GigaSpaces XAP 9.0 API

com.sun.jini.discovery.internal
Class X500Server

java.lang.Object
  extended by com.sun.jini.discovery.internal.BaseProvider
      extended by com.sun.jini.discovery.internal.X500Server
All Implemented Interfaces:
DelayedMulticastRequestDecoder, DiscoveryFormatProvider, MulticastAnnouncementEncoder, MulticastRequestDecoder

public class X500Server
extends BaseProvider
implements DelayedMulticastRequestDecoder, MulticastAnnouncementEncoder

Superclass for server-side providers for the net.jini.discovery.x500.* discovery formats.


Field Summary
protected  String keyAlgorithm
          The key algorithm name (for example, "DSA").
protected  String keyAlgorithmOID
          The key algorithm OID.
protected  int maxSignatureLength
          The maximum length of generated signatures, in bytes.
protected  String signatureAlgorithm
          The signature algorithm (for example, "SHA1withDSA").
 
Fields inherited from class com.sun.jini.discovery.internal.BaseProvider
formatName
 
Constructor Summary
protected X500Server(String formatName, String signatureAlgorithm, int maxSignatureLength, String keyAlgorithm, String keyAlgorithmOID)
          Creates an instance with the given attributes.
 
Method Summary
 MulticastRequest decodeMulticastRequest(ByteBuffer buf, InvocationConstraints constraints, ClientSubjectChecker checker)
          Decodes the multicast request data contained in the given buffer in a manner that satisfies the specified absolute constraints and client subject checker (if any), returning a MulticastRequest instance that contains the decoded data.
 MulticastRequest decodeMulticastRequest(ByteBuffer buf, InvocationConstraints constraints, ClientSubjectChecker checker, boolean delayConstraintCheck)
          Decodes the multicast request data contained in the given buffer in a manner that satisfies the specified absolute constraints and client subject checker (if any), returning a MulticastRequest instance that contains the decoded data, with constraint checking optionally delayed.
 void encodeMulticastAnnouncement(MulticastAnnouncement announcement, DatagramBufferFactory bufs, InvocationConstraints constraints)
          Encodes the given multicast announcement data into byte buffers obtained from the provided datagram buffer factory, in a manner that satisfies the specified absolute constraints.
protected  Certificate getCertificate(X500Principal principal)
          Returns certificate corresponding to the given principal, or null if no matching certificate can be found.
 
Methods inherited from class com.sun.jini.discovery.internal.BaseProvider
getFormatName
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface com.sun.jini.discovery.DiscoveryFormatProvider
getFormatName
 

Field Detail

signatureAlgorithm

protected final String signatureAlgorithm
The signature algorithm (for example, "SHA1withDSA").


maxSignatureLength

protected final int maxSignatureLength
The maximum length of generated signatures, in bytes.


keyAlgorithm

protected final String keyAlgorithm
The key algorithm name (for example, "DSA").


keyAlgorithmOID

protected final String keyAlgorithmOID
The key algorithm OID.

Constructor Detail

X500Server

protected X500Server(String formatName,
                     String signatureAlgorithm,
                     int maxSignatureLength,
                     String keyAlgorithm,
                     String keyAlgorithmOID)
Creates an instance with the given attributes.

Method Detail

decodeMulticastRequest

public MulticastRequest decodeMulticastRequest(ByteBuffer buf,
                                               InvocationConstraints constraints,
                                               ClientSubjectChecker checker,
                                               boolean delayConstraintCheck)
                                        throws IOException
Description copied from interface: DelayedMulticastRequestDecoder
Decodes the multicast request data contained in the given buffer in a manner that satisfies the specified absolute constraints and client subject checker (if any), returning a MulticastRequest instance that contains the decoded data, with constraint checking optionally delayed. null constraints are considered equivalent to empty constraints. Constraint checking may be delayed using the delayConstraintCheck flag.

If the delayConstraintCheck flag is true, the method behaves as follows:

If delayConstraintCheck is false, all the specified constraints are checked before this method returns.

