org.globus.gsi.gssapi.auth
Class HostAuthorization
java.lang.Object
org.globus.gsi.gssapi.auth.Authorization
org.globus.gsi.gssapi.auth.GSSAuthorization
org.globus.gsi.gssapi.auth.HostAuthorization
- public class HostAuthorization
- extends GSSAuthorization
Implements a simple host authorization mechanism.
The peer's host name (in FQDN form) is compared with the
host name specified in the peer's certificate chain.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ldapAuthorization
public static final HostAuthorization ldapAuthorization
HostAuthorization
public HostAuthorization(String service)
getInstance
public static HostAuthorization getInstance()
- Returns an instance of host authentication.
- Returns:
- an instance of this class initialized with
host as a service.
getExpectedName
public GSSName getExpectedName(GSSCredential cred,
String host)
throws GSSException
- Description copied from class:
GSSAuthorization
- Returns expected
GSSName used for authorization purposes.
Can returns null for self authorization.
- Specified by:
getExpectedName in class GSSAuthorization
- Parameters:
cred - credentials usedhost - host address of the peer.
- Throws:
GSSException - if unable to create the name.
authorize
public void authorize(GSSContext context,
String host)
throws AuthorizationException
- Performs host authentication. The hostname of the peer is
compared with the hostname specified in the peer's (topmost)
certificate in the certificate chain. The hostnames must
match exactly (in case-insensitive way)
- Specified by:
authorize in class Authorization
- Parameters:
context - the security contexthost - host address of the peer.
- Throws:
AuthorizationException - if the hostnames
do not match.