net.jini.jeri.ssl

Class ConnectionContext

java.lang.Object

net.jini.jeri.ssl.Utilities

net.jini.jeri.ssl.ConnectionContext

final class ConnectionContext
extends Utilities

Records information about a connection used for a remote call and determines whether the connection could support specific constraints.

Does not support heterogeneous constraint alternatives. As a result, callers can be assured that the choice of possible principals or of Integrity.YES is independent of the suites, insuring that those items can be picked before negotiating the cipher suite.

Nested Class Summary

Nested classes/interfaces inherited from class net.jini.jeri.ssl.Utilities

Utilities.SSLContextInfo

Field Summary

Fields

Modifier and Type	Field and Description
(package private) String	cipherSuite The cipher suite
(package private) Principal	client The client principal, or null for an anonymous client
private static ClientMinPrincipalType	clientMinPrincipalType The ClientMinPrincipalType supported by the provider.
private boolean	clientSide Whether the connection is being considered on the client side, which does not support relative time constraints.
private long	connectionTime The absolute connection time, or Long.MAX_VALUE if not specified
private boolean	integrity Whether codebase integrity should be enforced
private static long	INTEGRITY Constraints supported with codebase integrity
private boolean	integrityPreferred Whether the preferences specify Integrity.YES
private boolean	integrityRequired Whether the requirements specify Integrity.YES
private static long	NOT_SUPPORTED Constraints not supported
private boolean	notSupported Set to true if the principals and cipher suite conflict
private static long	OK Constraints supported, without integrity or connection timeout
private int	preferences The number of preferences satisfied
(package private) Principal	server The server principal, or null for an anonymous server

Fields inherited from class net.jini.jeri.ssl.Utilities

ANY_KEY_ALGORITHM, clientLogger, DSA_KEY_ALGORITHM, getSubjectPermission, initLogger, INTEGRITY_PREFERRED, INTEGRITY_REQUIRED, RSA_KEY_ALGORITHM, serverLogger, UNKNOWN_PRINCIPAL

Constructor Summary

Constructors

Modifier	Constructor and Description
private	ConnectionContext(String cipherSuite, Principal client, Principal server, boolean integrity, boolean clientSide) Creates an instance of this class.

Method Summary

Modifier and Type	Method and Description
(package private) void	fieldsToString(StringBuffer sb)
(package private) long	getConnectionTime() Returns the absolute time when the connection should be completed, or Long.MAX_VALUE for no limit.
(package private) static ConnectionContext	getInstance(String cipherSuite, Principal client, Principal server, boolean integrity, boolean clientSide, InvocationConstraints constraints) Creates an instance that represents using the specified cipher suite, client and server principals, whether to guarantee codebase integrity, and constraints.
(package private) boolean	getIntegrityPreferred() Returns whether integrity is preferred.
(package private) boolean	getIntegrityRequired() Returns whether integrity is required.
(package private) int	getPreferences() Returns the number of preferences that can be satisfied.
private static long	ok(boolean ok) Returns OK if the argument is true, else NOT_SUPPORTED.
private long	supported(ConstraintAlternatives constraint) Checks if the constraint alternatives are supported, returning NOT_SUPPORTED if the elements have different types or none are supported, INTEGRITY if the elements are instances of Integrity, the largest connection time if the elements are instances of ConnectionAbsoluteTime, and otherwise OK.
private long	supported(InvocationConstraint constraint) Checks if the constraint is supported, returning NOT_SUPPORTED if it is not supported, INTEGRITY if the constraint is Integrity.YES or constraint alternatives with elements of type Integrity, the connection time if the constraint is an instance of ConnectionAbsoluteTime or constraint alternatives of them, and otherwise OK.
private boolean	supported(InvocationConstraints constraints) Checks if the specified constraints are supported, computing integrityRequired, integrityPreferred, connectionTime and preferences as a side effect.
String	toString()

