|
GigaSpaces XAP 8.0 API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object net.jini.core.constraint.Integrity
public final class Integrity
Represents a constraint on the integrity of message contents, covering not
only data transmitted in band as part of the remote call itself, but also
out-of-band downloaded code. If an integrity violation on in-band data is
detected during a remote call, a RemoteException
will be
thrown (in the client or in the server, depending on which side detected
the violation). If an integrity violation on out-of-band data is detected,
an IOException
will be thrown at the point where the data
is downloaded.
Although most of the data for a remote call is transmitted in band as part of the call itself, code is downloaded out of band, based on codebase URLs that are transmitted in band. For a remote call to have integrity, the out-of-band code as well as the in-band data must have integrity. A proxy implementation that provides for integrity must ensure the integrity of both code and data.
Code signing is difficult to use for this purpose if the classes span more than a single package (because individual files are signed rather than the entire JAR file being signed, and the only automatic enforcement is that classes in a single package all have the same signers), or if the code references bundled resources (because there is no way to determine the signers of a resource). A better technique is to use codebase URLs that provide content integrity, such as HTTPMD or HTTPS URLs. If integrity-protecting codebase URLs are used, and the URLs themselves are sent as part of the integrity-protected in-band data, the result is complete object integrity. Because out-of-band communication is used, integrity-protecting URLs must either contain sufficient information to independently verify integrity (as is the case with HTTPMD URLs), or must contain sufficient information to authenticate the origin of the content and use sufficient means to maintain content integrity in transit (as is the case with HTTPS URLs).
Serialization for this class is guaranteed to produce instances that are
comparable with ==
.
Security.verifyCodebaseIntegrity
,
Serialized FormField Summary | |
---|---|
static Integrity |
NO
Do not detect when message contents have been altered by third parties. |
static Integrity |
YES
Detect when message contents (both requests and replies) have been altered by third parties, and if detected, refuse to process the message and throw an exception. |
Method Summary | |
---|---|
String |
toString()
Returns a string representation of this object. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Field Detail |
---|
public static final Integrity YES
public static final Integrity NO
Method Detail |
---|
public String toString()
toString
in class Object
|
GigaSpaces XAP 8.0 API | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |