org.globus.gsi.gssapi

Class GSSConstants

java.lang.Object

org.globus.gsi.gssapi.GSSConstants

public abstract class GSSConstants
extends java.lang.Object

Defines common GSI-GSS constants.

Field Summary

Fields

Modifier and Type	Field and Description
static org.ietf.jgss.Oid	ACCEPT_NO_CLIENT_CERTS Context option.
static org.ietf.jgss.Oid	AUTHZ_REQUIRED_WITH_DELEGATION Context option.
static org.ietf.jgss.Oid	CHECK_CONTEXT_EXPIRATION Context option.
static org.ietf.jgss.Oid	DELEGATION_TYPE Context option.
static org.ietf.jgss.Oid	FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM Context option.
static org.ietf.jgss.Oid	GRIM_POLICY_HANDLER Deprecated. Please use GSSConstants.PROXY_POLICY_HANDLERS option instead.
static int	GSI_BIG Quality-of-Protection (QOP) value, indicates large block size support.
static org.ietf.jgss.Oid	GSS_MODE Context option.
static org.ietf.jgss.Oid	MECH_OID Globus GSI GSS mechanism Oid
static org.ietf.jgss.Oid	PROXY_POLICY_HANDLERS Context option.
static org.ietf.jgss.Oid	RECEIVED_LIMITED_PROXY Used in inquireByOid method.
static org.ietf.jgss.Oid	REJECT_LIMITED_PROXY Context option.
static org.ietf.jgss.Oid	REQUIRE_CLIENT_AUTH Context option.
static org.ietf.jgss.Oid	TRUSTED_CERTIFICATES Context option.
static org.ietf.jgss.Oid	X509_CERT_CHAIN Used in inquireByOid function.

Constructor Summary

Constructors

Constructor and Description
GSSConstants()

Method Summary

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

MECH_OID

public static final org.ietf.jgss.Oid MECH_OID

Globus GSI GSS mechanism Oid

GSS_MODE

public static final org.ietf.jgss.Oid GSS_MODE

Context option. It is used to configure the GSS mode. It can be set to GSIConstants.MODE_GSI or GSIConstants.MODE_SSL. By default GSI mode is enabled.

REJECT_LIMITED_PROXY

public static final org.ietf.jgss.Oid REJECT_LIMITED_PROXY

Context option. It is used to enable/disable the rejection of limited proxies during authentication. In can be set to either Boolean.TRUE or Boolean.FALSE. By default limited proxies are accepted.

DELEGATION_TYPE

public static final org.ietf.jgss.Oid DELEGATION_TYPE

Context option. It is used to configure delegation type to be performed either during authentication or using the delegation API. It can be set to GSIConstants.DELEGATION_TYPE_LIMITED or GSIConstants.DELEGATION_TYPE_FULL By default limited delegation is performed.

CHECK_CONTEXT_EXPIRATION

public static final org.ietf.jgss.Oid CHECK_CONTEXT_EXPIRATION

Context option. It is used to enable/disable context expiration checking for methods like wrap, unwrap, verifyMIC, getMIC. In can be set to either Boolean.TRUE or Boolean.FALSE. By default context expiration checking is disabled.

REQUIRE_CLIENT_AUTH

public static final org.ietf.jgss.Oid REQUIRE_CLIENT_AUTH

Context option. It is used to enable/disable client authentication on acceptor side. In can be set to either Boolean.TRUE or Boolean.FALSE. By default client authentication is enabled.

ACCEPT_NO_CLIENT_CERTS

public static final org.ietf.jgss.Oid ACCEPT_NO_CLIENT_CERTS

Context option. It is only used when client authentication is enabled. In can be set to either Boolean.TRUE or Boolean.FALSE. If set to Boolean.TRUE a context will be successfully established even though client send no certificates and client authentication was required. If set to Boolean.FALSE, the context establishment will fail if client does not send its certificates and client authentication was requested.

GRIM_POLICY_HANDLER

public static final org.ietf.jgss.Oid GRIM_POLICY_HANDLER

Deprecated. Please use GSSConstants.PROXY_POLICY_HANDLERS option instead.

Context option. It is used to set a policy handler for GRIM credentials. The value is an instance of ProxyPolicyHandler

PROXY_POLICY_HANDLERS

public static final org.ietf.jgss.Oid PROXY_POLICY_HANDLERS

Context option. It is used to pass a set of proxy policy handlers. The value if a Map type. It contains mappings of proxy policy language oids and instances of ProxyPolicyHandler

TRUSTED_CERTIFICATES

public static final org.ietf.jgss.Oid TRUSTED_CERTIFICATES

Context option. It is used to set a list of trusted certificates to use during authentication (by default, the trusted certificates are loaded from a standard location) The value is an instance of TrustedCertificates

X509_CERT_CHAIN

public static final org.ietf.jgss.Oid X509_CERT_CHAIN

Used in inquireByOid function. Returns the certificate chain.

RECEIVED_LIMITED_PROXY

public static final org.ietf.jgss.Oid RECEIVED_LIMITED_PROXY

Used in inquireByOid method. Retuns if peer presented a limited credential

AUTHZ_REQUIRED_WITH_DELEGATION

public static final org.ietf.jgss.Oid AUTHZ_REQUIRED_WITH_DELEGATION

Context option. It is set to a Boolean value and if false, client authorization requirement with delegation is disabled. By default, client side authorization (to authorize the server) is required for delegation of credentials.

FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM

public static final org.ietf.jgss.Oid FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM

Context option. It is set to a Boolean value and if true, the GSI/GSSAPI layer will force the underlying SSL/TLS to use SSLv3 and a narrow set of cipher suites so communication with GRAM servers can succeed.

GSI_BIG

public static final int GSI_BIG

Quality-of-Protection (QOP) value, indicates large block size support. Can be passed to wrap or set by unwrap methods

See Also:

Constant Field Values

Constructor Detail

GSSConstants

public GSSConstants()