View Javadoc

1   package fr.in2p3.jsaga.adaptor.security.usage;
2   
3   import fr.in2p3.jsaga.adaptor.base.usage.UFile;
4   import org.gridforum.jgss.ExtendedGSSCredential;
5   import org.gridforum.jgss.ExtendedGSSManager;
6   import org.ietf.jgss.GSSCredential;
7   import org.ietf.jgss.GSSException;
8   import org.ogf.saga.error.IncorrectStateException;
9   
10  import java.io.*;
11  
12  /* ***************************************************
13  * *** Centre de Calcul de l'IN2P3 - Lyon (France) ***
14  * ***             http://cc.in2p3.fr/             ***
15  * ***************************************************
16  * File:   UProxyFile
17  * Author: Sylvain Reynaud (sreynaud@in2p3.fr)
18  * Date:   13 aout 2007
19  * ***************************************************
20  * Description:                                      */
21  /**
22   *
23   */
24  public class UProxyFile extends UFile {
25      private int m_minLifeTime;
26  
27      public UProxyFile(int id, String name, int minLifeTime) {
28          super(id, name);
29          m_minLifeTime = minLifeTime;
30      }
31  
32      public String toString() {
33          return "<"+m_name+":"+m_minLifeTime+">";
34      }
35  
36      protected Object throwExceptionIfInvalid(Object value) throws Exception {
37          File file = (File) super.throwExceptionIfInvalid(value);
38          GSSCredential cred = load(file);
39          if (cred.getRemainingLifetime() < m_minLifeTime) {
40              throw new IncorrectStateException("Proxy file remaining lifetime is not enougth: "+cred.getRemainingLifetime());
41          }
42          return cred;
43      }
44  
45      private static GSSCredential load(File proxyFile) throws IOException, GSSException {
46          byte [] proxyBytes = new byte[(int) proxyFile.length()];
47          FileInputStream in = new FileInputStream(proxyFile);
48          in.read(proxyBytes);
49          in.close();
50          ExtendedGSSManager manager = (ExtendedGSSManager) ExtendedGSSManager.getInstance();
51          return manager.createCredential(
52                  proxyBytes,
53                  ExtendedGSSCredential.IMPEXP_OPAQUE,
54                  GSSCredential.DEFAULT_LIFETIME,
55                  null, // use default mechanism: GSI
56                  GSSCredential.ACCEPT_ONLY);
57      }
58  }