GlobusProxy (Java Globus API)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.security
Class GlobusProxy

java.lang.Object
  |
  +--org.globus.security.GlobusProxy
public class GlobusProxy
extends java.lang.Object

Provides a Java object representation of the standard Globus proxy file.

Constructor Summary
GlobusProxy(java.security.PrivateKey key, java.security.cert.X509Certificate[] certs)
          Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).
GlobusProxy(java.security.PrivateKey key, java.security.cert.X509Certificate[] certs, java.security.cert.X509Certificate trustedCertificate)
          Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).
GlobusProxy(java.security.PrivateKey key, java.security.cert.X509Certificate[] certs, java.security.cert.X509Certificate[] trustedCertificates)
          Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).
 
Method Summary
static boolean defaultUserProxyExists()
          Checks if the default user proxy file exists.
 java.security.cert.X509Certificate[] getCertificateChain()
           
 int getCertNum()
           
static GlobusProxy getDefaultUserProxy()
          Obtains the default user proxy.
static GlobusProxy getDefaultUserProxy(boolean reload)
          Obtains the default user proxy.
 java.lang.String getIssuer()
          Returns the issuer DN of the proxy certificate.
 java.security.PrivateKey getPrivateKey()
           
 java.security.cert.X509Certificate getProxyCert()
          Returns the top-most certificate of the chain.
 int getStrength()
          Returns strength of the private/public key in bits.
 java.lang.String getSubject()
          Returns the subject DN of the proxy certificate.
 long getTimeLeft()
          Returns time left of the proxy certificate.
 java.security.cert.X509Certificate[] getTrustedCertificates()
           
 java.security.cert.X509Certificate getUserCert()
          Returns the first certificate in the chain that is not a regular or limited proxy.
 boolean isFullProxy()
          Checks if the proxy is a full proxy.
 boolean isLimitedProxy()
          Checks if the proxy is a limited proxy.
static GlobusProxy load(byte[] proxyByteArray, java.lang.String caCertLocations)
          Loads a Globus proxy from a byte array with specified locations of trusted CA certificates.
static GlobusProxy load(java.io.InputStream proxyFileStream, java.lang.String caCertLocations)
          Loads a Globus proxy from a input stream with specified locations of trusted CA certificates.
static GlobusProxy load(java.io.InputStream proxyFileStream, TrustedCertificates trustedCerts)
          Loads a Globus proxy from a input stream with specified set of trusted CA certificates.
static GlobusProxy load(java.lang.String proxyFile)
          Loads a Globus proxy from specified file with default set of trusted CA certificates.
static GlobusProxy load(java.lang.String proxyFile, java.lang.String caCertLocations)
          Loads a Globus proxy from specified file with specified locations of trusted CA certificates.
static GlobusProxy load(java.lang.String certFile, java.lang.String unencryptedKeyFile, java.lang.String caCertLocations)
          Creates a GlobusProxy object from specified user certificate and unencrypted private key.
 void release()
          Releases the client and server SSL contexts associated with that proxy.
 void save(java.io.OutputStream out)
          Saves the proxy into a specified output stream.
 void save(java.lang.String filename)
          Saves the proxy into a specified file.
static void setDefaultUserProxy(GlobusProxy proxy)
          Sets the default user proxy to use.
 java.lang.String toString()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

GlobusProxy

public GlobusProxy(java.security.PrivateKey key,
                   java.security.cert.X509Certificate[] certs)
Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).

Parameters:
key - the proxy private key
certs - both the user cert and the proxy cert - forms a cert chain

GlobusProxy

public GlobusProxy(java.security.PrivateKey key,
                   java.security.cert.X509Certificate[] certs,
                   java.security.cert.X509Certificate trustedCertificate)
Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).

Parameters:
key - the proxy private key
certs - both the user cert and the proxy cert - forms a cert chain The proxy cert should be in certs[0] and the user cert in certs[1]
trustedCertificate - the trusted certificate (used for client authentication) if null, anything server will be trusted

GlobusProxy

public GlobusProxy(java.security.PrivateKey key,
                   java.security.cert.X509Certificate[] certs,
                   java.security.cert.X509Certificate[] trustedCertificates)
Creates a GlobusProxy from a private key and a cert array (possibly read in from a file).

Parameters:
key - the proxy private key
certs - both the user cert and the proxy cert - forms a cert chain The proxy cert should be in certs[0] and the user cert in certs[1]
trustedCertificates - the list of trusted certificates (used for client authentication) if null, anything server will be trusted
Method Detail

getTrustedCertificates

public java.security.cert.X509Certificate[] getTrustedCertificates()
Returns:
X509Certificate the trusted ca cert

getUserCert

public java.security.cert.X509Certificate getUserCert()
Returns the first certificate in the chain that is not a regular or limited proxy.

Returns:
X509Certificate the user cert

getPrivateKey

public java.security.PrivateKey getPrivateKey()
Returns:
PrivateKey the proxy private key

getCertificateChain

public java.security.cert.X509Certificate[] getCertificateChain()
Returns:
X509Certificate [] certificate chain (usually consists of user cert and proxy cert)

getProxyCert

public java.security.cert.X509Certificate getProxyCert()
Returns the top-most certificate of the chain. Usually, it is the proxy certificate.

Returns:
X509Certificate proxy certificate, or whatever certificate was placed in position 0 of the certificate chain. Returns null if no certificates are found in the chain.

getCertNum

public int getCertNum()
Returns:
number of certificates without counting self-signed certificates

getStrength

public int getStrength()
Returns strength of the private/public key in bits.

Returns:
stength of the key in bits. Returns -1 if unable to determine it.

getSubject

public java.lang.String getSubject()
Returns the subject DN of the proxy certificate.

