean isRefreshRequired()
                          throws ConfigException
Specified by:
isRefreshRequired in class SecurityDescriptor
Throws:
ConfigException

getDefaultGridMap

public org.globus.security.gridmap.GridMap getDefaultGridMap()
                                                      throws ConfigException
Returns the GridMap configured for the container authorization engine. The configuration is tied to the deafult gridmap in container and is: gridmapAuthz:org.globus.wsrf.impl.security.authorization.GridMapAuthorization

Throws:
ConfigException

setDefaultGridMap

public void setDefaultGridMap(org.globus.security.gridmap.GridMap gridMap)
                       throws ConfigException
Sets the GridMap configured for the container authorization engine. The configuration is tied to the deafult gridmap in container is: gridmapAuthz:org.globus.wsrf.impl.security.authorization.GridMapAuthorization

Throws:
ConfigException

getDefaultParamGridMap

public org.globus.security.gridmap.GridMap getDefaultParamGridMap()
                                                           throws ConfigException
Returns the GridMap configured as the default authorization parameter. The configuration is tied to the deafult gridmap in container: gridmapAuthz:org.globus.wsrf.impl.security.authorization.GridMapAuthorization

Throws:
ConfigException

getDefaultParamGridMapFile

public java.lang.String getDefaultParamGridMapFile()
                                            throws ConfigException
Returns the GridMap file configured as the default authorization parameter. The configuration is tied to the deafult gridmap in container: gridmapAuthz:org.globus.wsrf.impl.security.authorization.GridMapAuthorization

Throws:
ConfigException

setDefaultParamGridMap

public void setDefaultParamGridMap(org.globus.security.gridmap.GridMap gridMap)
Sets the GridMap file configured as the default authorization parameter. The configuration is tied to the deafult gridmap in container: gridmapAuthz:org.globus.wsrf.impl.security.authorization.GridMapAuthorization

getProxyFilename

public java.lang.String getProxyFilename()

getCertificateFilename

public java.lang.String getCertificateFilename()

getKeyFilename

public java.lang.String getKeyFilename()
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD