org.edg.security.info
Class SecurityContext

java.lang.Object
  |
  +--java.util.Dictionary
        |
        +--java.util.Hashtable
              |
              +--java.util.Properties
                    |
                    +--org.edg.security.info.SecurityContext
All Implemented Interfaces:
java.lang.Cloneable, java.util.Map, SecurityInfo, java.io.Serializable

public class SecurityContext
extends java.util.Properties
implements SecurityInfo

A context class in which security-related information from the authentication and authorization process is collected.
SecurityContexts can be stored on a per-thread basis using the static method setCurrentContext(), and retrieved with getCurrentContext().
This class is for internal use. External users should make use of the SecurityInfo rendering of this class.

Author:
mulmo
See Also:
SecurityInfo, SecurityInfoContainer, Serialized Form

Field Summary
static java.lang.String AUTHZ_APPROVED_ATTRIBUTES
          The label fo the set of authorized attributes
static java.lang.String AUTHZ_MANAGER
          The label for the AuthorizationManager
static java.lang.String AUTHZ_POLICY
          The label for the authorization policy
static java.lang.String AUTHZ_REQUESTED_ATTRIBUTES
          The label for the set of requested attributes
static java.lang.String CERT_CHAIN
          The label for the client's certificate chain
static java.lang.String CLIENT_CERT
          The label for the client identity certificate
static java.lang.String CLIENT_NAME
          The label for the client name
static java.lang.String ISSUER_NAME
          The label for the issuer name
static java.lang.String PEER_CAS
          The label for peer CA Principal list
static java.lang.String TRUSTMANAGER
          The label for TrustManager
static java.lang.String UNVERIFIED_CERT_CHAIN
          The label for UnverifiedCertChain
static java.lang.String VOMS_EXT
          The label for the VOMS extension
 
Fields inherited from class java.util.Properties
defaults
 
Constructor Summary
SecurityContext()
           
 
Method Summary
static void clearCurrentContext()
          Clears any set SecurityContext associated with the current thread.
 AuthorizationManager getAuthorizationManager()
           
 java.lang.String getAuthorizationPolicy()
           
 java.util.List getAuthorizedAttributes()
           
 java.security.cert.X509Certificate getClientCert()
           
 java.security.cert.X509Certificate[] getClientCertChain()
           
 java.lang.String getClientName()
          Returns the name of the authenticated client.
static SecurityContext getCurrentContext()
           
 java.lang.String getIssuerName()
          Returns the Issuer Distuingished Name of the client certificate.
 java.security.Principal[] getPeerCas()
           
 java.util.List getRequestedAttributes()
           
 CRLFileTrustManager getTrustManager()
           
 java.security.cert.X509Certificate[] getUnverifiedCertChain()
           
 VOMSExtension getVOMSExtension()
           
 void setAuthorizationManager(AuthorizationManager authzManager)
           
 void setAuthorizationPolicy(java.lang.String policy)
           
 void setAuthorizedAttributes(java.util.List authzdAttrs)
           
 void setClientCert(java.security.cert.X509Certificate clientCert)
          This method also automatically sets the client name, the issuer name, and validity period.
 void setClientCertChain(java.security.cert.X509Certificate[] certChain)
          This method also automatically sets the client name, the issuer name, validity period, and the VOMSInfo if such an extension is present.
 void setClientName(java.lang.String clientName)
           
static void setCurrentContext(SecurityContext sc)
           
 void setIssuerName(java.lang.String issuerName)
           
 void setPeerCas(java.security.Principal[] principals)
           
 void setRequestedAttributes(java.util.List requestedAttrs)
           
 void setTrustManager(CRLFileTrustManager trustManager)
           
 void setUnverifiedCertChain(java.security.cert.X509Certificate[] certChain)
           
 void setVOMSExtension(VOMSExtension v)
           
 java.lang.String toString()
           
 
Methods inherited from class java.util.Properties
getProperty, getProperty, list, list, load, propertyNames, save, setProperty, store
 
Methods inherited from class java.util.Hashtable
clear, clone, contains, containsKey, containsValue, elements, entrySet, equals, get, hashCode, isEmpty, keys, keySet, put, putAll, rehash, remove, size, values
 
Methods inherited from class java.lang.Object
finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

AUTHZ_MANAGER

public static final java.lang.String AUTHZ_MANAGER
The label for the AuthorizationManager

See Also:
getAuthorizationManager(), setAuthorizationManager(AuthorizationManager), Constant Field Values

