/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* Configuration source file for starting activatable SSL server */ import java.security.Permission; import java.util.Collections; import javax.security.auth.login.LoginContext; import com.sun.jini.config.KeyStores; import com.sun.jini.config.ConfigUtil; import net.jini.constraint.BasicMethodConstraints; import net.jini.core.constraint.*; import net.jini.security.*; import net.jini.security.AuthenticationPermission; import net.jini.url.httpmd.HttpmdUtil; com.sun.jini.example.hello.Server { /* JAAS login */ loginContext = new LoginContext("com.sun.jini.example.hello.Server"); private static users = KeyStores.getKeyStore("file:prebuiltkeys/truststore", null); private static phoenixUser = Collections.singleton( KeyStores.getX500Principal("phoenix", users)); private static serverUser = Collections.singleton( KeyStores.getX500Principal("server", users)); /* Configuration options for the server */ private config = "config${/}activatable-ssl-server.config"; configOptions = new String[] { config }; /* Command line options for the activation group */ javaOptions = new String[] { "-classpath", "lib${/}server-act.jar${path.separator}lib${/}mdprefld.jar" }; private hostName = ConfigUtil.getHostName(); private serverURL = ConfigUtil.concat( new String[] { "httpmd://", hostName, ":8080/server-dl.jar;sha=0"}); private serverCodebase = HttpmdUtil.computeDigestCodebase("lib", serverURL); private jskURL = ConfigUtil.concat( new String[] { "httpmd://", hostName, ":8080/jsk-dl.jar;sha=0"}); private jskCodebase = HttpmdUtil.computeDigestCodebase("..${/}..${/}lib-dl", jskURL); /* System properties for the activation group */ javaProperties = new String[] { "java.security.manager", "", "java.security.policy", "config${/}activatable-ssl-server.policy", "java.security.properties", "config${/}dynamic-policy.security-properties", "java.security.auth.login.config", "config${/}ssl-phoenix.login", "javax.net.ssl.trustStore", "prebuiltkeys${/}truststore", "java.protocol.handler.pkgs", "net.jini.url", "java.rmi.server.codebase", ConfigUtil.concat( new String[] { serverCodebase," ",jskCodebase } ) }; /* Constraints for talking to Phoenix */ private static activationProxyConstraints = new BasicMethodConstraints( new InvocationConstraints( new InvocationConstraint[] { Integrity.YES, ClientAuthentication.YES, ServerAuthentication.YES, new ServerMinPrincipal(phoenixUser) }, null)); /* Proxy preparer for the activation system */ activationSystemPreparer = new BasicProxyPreparer( true, activationProxyConstraints, new Permission[] { /* Authenticate as server when connection to phoenix */ new AuthenticationPermission( serverUser, phoenixUser, "connect") }); /* Proxy preparer for the activation ID */ activationIdPreparer = new BasicProxyPreparer( false, /* No need to verify the proxy */ activationProxyConstraints, null); }//end com.sun.jini.example.hello.Server