• Home
• Globus Online
• Globus Toolkit
• dev.globus
• About Globus

Home -> Cog -> Release -> Cog-1.0a -> Doc -> Api -> Org -> Globus -> Security -> Auth

org.globus.security.auth
Class HostAuthorization

java.lang.Object
  |
  +--org.globus.security.auth.HostAuthorization

All Implemented Interfaces:

Authorization

public class HostAuthorization

extends java.lang.Object

implements Authorization

Implements a simple host authorization mechanism. The peer's host name (in FQDN form) is compared with the host name specified in the peer's certificate chain.

Field Summary

static HostAuthorization

ldapAuthorization

Constructor Summary

HostAuthorization(java.lang.String service)

Method Summary

void	authorize(java.security.cert.X509Certificate[] chain, java.net.Socket socket) Performs host authentication.
static java.lang.String	getBase(java.lang.String certDN) Converts certificate dn into globus dn (with "/") and returns the base dn without CN=proxy or CN=limited proxy
static HostAuthorization	getInstance() Returns an instance of host authentication.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

ldapAuthorization

public static final HostAuthorization ldapAuthorization

Constructor Detail

HostAuthorization

public HostAuthorization(java.lang.String service)

Method Detail

getInstance

public static HostAuthorization getInstance()

Returns an instance of host authentication.

Returns:

an instance of this class initialized with host as a service.

authorize

public void authorize(java.security.cert.X509Certificate[] chain,
                      java.net.Socket socket)
               throws AuthorizationException

Performs host authentication. The hostname of the peer is compared with the hostname specified in the peer's (topmost) certificate in the certificate chain. The hostnames must match exactly (in case-insensitive way)

Specified by:

authorize in interface Authorization

Parameters:

chain - the peer certificate chain.

socket - the socket connected to the peer.

Throws:

AuthorizationException - if the hostnames do not match.

AuthorizationException

getBase

public static java.lang.String getBase(java.lang.String certDN)

Converts certificate dn into globus dn (with "/") and returns the base dn without CN=proxy or CN=limited proxy