AUTHZ_REQUESTED_ATTRIBUTES

public static final java.lang.String AUTHZ_REQUESTED_ATTRIBUTES
The label for the set of requested attributes

See Also:
getRequestedAttributes(), setRequestedAttributes(List), Constant Field Values

AUTHZ_APPROVED_ATTRIBUTES

public static final java.lang.String AUTHZ_APPROVED_ATTRIBUTES
The label fo the set of authorized attributes

See Also:
getAuthorizedAttributes(), setAuthorizedAttributes(List), Constant Field Values

AUTHZ_POLICY

public static final java.lang.String AUTHZ_POLICY
The label for the authorization policy

See Also:
getAuthorizationPolicy(), setAuthorizationPolicy(String), Constant Field Values

CERT_CHAIN

public static final java.lang.String CERT_CHAIN
The label for the client's certificate chain

See Also:
getClientCertChain(), setClientCertChain(X509Certificate[]), Constant Field Values

CLIENT_CERT

public static final java.lang.String CLIENT_CERT
The label for the client identity certificate

See Also:
getClientCert(), setClientCert(X509Certificate), Constant Field Values

CLIENT_NAME

public static final java.lang.String CLIENT_NAME
The label for the client name

See Also:
getClientName(), setClientName(String), Constant Field Values

ISSUER_NAME

public static final java.lang.String ISSUER_NAME
The label for the issuer name

See Also:
getIssuerName(), setIssuerName(String), Constant Field Values

VOMS_EXT

public static final java.lang.String VOMS_EXT
The label for the VOMS extension

See Also:
getVOMSExtension(), setVOMSExtension(VOMSExtension), Constant Field Values

TRUSTMANAGER

public static final java.lang.String TRUSTMANAGER
The label for TrustManager

See Also:
getTrustManager(), setTrustManager(org.edg.security.trustmanager.CRLFileTrustManager), Constant Field Values

UNVERIFIED_CERT_CHAIN

public static final java.lang.String UNVERIFIED_CERT_CHAIN
The label for UnverifiedCertChain

See Also:
getUnverifiedCertChain(), setUnverifiedCertChain(java.security.cert.X509Certificate[]), Constant Field Values

PEER_CAS

public static final java.lang.String PEER_CAS
The label for peer CA Principal list

See Also:
getPeerCas(), setPeerCas(java.security.Principal[]), Constant Field Values
Constructor Detail

SecurityContext

public SecurityContext()
See Also:
Properties.Properties()
Method Detail

getCurrentContext

public static SecurityContext getCurrentContext()
Returns:
SecurityContext the SecurityContext associated with the current thread.
See Also:
setCurrentContext(SecurityContext)

setCurrentContext

public static void setCurrentContext(SecurityContext sc)
Parameters:
sc - the SecurityContext associated with the current thread.
See Also:
getCurrentContext()

clearCurrentContext

public static void clearCurrentContext()
Clears any set SecurityContext associated with the current thread. This is identical to SecurityContext.setCurrentContext(null).


setAuthorizedAttributes

public void setAuthorizedAttributes(java.util.List authzdAttrs)
Parameters:
authzdAttrs - List of String (the approved authorization attributes)
See Also:
AUTHZ_APPROVED_ATTRIBUTES, getAuthorizedAttributes()

getAuthorizedAttributes

public java.util.List getAuthorizedAttributes()
Specified by:
getAuthorizedAttributes in interface SecurityInfo
Returns:
List of String (the approved authorization attributes)
See Also:
AUTHZ_APPROVED_ATTRIBUTES, setAuthorizedAttributes(List)

setRequestedAttributes

public void setRequestedAttributes(java.util.List requestedAttrs)
Parameters:
requestedAttrs - List of String (the requested authorization attributes)
See Also:
AUTHZ_REQUESTED_ATTRIBUTES, getRequestedAttributes()

getRequestedAttributes

public java.util.List getRequestedAttributes()
Specified by:
getRequestedAttributes in interface SecurityInfo
Returns:
List of String (the requested authorization attributes)
See Also:
AUTHZ_REQUESTED_ATTRIBUTES, setRequestedAttributes(List)

setAuthorizationPolicy

public void setAuthorizationPolicy(java.lang.String policy)
Parameters:
policy - The policy used in the authorization step
See Also:
AUTHZ_POLICY, getAuthorizationPolicy()

getAuthorizationPolicy

public java.lang.String getAuthorizationPolicy()
Specified by:
getAuthorizationPolicy in interface SecurityInfo
Returns:
String The policy used in the authorization step
See Also:
AUTHZ_POLICY, setAuthorizationPolicy(String)

setClientCert

public void setClientCert(java.security.cert.X509Certificate clientCert)
This method also automatically sets the client name, the issuer name, and validity period.

