SecurityMechanismSelector (Payara Project 5.182 API)

java.lang.Object
- com.sun.enterprise.iiop.security.SecurityMechanismSelector

All Implemented Interfaces:

org.glassfish.hk2.api.PostConstruct
```
@Service
 @Singleton
public final class SecurityMechanismSelector
extends Object
implements org.glassfish.hk2.api.PostConstruct
```
This class is responsible for making various decisions for selecting security information to be sent in the IIOP message based on target configuration and client policies. Note: This class can be called concurrently by multiple client threads. However, none of its methods need to be synchronized because the methods either do not modify state or are idempotent.

Author:

Nithya Subramanian

Field Summary

Fields
Modifier and Type Field and Description

static String CLIENT_CONNECTION_CONTEXT

Fields
Modifier and Type	Field and Description
`static String`	`CLIENT_CONNECTION_CONTEXT`

Constructor Summary

Constructors
Constructor and Description

SecurityMechanismSelector()
Read the client and server preferences from the config files.

Constructors
Constructor and Description
`SecurityMechanismSelector()` Read the client and server preferences from the config files.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`SecurityContext`	`evaluateTrust(SecurityContext ctx, byte[] object_id, Socket socket)` Called by the target to interpret client credentials after validation.
`ConnectionContext`	`getClientConnectionContext()`
`CSIV2TaggedComponentInfo`	`getCtc()`
`ORB`	`getOrb()`
`SecurityContext`	`getSecurityContextForAppClient(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)` Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an appclient or standalone client.
`SecurityContext`	`getSecurityContextForWebOrEJB(ComponentInvocation ci, boolean sslUsed, boolean clientAuthOccurred, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)` Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an web component or EJB invoking another EJB.
`static String`	`getSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech[] list, String name)`
`String`	`getSecurityMechanismString(CSIV2TaggedComponentInfo tCI, com.sun.corba.ee.spi.ior.IOR ior)`
`com.sun.corba.ee.spi.transport.SocketInfo`	`getSSLPort(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)` This method determines if SSL should be used to connect to the target based on client and target policies.
`List<com.sun.corba.ee.spi.transport.SocketInfo>`	`getSSLPorts(com.sun.corba.ee.spi.ior.IOR ior, ConnectionContext ctx)`
`boolean`	`isIdentityTypeSupported(com.sun.corba.ee.org.omg.CSIIOP.SAS_ContextSec sas)`
`boolean`	`isSslRequired()`
`void`	`postConstruct()`
`SecurityContext`	`selectSecurityContext(com.sun.corba.ee.spi.ior.IOR ior)` Select the security context to be used by the CSIV2 layer based on whether the current component is an application client or a web/EJB component.
`com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech`	`selectSecurityMechanism(com.sun.corba.ee.spi.ior.IOR ior)`
`void`	`setClientConnectionContext(ConnectionContext scc)`
`void`	`setOrb(ORB val)`
`static boolean`	`traceIORs()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail
- CLIENT_CONNECTION_CONTEXT
```
public static final String CLIENT_CONNECTION_CONTEXT
```
  See Also:
  
  Constant Field Values

Constructor Detail
- SecurityMechanismSelector
```
public SecurityMechanismSelector()
```
  Read the client and server preferences from the config files.

Method Detail

postConstruct
```
public void postConstruct()
```
Specified by:

postConstruct in interface org.glassfish.hk2.api.PostConstruct

getClientConnectionContext

public ConnectionContext getClientConnectionContext()

setClientConnectionContext

public void setClientConnectionContext(ConnectionContext scc)

getSSLPort

public com.sun.corba.ee.spi.transport.SocketInfo getSSLPort(com.sun.corba.ee.spi.ior.IOR ior,
                                                            ConnectionContext ctx)

This method determines if SSL should be used to connect to the target based on client and target policies. It will return null if SSL should not be used or an SocketInfo containing the SSL port if SSL should be used.

getOrb
```
public ORB getOrb()
```

setOrb
```
public void setOrb(ORB val)
```

getCtc

public CSIV2TaggedComponentInfo getCtc()

getSSLPorts

public List<com.sun.corba.ee.spi.transport.SocketInfo> getSSLPorts(com.sun.corba.ee.spi.ior.IOR ior,
                                                                   ConnectionContext ctx)

selectSecurityContext

public SecurityContext selectSecurityContext(com.sun.corba.ee.spi.ior.IOR ior)
                                      throws InvalidIdentityTokenException,
                                             InvalidMechanismException,
                                             SecurityMechanismException

Select the security context to be used by the CSIV2 layer based on whether the current component is an application client or a web/EJB component.

Throws:: InvalidIdentityTokenException; InvalidMechanismException; SecurityMechanismException

getSecurityContextForAppClient

public SecurityContext getSecurityContextForAppClient(ComponentInvocation ci,
                                                      boolean sslUsed,
                                                      boolean clientAuthOccurred,
                                                      com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)
                                               throws InvalidMechanismException,
                                                      InvalidIdentityTokenException,
                                                      SecurityMechanismException

Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an appclient or standalone client.

Returns:: the security context.
Throws:: InvalidMechanismException; InvalidIdentityTokenException; SecurityMechanismException

getSecurityContextForWebOrEJB

public SecurityContext getSecurityContextForWebOrEJB(ComponentInvocation ci,
                                                     boolean sslUsed,
                                                     boolean clientAuthOccurred,
                                                     com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech mechanism)
                                              throws InvalidMechanismException,
                                                     InvalidIdentityTokenException,
                                                     SecurityMechanismException

Create the security context to be used by the CSIV2 layer to marshal in the service context of the IIOP message from an web component or EJB invoking another EJB.

Returns:: the security context.
Throws:: InvalidMechanismException; InvalidIdentityTokenException; SecurityMechanismException

isIdentityTypeSupported

public boolean isIdentityTypeSupported(com.sun.corba.ee.org.omg.CSIIOP.SAS_ContextSec sas)

selectSecurityMechanism

public com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech selectSecurityMechanism(com.sun.corba.ee.spi.ior.IOR ior)
                                                                        throws SecurityMechanismException

Throws:: SecurityMechanismException

evaluateTrust

public SecurityContext evaluateTrust(SecurityContext ctx,
                                     byte[] object_id,
                                     Socket socket)
                              throws SecurityMechanismException

Called by the target to interpret client credentials after validation.

Throws:: SecurityMechanismException

isSslRequired
```
public boolean isSslRequired()
```

traceIORs
```
public static boolean traceIORs()
```

getSecurityMechanismString

public String getSecurityMechanismString(CSIV2TaggedComponentInfo tCI,
                                         com.sun.corba.ee.spi.ior.IOR ior)

getSecurityMechanismString

public static String getSecurityMechanismString(CSIV2TaggedComponentInfo tCI,
                                                com.sun.corba.ee.org.omg.CSIIOP.CompoundSecMech[] list,
                                                String name)

Class SecurityMechanismSelector

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

CLIENT_CONNECTION_CONTEXT

Constructor Detail

SecurityMechanismSelector

Method Detail

postConstruct

getClientConnectionContext

setClientConnectionContext

getSSLPort

getOrb

setOrb

getCtc

getSSLPorts

selectSecurityContext

getSecurityContextForAppClient

getSecurityContextForWebOrEJB

isIdentityTypeSupported

selectSecurityMechanism

evaluateTrust

isSslRequired

traceIORs

getSecurityMechanismString

getSecurityMechanismString