com.sun.jini.discovery.internal

Class X500Client

java.lang.Object

com.sun.jini.discovery.internal.BaseProvider

com.sun.jini.discovery.internal.X500Client

All Implemented Interfaces:

DelayedMulticastAnnouncementDecoder, DiscoveryFormatProvider, MulticastAnnouncementDecoder, MulticastRequestEncoder

public class X500Client
extends BaseProvider
implements MulticastRequestEncoder, DelayedMulticastAnnouncementDecoder

Superclass for client-side providers for the net.jini.discovery.x500.* discovery formats.

Field Summary

Fields

Modifier and Type	Field and Description
protected String	keyAlgorithm The key algorithm name (for example, "DSA").
protected String	keyAlgorithmOID The key algorithm OID.
protected int	maxSignatureLength The maximum length of generated signatures, in bytes.
protected String	signatureAlgorithm The signature algorithm (for example, "SHA1withDSA").

Fields inherited from class com.sun.jini.discovery.internal.BaseProvider

formatName

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	X500Client(String formatName, String signatureAlgorithm, int maxSignatureLength, String keyAlgorithm, String keyAlgorithmOID) Creates an instance with the given attributes.

Method Summary

Modifier and Type	Method and Description
MulticastAnnouncement	decodeMulticastAnnouncement(ByteBuffer buf, InvocationConstraints constraints) Decodes the multicast announcement data contained in the given buffer in a manner that satisfies the specified absolute constraints, returning a MulticastAnnouncement instance that contains the decoded data.
MulticastAnnouncement	decodeMulticastAnnouncement(ByteBuffer buf, InvocationConstraints constraints, boolean delayConstraintCheck) Decodes the multicast announcement data contained in the given buffer in a manner that satisfies the specified absolute constraints, returning a MulticastAnnouncement instance that contains the decoded data, with constraint checking optionally delayed.
void	encodeMulticastRequest(MulticastRequest request, DatagramBufferFactory bufs, InvocationConstraints constraints) Encodes the given multicast request data into byte buffers obtained from the provided datagram buffer factory, in a manner that satisfies the specified absolute constraints.
protected Certificate	getCertificate(X500Principal principal) Returns certificate corresponding to the given principal, or null if no matching certificate can be found.

Methods inherited from class com.sun.jini.discovery.internal.BaseProvider

getFormatName

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.sun.jini.discovery.DiscoveryFormatProvider

getFormatName

Field Detail

signatureAlgorithm

protected final String signatureAlgorithm

The signature algorithm (for example, "SHA1withDSA").

maxSignatureLength

protected final int maxSignatureLength

The maximum length of generated signatures, in bytes.

keyAlgorithm

protected final String keyAlgorithm

The key algorithm name (for example, "DSA").

keyAlgorithmOID

protected final String keyAlgorithmOID

The key algorithm OID.

Constructor Detail

X500Client

protected X500Client(String formatName,
                     String signatureAlgorithm,
                     int maxSignatureLength,
                     String keyAlgorithm,
                     String keyAlgorithmOID)

Creates an instance with the given attributes.

Method Detail

encodeMulticastRequest

public void encodeMulticastRequest(MulticastRequest request,
                                   DatagramBufferFactory bufs,
                                   InvocationConstraints constraints)
                            throws IOException

Description copied from interface: MulticastRequestEncoder

Encodes the given multicast request data into byte buffers obtained from the provided datagram buffer factory, in a manner that satisfies the specified absolute constraints. null constraints are considered equivalent to empty constraints. Multicast request data that is too large to fit in a single datagram buffer is split across multiple buffers, with the constraints applied to each; this method is responsible for determining if and when to split the data based on the available space in the obtained buffers.

Specified by:

encodeMulticastRequest in interface MulticastRequestEncoder

Parameters:

request - the request data to encode

bufs - the factory for producing buffers in which to write encoded data

constraints - the constraints to apply when encoding the data, or null

Throws:

IOException - if an error occurs in encoding the data to send

UnsupportedConstraintException - if unable to satisfy the specified constraints

decodeMulticastAnnouncement

public MulticastAnnouncement decodeMulticastAnnouncement(ByteBuffer buf,
                                                         InvocationConstraints constraints,
                                                         boolean delayConstraintCheck)
                                                  throws IOException

Description copied from interface: DelayedMulticastAnnouncementDecoder

Decodes the multicast announcement data contained in the given buffer in a manner that satisfies the specified absolute constraints, returning a MulticastAnnouncement instance that contains the decoded data, with constraint checking optionally delayed. null constraints are considered equivalent to empty constraints. Constraint checking may be delayed using the delayConstraintCheck flag.