Parameters:
clientCert - The identity certificate of the authenticated client
See Also:
CLIENT_CERT, getClientCert(), setClientName(String), |

getClientCert

public java.security.cert.X509Certificate getClientCert()
Specified by:
getClientCert in interface SecurityInfo
Returns:
X509Certificate The identity certificate of the authenticated client
See Also:
CLIENT_NAME, setClientCert(X509Certificate)

setClientName

public void setClientName(java.lang.String clientName)
See Also:
CLIENT_NAME, getClientName()

getClientName

public java.lang.String getClientName()
Description copied from interface: SecurityInfo
Returns the name of the authenticated client. Typically, this is the Subject Distuingished Name of the client certificate.

Specified by:
getClientName in interface SecurityInfo
Returns:
String The name of the authenticated client
See Also:
CLIENT_NAME, setClientName(String)

setIssuerName

public void setIssuerName(java.lang.String issuerName)
See Also:
ISSUER_NAME, getIssuerName()

getIssuerName

public java.lang.String getIssuerName()
Description copied from interface: SecurityInfo
Returns the Issuer Distuingished Name of the client certificate.

Specified by:
getIssuerName in interface SecurityInfo
Returns:
String The issuer name
See Also:
ISSUER_NAME, setIssuerName(String)

setClientCertChain

public void setClientCertChain(java.security.cert.X509Certificate[] certChain)
This method also automatically sets the client name, the issuer name, validity period, and the VOMSInfo if such an extension is present.

Parameters:
certChain - The client's certificate chain
See Also:
CERT_CHAIN, getClientCertChain(), setClientCert(X509Certificate), setVOMSExtension(VOMSExtension)

getClientCertChain

public java.security.cert.X509Certificate[] getClientCertChain()
Specified by:
getClientCertChain in interface SecurityInfo
Returns:
X509Certificate[] The client's certificate chain
See Also:
CERT_CHAIN, setClientCertChain(X509Certificate[])

setUnverifiedCertChain

public void setUnverifiedCertChain(java.security.cert.X509Certificate[] certChain)
Parameters:
certChain - The unverified certificate chain
See Also:
UNVERIFIED_CERT_CHAIN

getUnverifiedCertChain

public java.security.cert.X509Certificate[] getUnverifiedCertChain()
Returns:
X509Certificate[] The unverified certificate chain
See Also:
UNVERIFIED_CERT_CHAIN, setUnverifiedCertChain(X509Certificate[])

setPeerCas

public void setPeerCas(java.security.Principal[] principals)
Parameters:
principals - The list of accepted CAs from the peer
See Also:
PEER_CAS

getPeerCas

public java.security.Principal[] getPeerCas()
Returns:
Principal[] The list of accepted CAs from the peer
See Also:
PEER_CAS, setPeerCas(Principal[])

setAuthorizationManager

public void setAuthorizationManager(AuthorizationManager authzManager)
Parameters:
authzManager - The AuthorizationManager used
See Also:
AUTHZ_MANAGER, getAuthorizationManager()

getAuthorizationManager

public AuthorizationManager getAuthorizationManager()
Returns:
AuthorizationManager The AuthorizationManager used
See Also:
AUTHZ_MANAGER, setAuthorizationManager(AuthorizationManager)

setVOMSExtension

public void setVOMSExtension(VOMSExtension v)
See Also:
VOMS_EXT, setVOMSExtension(VOMSExtension), getVOMSExtension()

getVOMSExtension

public VOMSExtension getVOMSExtension()
Specified by:
getVOMSExtension in interface SecurityInfo
Returns:
VOMSExtension a VOMS extension associated with the client
See Also:
VOMS_EXT, setVOMSExtension(VOMSExtension), VOMSExtension

setTrustManager

public void setTrustManager(CRLFileTrustManager trustManager)
See Also:
AUTHZ_MANAGER, getAuthorizationManager()

getTrustManager

public CRLFileTrustManager getTrustManager()
Returns:
AuthorizationManager The AuthorizationManager used
See Also:
AUTHZ_MANAGER, setAuthorizationManager(AuthorizationManager)

toString

public java.lang.String toString()
Overrides:
toString in class java.util.Hashtable