Specified by:
decodeMulticastRequest in interface DelayedMulticastRequestDecoder
Parameters:
buf - a buffer containing the packet data to decode. The contents of buf may be used on subsequent invocations of the returned MulticastRequest instance's checkConstraints method. The caller must ensure that the contents of buf are not modified before invocation of the checkConstraints method. Additionally, the multicast request data must begin at position zero of buf.
constraints - the constraints to apply when decoding the data, or null
checker - the object to use to check the client subject, or null
delayConstraintCheck - flag to control delayed constraint checking
Returns:
the decoded multicast request data
Throws:
IOException - if an error occurs in interpreting the data
UnsupportedConstraintException - if unable to satisfy the specified constraints

encodeMulticastAnnouncement

public void encodeMulticastAnnouncement(MulticastAnnouncement announcement,
                                        DatagramBufferFactory bufs,
                                        InvocationConstraints constraints)
                                 throws IOException
Description copied from interface: MulticastAnnouncementEncoder
Encodes the given multicast announcement data into byte buffers obtained from the provided datagram buffer factory, in a manner that satisfies the specified absolute constraints. null constraints are considered equivalent to empty constraints. Multicast announcement data that is too large to fit in a single datagram buffer is split across multiple buffers, with the constraints applied to each; this method is responsible for determining if and when to split the data based on the available space in the obtained buffers.

Specified by:
encodeMulticastAnnouncement in interface MulticastAnnouncementEncoder
Parameters:
announcement - the announcement data to encode
bufs - the factory for producing buffers in which to write encoded data
constraints - the constraints to apply when encoding the data, or null
Throws:
IOException - if an error occurs in encoding the data to send
UnsupportedConstraintException - if unable to satisfy the specified constraints

decodeMulticastRequest

public MulticastRequest decodeMulticastRequest(ByteBuffer buf,
                                               InvocationConstraints constraints,
                                               ClientSubjectChecker checker)
                                        throws IOException
Description copied from interface: MulticastRequestDecoder
Decodes the multicast request data contained in the given buffer in a manner that satisfies the specified absolute constraints and client subject checker (if any), returning a MulticastRequest instance that contains the decoded data. null constraints are considered equivalent to empty constraints. All the specified constraints are checked before this method returns.

Specified by:
decodeMulticastRequest in interface MulticastRequestDecoder
Parameters:
buf - a buffer containing the packet data to decode. The multicast request data must begin at position zero of buf.
constraints - the constraints to apply when decoding the data, or null
checker - the object to use to check the client subject, or null
Returns:
the decoded multicast request data
Throws:
IOException - if an error occurs in interpreting the data
UnsupportedConstraintException - if unable to satisfy the specified constraints

getCertificate

protected Certificate getCertificate(X500Principal principal)
                              throws IOException,
                                     GeneralSecurityException
Returns certificate corresponding to the given principal, or null if no matching certificate can be found. Subclasses can override this method to customize the certificate search mechanism.

The default implementation of this method does the following: the first time this method is called on this instance, a keystore containing trust anchors for the certificate to return is loaded. The location of the file to load the keystore from can be specified (in order of precedence) by the com.sun.jini.discovery.x500.trustStore and javax.net.ssl.trustStore system properties; if no location is specified, then the cacerts file in the lib/security subdirectory of the JDK installation directory is used. If specified, the location is treated as a URL. If no protocol is specified in the URL or it is an unknown protocol, then, the location is treated as a file name. Depending on which system property is used to specify the keystore location, the com.sun.jini.discovery.x500.trustStoreType and com.sun.jini.discovery.x500.trustStorePassword or javax.net.ssl.trustStoreType and javax.net.ssl.trustStorePassword system properties can be used to specify the type of the keystore and the password to use when loading it. If no keystore type is specified, then the type returned by KeyStore.getDefaultType() is used; if no password is specified, then no password is used when loading the keystore. Additionally, if the com.sun.jini.discovery.x500.ldapCertStores system property is set, its value is interpreted as a comma-separated list of "host[:port]" elements which are used to obtain references to LDAP-based CertStore instances.

For each call, the default implementation of this method creates a PKIX CertPathBuilder and calls its build method, passing as the argument a PKIXBuilderParameters instance initialized with the aforementioned keystore, CertStores (if any), and a CertSelector based on the provided X.500 principal and the key algorithm OID for this instance. If the build operation succeeds, the resulting certificate is returned.

Throws:
IOException
GeneralSecurityException

GigaSpaces XAP 9.0 API

Copyright © GigaSpaces.