Returns:
subject DN. Returns -1 if unable to obtains the proxy certificate.

getIssuer

public java.lang.String getIssuer()
Returns the issuer DN of the proxy certificate.

Returns:
issuer DN. Returns -1 if unable to obtains the proxy certificate.

isFullProxy

public boolean isFullProxy()
Checks if the proxy is a full proxy.

Returns:
true if the proxy is a full proxy, otherwise, false.

isLimitedProxy

public boolean isLimitedProxy()
Checks if the proxy is a limited proxy.

Returns:
true if the proxy is a limited proxy, otherwise, false.

getTimeLeft

public long getTimeLeft()
Returns time left of the proxy certificate.

Returns:
time left in seconds. Returns -1 if unable to obtain the proxy certificate, or 0 if the proxy certificate already expired.

save

public void save(java.lang.String filename)
          throws java.io.IOException
Saves the proxy into a specified file. The self-signed certificates in the certificate chain will not be saved.

Parameters:
filename - the name of the file to write the proxy file to.
Throws:
java.io.IOException - if any error occured during saving.

save

public void save(java.io.OutputStream out)
          throws java.io.IOException
Saves the proxy into a specified output stream. The self-signed certificates in the certificate chain will not be saved. The output stream should always be closed after calling this function.

Parameters:
out - the outputstream to write the proxy to.
Throws:
java.io.IOException - if any error occured during saving.

load

public static GlobusProxy load(java.lang.String proxyFile)
                        throws GlobusProxyException
Loads a Globus proxy from specified file with default set of trusted CA certificates.

Parameters:
proxyFile - the proxy file
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading or reading specified files
GlobusProxyException

load

public static GlobusProxy load(java.lang.String proxyFile,
                               java.lang.String caCertLocations)
                        throws GlobusProxyException
Loads a Globus proxy from specified file with specified locations of trusted CA certificates.

Parameters:
proxyFile - the proxy file
caCertLocations - a comma separated list of locations of trusted CA certificates to be associated with the proxy.
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading or reading specified files
GlobusProxyException

load

public static GlobusProxy load(byte[] proxyByteArray,
                               java.lang.String caCertLocations)
                        throws GlobusProxyException
Loads a Globus proxy from a byte array with specified locations of trusted CA certificates. The byte array must contain PEM encoded proxy.

Parameters:
proxyByteArray - the byte array containing proxy data.
caCertLocations - a comma separated list of locations of trusted CA certificates to be associated with the proxy.
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading or reading specified files.
GlobusProxyException

load

public static GlobusProxy load(java.io.InputStream proxyFileStream,
                               java.lang.String caCertLocations)
                        throws GlobusProxyException
Loads a Globus proxy from a input stream with specified locations of trusted CA certificates.

Parameters:
proxyFileStream - the stream with proxy data.
caCertLocations - a comma separated list of locations of trusted CA certificates to be associated with the proxy.
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading the proxy. The input stream will be closed.
GlobusProxyException

load

public static GlobusProxy load(java.io.InputStream proxyFileStream,
                               TrustedCertificates trustedCerts)
                        throws GlobusProxyException
Loads a Globus proxy from a input stream with specified set of trusted CA certificates.

Parameters:
proxyFileStream - the stream with proxy data.
trustedCerts - the trusted certificates to associate with the proxy.
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading the proxy. The input stream will be closed.
GlobusProxyException

load

public static GlobusProxy load(java.lang.String certFile,
                               java.lang.String unencryptedKeyFile,
                               java.lang.String caCertLocations)
                        throws GlobusProxyException
Creates a GlobusProxy object from specified user certificate and unencrypted private key. This function does not actaully create a new proxy credentials.

Parameters:
certFile - the file containing the certificate
unencryptedKeyFile - the file containing the unencrypted private key.
caCertLocations - a comma separated list of locations of trusted CA certificates to be associated with the proxy.
Returns:
GlobusProxy a GlobusProxy object
Throws:
GlobusProxyException - if problem loading or reading specified files
GlobusProxyException

setDefaultUserProxy

public static void setDefaultUserProxy(GlobusProxy proxy)
Sets the default user proxy to use. If set to null, the proxy will be reloaded next time the getDefaultUserProxy() method is invoked.

Parameters:
proxy - the new default user proxy. Can be null to force the reload of the proxy.

getDefaultUserProxy

public static GlobusProxy getDefaultUserProxy()
                                       throws GlobusProxyException
Obtains the default user proxy. In general, a proxy is loaded once and cached. All subsequent calls return the cached proxy. The proxy can be forced to reload by calling setDefaultUserProxy() and passing null as the new proxy.

Returns:
GlobusProxy object.
Throws:
GlobusProxyException - if unable to load the proxy certificate.
GlobusProxyException

getDefaultUserProxy

public static GlobusProxy getDefaultUserProxy(boolean reload)
                                       throws GlobusProxyException
Obtains the default user proxy. In general, a proxy is loaded once and cached. All subsequent calls return the cached proxy. The proxy can be forced to reload by calling setDefaultUserProxy() and passing null as the new proxy or by explicitely calling this function and forcing it to read the proxy.

Parameters:
reload - if true forces the proxy to be (re)loaded right now.
Returns:
GlobusProxy object.
Throws:
GlobusProxyException - if unable to load the proxy certificate.
GlobusProxyException

defaultUserProxyExists

public static boolean defaultUserProxyExists()
Checks if the default user proxy file exists.

Returns:
true if the proxy file exists, otherwise false.

release

public void release()
Releases the client and server SSL contexts associated with that proxy. Cleans up the resources.

toString

public java.lang.String toString()
Overrides:
toString in class java.lang.Object
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD