Package org.globus.gsi.gssapi.auth
Class HostAuthorization
java.lang.Object
org.globus.gsi.gssapi.auth.Authorization
org.globus.gsi.gssapi.auth.GSSAuthorization
org.globus.gsi.gssapi.auth.HostAuthorization
Implements a simple host authorization mechanism.
The peer's host name (in FQDN form) is compared with the
host name specified in the peer's certificate chain.
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate String
private static HostAuthorization
static final HostAuthorization
private static org.apache.commons.logging.Log
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
authorize
(GSSContext context, String host) Performs host authentication.boolean
getExpectedName
(GSSCredential cred, String host) Returns expectedGSSName
used for authorization purposes.static HostAuthorization
Returns an instance of host authentication.int
hashCode()
Methods inherited from class org.globus.gsi.gssapi.auth.Authorization
generateAuthorizationException
-
Field Details
-
logger
private static org.apache.commons.logging.Log logger -
ldapAuthorization
-
_service
-
hostAuthorization
-
-
Constructor Details
-
HostAuthorization
-
-
Method Details
-
getInstance
Returns an instance of host authentication.- Returns:
- an instance of this class initialized with host as a service.
-
getExpectedName
Description copied from class:GSSAuthorization
Returns expectedGSSName
used for authorization purposes. Can returns null for self authorization.- Specified by:
getExpectedName
in classGSSAuthorization
- Parameters:
cred
- credentials usedhost
- host address of the peer.- Throws:
GSSException
- if unable to create the name.
-
authorize
Performs host authentication. The hostname of the peer is compared with the hostname specified in the peer's (topmost) certificate in the certificate chain. The hostnames must match exactly (in case-insensitive way)- Specified by:
authorize
in classAuthorization
- Parameters:
context
- the security contexthost
- host address of the peer.- Throws:
AuthorizationException
- if the hostnames do not match.
-
equals
-
hashCode
public int hashCode()
-