If the delayConstraintCheck flag is true, the method behaves as follows:

• Some of the specified constraints may not be checked before this method returns; the returned MulticastAnnouncement's checkConstraints method must be invoked to complete checking of all the constraints.
• Constraints which must be checked before accessor methods of the returned MulticastAnnouncement can be invoked are always checked before this method returns.

If delayConstraintCheck is false, all the specified constraints are checked before this method returns.

Specified by:

decodeMulticastAnnouncement in interface DelayedMulticastAnnouncementDecoder

Parameters:

buf - a buffer containing the packet data to decode. The contents of buf may be used on subsequent invocations of the returned MulticastAnnouncement instance's checkConstraints method. The caller must ensure that the contents of buf are not modified before invocation of the checkConstraints method. Additionally, multicast announcement data must begin at position zero of buf.

constraints - the constraints to apply when decoding the data, or null

delayConstraintCheck - flag to control delayed constraint checking

Returns:

the decoded multicast announcement data

Throws:

IOException - if an error occurs in interpreting the data

UnsupportedConstraintException - if unable to satisfy the specified constraints

decodeMulticastAnnouncement

public MulticastAnnouncement decodeMulticastAnnouncement(ByteBuffer buf,
                                                         InvocationConstraints constraints)
                                                  throws IOException

Description copied from interface: MulticastAnnouncementDecoder

Decodes the multicast announcement data contained in the given buffer in a manner that satisfies the specified absolute constraints, returning a MulticastAnnouncement instance that contains the decoded data. null constraints are considered equivalent to empty constraints. All the specified constraints are checked before this method returns.

Specified by:

decodeMulticastAnnouncement in interface MulticastAnnouncementDecoder

Parameters:

buf - a buffer containing the packet data to decode. The multicast announcement data must begin at position zero of buf.

constraints - the constraints to apply when decoding the data, or null

Returns:

the decoded multicast announcement data

Throws:

IOException - if an error occurs in interpreting the data

UnsupportedConstraintException - if unable to satisfy the specified constraints

getCertificate

protected Certificate getCertificate(X500Principal principal)
                              throws IOException,
                                     GeneralSecurityException

Returns certificate corresponding to the given principal, or null if no matching certificate can be found. Subclasses can override this method to customize the certificate search mechanism.

The default implementation of this method does the following: the first time this method is called on this instance, a keystore containing trust anchors for the certificate to return is loaded. The location of the file to load the keystore from can be specified (in order of precedence) by the com.sun.jini.discovery.x500.trustStore and javax.net.ssl.trustStore system properties; if no location is specified, then the cacerts file in the lib/security subdirectory of the JDK installation directory is used. If specified, the location is treated as a URL. If no protocol is specified in the URL or it is an unknown protocol, then, the location is treated as a file name. Depending on which system property is used to specify the keystore location, the com.sun.jini.discovery.x500.trustStoreType and com.sun.jini.discovery.x500.trustStorePassword or javax.net.ssl.trustStoreType and javax.net.ssl.trustStorePassword system properties can be used to specify the type of the keystore and the password to use when loading it. If no keystore type is specified, then the type returned by KeyStore.getDefaultType() is used; if no password is specified, then no password is used when loading the keystore. Additionally, if the com.sun.jini.discovery.x500.ldapCertStores system property is set, its value is interpreted as a comma-separated list of "host[:port]" elements which are used to obtain references to LDAP-based CertStore instances.

For each call, the default implementation of this method creates a PKIX CertPathBuilder and calls its build method, passing as the argument a PKIXBuilderParameters instance initialized with the aforementioned keystore, CertStores (if any), and a CertSelector based on the provided X.500 principal and the key algorithm OID for this instance. If the build operation succeeds, the resulting certificate is returned.

Throws:

IOException

GeneralSecurityException