Methods inherited from class net.jini.jeri.ssl.Utilities

checkValidity, contains, doesEncryption, doesServerAuthentication, equals, firstX509Cert, getCertFactory, getCipherAlgorithm, getClassName, getClientPrincipals, getClientPrincipals, getClientSSLContextInfo, getKeyAlgorithm, getKeyExchangeAlgorithm, getPermittedKeyAlgorithms, getServerPrincipals, getServerSSLContextInfo, getSupportedCipherSuites, hasStrongCipherAlgorithm, logThrow, maintainsIntegrity, permittedKeyAlgorithm, position, releaseClientSSLContextInfo, safeEquals, subjectString, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

OK

private static final long OK

Constraints supported, without integrity or connection timeout

See Also:

Constant Field Values

INTEGRITY

private static final long INTEGRITY

Constraints supported with codebase integrity

See Also:

Constant Field Values

NOT_SUPPORTED

private static final long NOT_SUPPORTED

Constraints not supported

See Also:

Constant Field Values

clientMinPrincipalType

private static final ClientMinPrincipalType clientMinPrincipalType

The ClientMinPrincipalType supported by the provider.

cipherSuite

final String cipherSuite

The cipher suite

client

final Principal client

The client principal, or null for an anonymous client

server

final Principal server

The server principal, or null for an anonymous server

integrity

private final boolean integrity

Whether codebase integrity should be enforced

clientSide

private final boolean clientSide

Whether the connection is being considered on the client side, which does not support relative time constraints.

notSupported

private boolean notSupported

Set to true if the principals and cipher suite conflict

integrityRequired

private boolean integrityRequired

Whether the requirements specify Integrity.YES

integrityPreferred

private boolean integrityPreferred

Whether the preferences specify Integrity.YES

connectionTime

private long connectionTime

The absolute connection time, or Long.MAX_VALUE if not specified

preferences

private int preferences

The number of preferences satisfied

Constructor Detail

ConnectionContext

private ConnectionContext(String cipherSuite,
                          Principal client,
                          Principal server,
                          boolean integrity,
                          boolean clientSide)

Creates an instance of this class.

Method Detail

getInstance

static ConnectionContext getInstance(String cipherSuite,
                                     Principal client,
                                     Principal server,
                                     boolean integrity,
                                     boolean clientSide,
                                     InvocationConstraints constraints)

Creates an instance that represents using the specified cipher suite, client and server principals, whether to guarantee codebase integrity, and constraints. Null values for the principals mean they are anonymous. Non-X.500 principals are permitted to allow specifying a dummy principal if the principal is unknown. Returns null if the constraints are not supported.

toString

public String toString()

Overrides:

toString in class Object

fieldsToString

void fieldsToString(StringBuffer sb)

getIntegrityRequired

boolean getIntegrityRequired()

Returns whether integrity is required.

getIntegrityPreferred

boolean getIntegrityPreferred()

Returns whether integrity is preferred.

getConnectionTime

long getConnectionTime()

Returns the absolute time when the connection should be completed, or Long.MAX_VALUE for no limit.

getPreferences

int getPreferences()

Returns the number of preferences that can be satisfied.

supported

private boolean supported(InvocationConstraints constraints)

Checks if the specified constraints are supported, computing integrityRequired, integrityPreferred, connectionTime and preferences as a side effect.

supported

private long supported(InvocationConstraint constraint)

Checks if the constraint is supported, returning NOT_SUPPORTED if it is not supported, INTEGRITY if the constraint is Integrity.YES or constraint alternatives with elements of type Integrity, the connection time if the constraint is an instance of ConnectionAbsoluteTime or constraint alternatives of them, and otherwise OK.

ok

private static long ok(boolean ok)

Returns OK if the argument is true, else NOT_SUPPORTED.

supported

private long supported(ConstraintAlternatives constraint)

Checks if the constraint alternatives are supported, returning NOT_SUPPORTED if the elements have different types or none are supported, INTEGRITY if the elements are instances of Integrity, the largest connection time if the elements are instances of ConnectionAbsoluteTime, and otherwise OK.