import com.sun.jini.config.KeyStores; import com.sun.jini.discovery.ClientPermissionChecker; import com.sun.jini.discovery.DiscoveryProtocolVersion; import com.sun.jini.discovery.MulticastMaxPacketSize; import com.sun.jini.discovery.MulticastTimeToLive; import com.sun.jini.discovery.UnicastSocketTimeout; import java.util.Collections; import java.security.Permission; import java.rmi.activation.ActivationID; import javax.security.auth.login.LoginContext; import net.jini.activation.ActivationExporter; import net.jini.constraint.BasicMethodConstraints; import net.jini.constraint.BasicMethodConstraints.MethodDesc; import net.jini.core.constraint.ClientAuthentication; import net.jini.core.constraint.ClientMinPrincipal; import net.jini.core.constraint.Integrity; import net.jini.core.constraint.InvocationConstraint; import net.jini.core.constraint.InvocationConstraints; import net.jini.core.constraint.ServerAuthentication; import net.jini.core.constraint.ServerMinPrincipal; import net.jini.core.discovery.LookupLocator; import net.jini.discovery.ConstrainableLookupLocator; import net.jini.jeri.BasicILFactory; import net.jini.jeri.BasicJeriExporter; import net.jini.jeri.ProxyTrustILFactory; import net.jini.jeri.ssl.HttpsServerEndpoint; import net.jini.security.AccessPermission; import net.jini.security.AuthenticationPermission; import net.jini.security.BasicProxyPreparer; multicast { private ttl = 1; } principal { /* * JAAS principals */ private static keystore = KeyStores.getKeyStore( "file:${com.sun.jini.qa.home}/harness/trust/truststore", null); private static phoenix = KeyStores.getX500Principal("phoenix", keystore); private static reggie = KeyStores.getX500Principal("reggie", keystore); private static tester = KeyStores.getX500Principal("tester", keystore); } // principal com.sun.jini.reggie { /* * Test or test harness specific entries */ locatorConstraints = discoveryConstraints; /* * JAAS login context */ loginContext = new LoginContext("com.sun.jini.Reggie"); discoveryConstraints = new BasicMethodConstraints( new MethodDesc[]{ new MethodDesc("multicastRequest", new InvocationConstraints( new InvocationConstraint[]{ ClientAuthentication.YES, Integrity.YES, DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )), new MethodDesc("multicastAnnouncement", new InvocationConstraints( new InvocationConstraint[]{ ServerAuthentication.YES, Integrity.YES, new ServerMinPrincipal(principal.reggie), DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )), new MethodDesc("unicastDiscovery", new InvocationConstraints( new InvocationConstraint[]{ ClientAuthentication.YES, ServerAuthentication.YES, Integrity.YES, new ServerMinPrincipal(principal.reggie), DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )) } ); // use AccessPermission instead of RegistrarPermission to avoid // bundling RegistrarPermission into qa1.jar multicastRequestSubjectChecker = new ClientPermissionChecker( new AccessPermission("multicastRequest")); unicastDiscoverySubjectChecker = new ClientPermissionChecker( new AccessPermission("unicastDiscovery")); private testerConstraints = new BasicMethodConstraints( new InvocationConstraints( new InvocationConstraint[] { Integrity.YES, ServerAuthentication.YES, new ServerMinPrincipal(principal.tester) }, null )); private testerPermissions = new Permission[] { new AuthenticationPermission( Collections.singleton(principal.reggie), Collections.singleton(principal.tester), "connect") }; listenerPreparer = new BasicProxyPreparer( true, testerConstraints, testerPermissions); /* * Values for talking to the lookup service */ private static reggieConstraints = new BasicMethodConstraints( new InvocationConstraints( new InvocationConstraint[] { Integrity.YES, ServerAuthentication.YES, new ServerMinPrincipal(principal.reggie) }, null )); private static reggiePermissions = new Permission[] { new AuthenticationPermission( Collections.singleton(principal.reggie), Collections.singleton(principal.reggie), "connect") }; private reggiePreparer = new BasicProxyPreparer( true, reggieConstraints, reggiePermissions); locatorPreparer = reggiePreparer; /* * Values for talking to the activation system */ private static activationSystemConstraints = new BasicMethodConstraints( new InvocationConstraints( new InvocationConstraint[] { Integrity.YES, ServerAuthentication.YES, new ServerMinPrincipal(principal.phoenix) }, null )); activationSystemPreparer = new BasicProxyPreparer( true, activationSystemConstraints, new Permission[] { new AuthenticationPermission( Collections.singleton(principal.reggie), Collections.singleton(principal.phoenix), "connect") } ); activationIdPreparer = new BasicProxyPreparer( true, activationSystemConstraints, null); } // com.sun.jini.reggie net.jini.lookup.JoinManager { registrarPreparer = com.sun.jini.reggie.reggiePreparer; registrationPreparer = com.sun.jini.reggie.reggiePreparer; serviceLeasePreparer = com.sun.jini.reggie.reggiePreparer; } net.jini.discovery.LookupDiscovery { registrarPreparer = com.sun.jini.reggie.reggiePreparer; multicastInterfaces = new java.net.NetworkInterface[]{}; discoveryConstraints = new BasicMethodConstraints( new MethodDesc[]{ new MethodDesc("multicastRequest", new InvocationConstraints( new InvocationConstraint[]{ ClientAuthentication.YES, Integrity.YES, new ClientMinPrincipal(principal.reggie), DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )), new MethodDesc("multicastAnnouncement", new InvocationConstraints( new InvocationConstraint[]{ ServerAuthentication.YES, Integrity.YES, new ServerMinPrincipal(principal.reggie), DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )), new MethodDesc("unicastDiscovery", new InvocationConstraints( new InvocationConstraint[]{ ServerAuthentication.YES, Integrity.YES, new ServerMinPrincipal(principal.reggie), DiscoveryProtocolVersion.TWO, new MulticastMaxPacketSize(1024), new MulticastTimeToLive(multicast.ttl), new UnicastSocketTimeout(120000) // 2*60*1000 }, null )) } ); } // net.jini.discovery.LookupDiscovery net.jini.discovery.LookupLocatorDiscovery { registrarPreparer = com.sun.jini.reggie.reggiePreparer; } exporter { name = "com.sun.jini.reggie.serverExporter"; persistentExporter = new BasicJeriExporter( HttpsServerEndpoint.getInstance(0), new ProxyTrustILFactory( new BasicMethodConstraints( new InvocationConstraints( Integrity.YES, null)), AccessPermission.class)); transientExporter = persistentExporter; activatableExporter = new ActivationExporter( (ActivationID) $data, persistentExporter); }