|
CoherenceTM v3.3 Copyright© 2000-2007 by Oracle Corporation |
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.tangosol.util.Base
com.tangosol.net.security.DefaultController
public final class DefaultController
The default implementation of the AccessController interface.
Note: The DefaultController requires only a read access to the keystore file, and does not check the integrity of the keystore. The modifications to the keystore at a file system level as well as by the keystore tool (which requires a keystore password) must be controlled by external means (OS user management, ACL, etc.)
Field Summary | |
---|---|
static String |
KEYSTORE_TYPE
KeyStore type used by this implementation. |
static String |
PROPERTY_CONFIG
The name of the system property that can be used to override the location of the DefaultController configuration file. |
static String |
SIGNATURE_ALGORITHM
Digital signature algorithm used by this implementation. |
static Signature |
SIGNATURE_ENGINE
The Signature object used by this implementation. |
Constructor Summary | |
---|---|
DefaultController(File fileKeyStore,
File filePermits)
Construct DefaultController for the specified key store file and permissions description (XML) file. |
Method Summary | |
---|---|
void |
checkPermission(ClusterPermission permission,
Subject subject)
Determine whether the cluster access request indicated by the specified permission should be allowed or denied for a given Subject (requestor). |
protected Object |
decrypt(SignedObject so,
PublicKey keyPublic)
Decrypt the specified SignedObject using the specified public key. |
Object |
decrypt(SignedObject so,
Subject subjEncryptor,
Subject subjDecryptor)
Decrypt the specified SignedObject using the public credentials for a given encryptor Subject in a context represented by the decryptor Subject which is usually assosiated with the current thread. |
SignedObject |
encrypt(Object o,
Subject subjEncryptor)
Encrypt the specified object using the private credentials for the given Subject (encryptor), which is usually assosiated with the current thread. |
protected SignedObject |
encrypt(Serializable o,
PrivateKey keyPrivate)
Encrypt the specified object using the specified private key. |
protected boolean |
equalsMostly(Subject subject1,
Subject subject2)
Check whether the specified Subject objects have the same set of principals and public credentials. |
protected Set |
extractCertificates(Set setPubCreds)
Extract a set of Certificate objects from the set of public credentials. |
protected Set |
extractPublicKeys(Set setPubCreds)
Extract a set of PublicKeys from the set of public credentials. |
protected Set |
findPublicKeys(Subject subject)
Find a set of public keys for the specified Subject. |
protected Permissions |
getClusterPermissions(Principal principal)
Obtain the permissions for the specified principal. |
XmlElement |
getPermissionsConfig()
Obtain the permission configuration descriptor. |
static void |
main(String[] asArg)
Standalone permission check utility. |
Field Detail |
---|
public static final String PROPERTY_CONFIG
public static final String KEYSTORE_TYPE
public static final String SIGNATURE_ALGORITHM
public static final Signature SIGNATURE_ENGINE
Constructor Detail |
---|
public DefaultController(File fileKeyStore, File filePermits) throws IOException, AccessControlException
IOException
AccessControlException
Method Detail |
---|
public void checkPermission(ClusterPermission permission, Subject subject)
This method quietly returns if the access request is permitted, or throws a suitable AccessControlException if the specified authentication is invalid or insufficient.
checkPermission
in interface AccessController
permission
- the permission object that represents access
to a clustered resourcesubject
- the Subject object representing the requestor
AccessControlException
- if the specified permission
is not permitted, based on the current security policypublic SignedObject encrypt(Object o, Subject subjEncryptor) throws IOException, GeneralSecurityException
encrypt
in interface AccessController
o
- the Object to encryptsubjEncryptor
- the Subject object whose credentials are being
used to do the encryption
IOException
- if an error occurs during serialization
GeneralSecurityException
- if the signing failspublic Object decrypt(SignedObject so, Subject subjEncryptor, Subject subjDecryptor) throws ClassNotFoundException, IOException, GeneralSecurityException
decrypt
in interface AccessController
so
- the SignedObject to decryptsubjEncryptor
- the Subject object whose credentials were used
to do the encryptionsubjDecryptor
- the Subject object whose credentials might be
used to do the decryption (optional)
ClassNotFoundException
- if a necessary class cannot be found
during deserialization
IOException
- if an error occurs during deserialization
GeneralSecurityException
- if the verification failspublic XmlElement getPermissionsConfig()
protected Permissions getClusterPermissions(Principal principal)
principal
- the Principal object
protected SignedObject encrypt(Serializable o, PrivateKey keyPrivate) throws IOException, GeneralSecurityException
o
- the Serializable object to encryptkeyPrivate
- the PrivateKey object to use for encryption
IOException
GeneralSecurityException
protected Object decrypt(SignedObject so, PublicKey keyPublic) throws ClassNotFoundException, IOException, GeneralSecurityException
so
- the SignedObject to decryptkeyPublic
- the PublicKey object to use for decryption
ClassNotFoundException
IOException
GeneralSecurityException
protected boolean equalsMostly(Subject subject1, Subject subject2)
protected Set extractPublicKeys(Set setPubCreds)
setPubCreds
- set of public credentials
protected Set extractCertificates(Set setPubCreds)
setPubCreds
- set of public credentials
protected Set findPublicKeys(Subject subject) throws GeneralSecurityException
Note: We need to prevent a security hole when a caller would construct and send the responder a Subject object with a Principal object that have a high security clearance, but provide a valid cerificate representing a low security clearance Principal. To deal with this after we find the caller's cerificate in the key store, the principal match must be verified.
subject
- the Subject object
GeneralSecurityException
- if a keystore exception occurspublic static void main(String[] asArg) throws Exception
java com.tangosol.net.security DefaultController [-<option>]* <target> <action> where options include: -keystore:<keystore path> the path to the keystore -module:<name> the login module name -permits:<permits path> the path to permissions file -requestor:<name!password> the requestor's name/password pair -responder:<name!password> the responder's name/password pair
Exception
|
CoherenceTM v3.3 Copyright© 2000-2007 by Oracle Corporation |
|||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |