IdentityAuthorization (Java Globus API)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.globus.security.auth
Class IdentityAuthorization

java.lang.Object
  |
  +--org.globus.security.auth.IdentityAuthorization
All Implemented Interfaces:
Authorization
Direct Known Subclasses:
SelfAuthorization
public class IdentityAuthorization
extends java.lang.Object
implements Authorization

Implements a simple identity authorization mechanism. The given identify is compared with the peer's identity.

Field Summary
protected  java.lang.String _identity
           
 
Constructor Summary
protected IdentityAuthorization()
          Constructor used by superclasses.
  IdentityAuthorization(java.lang.String identity)
          Creates a new instance of this class with given expected identity.
 
Method Summary
 void authorize(java.security.cert.X509Certificate[] chain, java.net.Socket socket)
          Performs identity authorization.
static java.lang.String getBase(java.lang.String certDN)
          Converts certificate dn into globus dn (with "/") and returns the base dn without CN=proxy or CN=limited proxy
 java.lang.String getIdentity()
          Returns the expected identity.
protected  java.lang.String getName()
           
 void setIdentity(java.lang.String identity)
          Sets the expected identity for the authorization check.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

_identity

protected java.lang.String _identity
Constructor Detail

IdentityAuthorization

protected IdentityAuthorization()
Constructor used by superclasses.

IdentityAuthorization

public IdentityAuthorization(java.lang.String identity)
Creates a new instance of this class with given expected identity.

Parameters:
identity - the expected identity. Must not be null.
Method Detail

setIdentity

public void setIdentity(java.lang.String identity)
Sets the expected identity for the authorization check.

Parameters:
identity - the expected identity. Must not be null.

getIdentity

public java.lang.String getIdentity()
Returns the expected identity.

Returns:
the expected identity.

getName

protected java.lang.String getName()

authorize

public void authorize(java.security.cert.X509Certificate[] chain,
                      java.net.Socket socket)
               throws AuthorizationException
Performs identity authorization. The given identity is compared with the peer's identity determined from the first (topmost) certificate in the chain. The identities must match exactly (in case-insensitive manner)

Specified by:
authorize in interface Authorization
Parameters:
chain - the peer certificate chain.
socket - the socket connected to the peer.
Throws:
AuthorizationException - if the peer's identity does not match the expected identity.
AuthorizationException

getBase

public static java.lang.String getBase(java.lang.String certDN)
Converts certificate dn into globus dn (with "/") and returns the base dn without CN=proxy or CN=limited proxy

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD