Overview  Package   Class  Tree  Deprecated  Index  Help 
Novell exteNd Messaging Platform 5.1
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.sssw.jbroker.api.security
Interface SecurityCurrent

All Superinterfaces:
Current, CurrentOperations, IDLEntity, Object, Serializable
All Known Subinterfaces:
SecurityCurrent
public interface SecurityCurrent
extends Object, Current

The Security Current interface is used to set/get the Identity of the caller. When the Authenticated Principal is set, and the target Object supports Authentication, then the Authenticated Principal is automatically propagated to the target by the ORB.

The Authenticated Principal objects can be associated at two different levels - thread level, and ORB level.

For example, a client program can Authenticate using the Authenticator, and then set the AuthenticatedPrincipal at the ORB level. Now all invocations from this ORB, will propagate the AuthenticatedPrincipal "on-the-wire".

To make different threads execute with different Identities, set the AuthenticatedPrincipal at the thread level. When both the thread level and ORB level Authenticated Principals are set, the thread level takes precedence.

The SecurityCurrent is obtained from the ORB using the resolve_initial_references method. 

       SecurityCurrent secCurrent = (SecurityCurrent) orb.
           resolve_initial_references("SecurityCurrent");
When using IIOP/SSL, the SucurityCurrent also makes available the negotiated CipherSuite, and the peer Certificate Chain.

Method Summary
 byte[][] getCertificateChain()
          Get DER encoded Certificate chain of the client.
 byte[][] getCertificateChain(ObjectImpl objref)
          Get DER encoded Certificate chain of the given object.
 InetAddress getInetAddress()
          Get the IP address of the remote client.
 InetAddress getLocalAddress()
          Get the local IP address.
 int getLocalPort()
          Get the local IP port.
 CipherSuite getNegotiatedCipherSuite()
          Get the CipherSuite negotiated with the client.
 CipherSuite getNegotiatedCipherSuite(ObjectImpl objref)
          Get the CipherSuite negotiated with the given object.
 Principal getORBPrincipal()
          Deprecated.  
 int getPort()
          Get the port of the remote client.
 Principal getPrincipal()
          Deprecated.  
 Principal getPrincipal(Thread thread)
          Deprecated.  
 Principal getThreadPrincipal()
          Deprecated.  
 Principal getThreadPrincipal(Thread thread)
          Deprecated.  
 void setORBPrincipal(AuthenticatedPrincipal principal)
          Deprecated.  
 void stackThreadPrincipal(AuthenticatedPrincipal principal)
          Deprecated.  
 void stackThreadPrincipal(AuthenticatedPrincipal principal, Thread thread)
          Deprecated.  
 void unsetORBPrincipal(AuthenticatedPrincipal oldPrincipal)
          Deprecated.  
 void unstackThreadPrincipal(AuthenticatedPrincipal oldPrincipal)
          Deprecated.  
 void unstackThreadPrincipal(AuthenticatedPrincipal oldPrincipal, Thread thread)
          Deprecated.  
 
Methods inherited from interface org.omg.CORBA.Object
_create_request, _create_request, _duplicate, _get_domain_managers, _get_interface_def, _get_policy, _hash, _is_a, _is_equivalent, _non_existent, _release, _request, _set_policy_override
 

Method Detail

setORBPrincipal

public void setORBPrincipal(AuthenticatedPrincipal principal)
                     throws SecurityException
Deprecated.  

Set the default Principal. If the principal is already set, then it cannot be changed unless it is unset first.

Throws:
SecurityException
See Also:
SecurityCurrent.setORBContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext)

getORBPrincipal

public Principal getORBPrincipal()
Deprecated.  

Get the default Principal associated with the ORB. Note, that the returned type is not an AuthenticatedPrincipal and can not be used to unset the AutheticatedPrincipal by malicious code.

unsetORBPrincipal

public void unsetORBPrincipal(AuthenticatedPrincipal oldPrincipal)
                       throws SecurityException
Deprecated.  

Unset the default Principal associeted with the ORB. The principal currently set in the ORB is passed in as a capability.

Throws:
SecurityException
See Also:
SecurityCurrent.unsetORBContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext)

stackThreadPrincipal

public void stackThreadPrincipal(AuthenticatedPrincipal principal)
                          throws SecurityException
Deprecated.  

Stack the Principal associated with this Thread.

Throws:
SecurityException
See Also:
SecurityCurrent.stackThreadContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext)

stackThreadPrincipal

public void stackThreadPrincipal(AuthenticatedPrincipal principal,
                                 Thread thread)
                          throws SecurityException
Deprecated.  

Stack the Principal associated with the given Thread.

Throws:
SecurityException
See Also:
SecurityCurrent.stackThreadContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext, java.lang.Thread)

getThreadPrincipal

public Principal getThreadPrincipal()
Deprecated.  

Get the Principal associated with the current thread. Note, that the returned type is not an AuthenticatedPrincipal and can not be used to unset the AutheticatedPrincipal by malicious code.

See Also:
SecurityCurrent.getThreadSecurityContext()

getThreadPrincipal

public Principal getThreadPrincipal(Thread thread)
Deprecated.  

Get the Principal associated with the given thread. Note, that the returned type is not an AuthenticatedPrincipal and can not be used to unset the AutheticatedPrincipal by malicious code.

See Also:
SecurityCurrent.getThreadSecurityContext(java.lang.Thread)

unstackThreadPrincipal

public void unstackThreadPrincipal(AuthenticatedPrincipal oldPrincipal)
                            throws SecurityException
Deprecated.  

Unstack the Principal associated with this Thread. If oldPrincipal, does not match the stacked principal, exception is thrown.

Throws:
SecurityException
See Also:
SecurityCurrent.unstackThreadContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext)

unstackThreadPrincipal

public void unstackThreadPrincipal(AuthenticatedPrincipal oldPrincipal,
                                   Thread thread)
                            throws SecurityException
Deprecated.  

Unstack the Principal associated with the given Thread. If oldPrincipal, does not match the stacked principal, exception is thrown.

Throws:
SecurityException
See Also:
SecurityCurrent.unstackThreadContext(com.sssw.jbroker.api.security.CSIv2.SecurityContext, java.lang.Thread)

getPrincipal

public Principal getPrincipal()
Deprecated.  

Get the effective Principal of the current thread. It returns the top most stacked Thread level Principal, if it exists; otherwise, it returns the ORB level Principal.

See Also:
SecurityCurrent.getThreadSecurityContext(java.lang.Thread)

getPrincipal

public Principal getPrincipal(Thread thread)
Deprecated.  

Get the effective Principal of the given thread. It returns the top most stacked Thread level Principal, if it exists; otherwise, it returns the ORB level Principal.

See Also:
SecurityCurrent.getThreadSecurityContext(java.lang.Thread)

getInetAddress

public InetAddress getInetAddress()
Get the IP address of the remote client. It returns null if the client is local.

getPort

public int getPort()
Get the port of the remote client. It returns 0 if the client is local.

getLocalAddress

public InetAddress getLocalAddress()
Get the local IP address.

getLocalPort

public int getLocalPort()
Get the local IP port.

getNegotiatedCipherSuite

public CipherSuite getNegotiatedCipherSuite()
                                     throws SecurityException
Get the CipherSuite negotiated with the client.

Throws:
SecurityException
Since:
jBroker 3.0

getNegotiatedCipherSuite

public CipherSuite getNegotiatedCipherSuite(ObjectImpl objref)
                                     throws SecurityException
Get the CipherSuite negotiated with the given object.

Throws:
SecurityException
Since:
jBroker 3.0

getCertificateChain

public byte[][] getCertificateChain()
                             throws SecurityException
Get DER encoded Certificate chain of the client.

On JDK 1.2, you can convert the raw DER encoded certificate bytes to a X509Certificate using: 

     CertificateFactory cf = CertificateFactory.getInstance("X.509");
     byte[][] certs = secCurrent.getCertificateChain();
     X509Certificate cert = (X509Certificate) cf.generateCertificate(
         new ByteArrayInputStream(certs[i]))

Throws:
SecurityException
Since:
jBroker 3.0

getCertificateChain

public byte[][] getCertificateChain(ObjectImpl objref)
                             throws SecurityException
Get DER encoded Certificate chain of the given object.

On JDK 1.2, you can convert the raw DER encoded certificate bytes to a X509Certificate using: 

     CertificateFactory cf = CertificateFactory.getInstance("X.509");
     byte[][] certs = secCurrent.getCertificateChain();
     X509Certificate cert = (X509Certificate) cf.generateCertificate(
         new ByteArrayInputStream(certs[i]))

Throws:
SecurityException
Since:
jBroker 3.0
Overview  Package   Class  Tree  Deprecated  Index  Help 
Novell exteNd Messaging Platform 5.1
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
exteNd is a registered trademark of Novell, Inc.
Copyright 1998-2003 Novell, Inc. All Rights Reserved.