Package org.globus.gsi.gssapi

Class GSSConstants

  • public abstract class GSSConstants
extends Object
    Defines common GSI-GSS constants.

    • Field Detail

      • MECH_OID

        public static final Oid MECH_OID
        Globus GSI GSS mechanism Oid

      • REJECT_LIMITED_PROXY

        public static final Oid REJECT_LIMITED_PROXY
        Context option. It is used to enable/disable the rejection of limited proxies during authentication. In can be set to either Boolean.TRUE or Boolean.FALSE. By default limited proxies are accepted.

      • CHECK_CONTEXT_EXPIRATION

        public static final Oid CHECK_CONTEXT_EXPIRATION
        Context option. It is used to enable/disable context expiration checking for methods like wrap, unwrap, verifyMIC, getMIC. In can be set to either Boolean.TRUE or Boolean.FALSE. By default context expiration checking is disabled.

      • REQUIRE_CLIENT_AUTH

        public static final Oid REQUIRE_CLIENT_AUTH
        Context option. It is used to enable/disable client authentication on acceptor side. In can be set to either Boolean.TRUE or Boolean.FALSE. By default client authentication is enabled.

      • ACCEPT_NO_CLIENT_CERTS

        public static final Oid ACCEPT_NO_CLIENT_CERTS
        Context option. It is only used when client authentication is enabled. In can be set to either Boolean.TRUE or Boolean.FALSE. If set to Boolean.TRUE a context will be successfully established even though client send no certificates and client authentication was required. If set to Boolean.FALSE, the context establishment will fail if client does not send its certificates and client authentication was requested.

      • PROXY_POLICY_HANDLERS

        public static final Oid PROXY_POLICY_HANDLERS
        Context option. It is used to pass a set of proxy policy handlers. The value if a Map type. It contains mappings of proxy policy language oids and instances of ProxyPolicyHandler

      • TRUSTED_CERTIFICATES

        public static final Oid TRUSTED_CERTIFICATES
        Context option. It is used to set a list of trusted certificates to use during authentication (by default, the trusted certificates are loaded from a standard location) The value is an instance of TrustedCertificates

      • X509_CERT_CHAIN

        public static final Oid X509_CERT_CHAIN
        Used in inquireByOid function. Returns the certificate chain.

      • RECEIVED_LIMITED_PROXY

        public static final Oid RECEIVED_LIMITED_PROXY
        Used in inquireByOid method. Retuns if peer presented a limited credential

      • AUTHZ_REQUIRED_WITH_DELEGATION

        public static final Oid AUTHZ_REQUIRED_WITH_DELEGATION
        Context option. It is set to a Boolean value and if false, client authorization requirement with delegation is disabled. By default, client side authorization (to authorize the server) is required for delegation of credentials.

      • FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM

        public static final Oid FORCE_SSLV3_AND_CONSTRAIN_CIPHERSUITES_FOR_GRAM
        Context option. It is set to a Boolean value and if true, the GSI/GSSAPI layer will force the underlying SSL/TLS to use SSLv3 and a narrow set of cipher suites so communication with GRAM servers can succeed.

      • GSI_BIG

        public static final int GSI_BIG
        Quality-of-Protection (QOP) value, indicates large block size support. Can be passed to wrap or set by unwrap methods
        See Also:
        Constant Field Values

    • Constructor Detail

      • GSSConstants

        public GSSConstants()