Package org.globus.myproxy
Class MyProxy
java.lang.Object
org.globus.myproxy.MyProxy
This class provides an API for communicating with MyProxy servers.
It provides main functions for retrieving, removing and
storing credentials on MyProxy server. It also provides functions
for getting credential information and changing passwords.
More information about MyProxy is available on the MyProxy Home Page.
- Version:
- 2.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected Authorization
The authorization policy in effect for the target MyProxy server.static final int
The integer command number for the MyProxy Password Change command (4).protected GSSContext
The GSSContext for communication with the MyProxy server.static final int
The default key size (2048 bits).static final int
The default MyProxy server port (7512).static final int
The integer command number for the MyProxy 'Destroy' command (3).static final int
The integer command number for the MyProxy 'Get' command (0).static final int
The integer command number for the MyProxy 'Get Trustroots' command (7).protected String
The hostname(s) of the target MyProxy server(s).static final int
The integer command number for the MyProxy 'Info' command (2).static final int
static final String
protected int
The port of the target MyProxy server (default 7512).static final int
The integer command number for the MyProxy 'Put' command (1).static final int
The integer command number for the MyProxy 'Retrieve' command (6).static final int
The integer command number for the MyProxy 'Store' command (5).protected String[]
protected String[]
Trustroot information and path constant.static final String
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
Bootstraps trustroot information from the MyProxy server.void
changePassword
(GSSCredential credential, ChangePasswordParams params) Changes the password of the credential on the MyProxy server.void
destroy
(GSSCredential credential, String username, String passphrase) Removes delegated credentials from the MyProxy server.void
destroy
(GSSCredential credential, DestroyParams params) Removes delegated credentials from the MyProxy server.Retrieves delegated credentials from MyProxy server Anonymously (without local credentials) Notes: Performs simple verification of private/public keys of the delegated credential.get
(GSSCredential credential, String username, String passphrase, int lifetime) Retrieves delegated credentials from the MyProxy server.get
(GSSCredential credential, GetParams params) Retrieves delegated credentials from the MyProxy server.Get MyProxy server authorization mechanism.getHost()
Get MyProxy server hostname.int
getPort()
Get MyProxy server port.static String
Returns the trusted certificates directory location where writeTrustRoots() will store certificates.void
getTrustroots
(GSSCredential credential, GetTrustrootsParams params) Retrieves trustroot information from the MyProxy server.info
(GSSCredential credential, String username, String passphrase) Retrieves credential information from MyProxy server.info
(GSSCredential credential, InfoParams params) Retrieves credential information from MyProxy server.void
put
(GSSCredential credential, String username, String passphrase, int lifetime) Delegate credentials to a MyProxy server.void
put
(GSSCredential credential, InitParams params) Delegate credentials to a MyProxy server.void
setAuthorization
(Authorization authorization) Set MyProxy server authorization mechanism.void
Set MyProxy server hostname.void
setPort
(int port) Set MyProxy server port.void
store
(GSSCredential credential, X509Certificate[] certs, OpenSSLKey key, StoreParams params) Store credentials on a MyProxy server.boolean
Writes the retrieved trust roots to the Globus trusted certificates directory.boolean
writeTrustRoots
(String directory) Writes the retrieved trust roots to a trusted certificates directory.
-
Field Details
-
version
- See Also:
-
MIN_PASSWORD_LENGTH
public static final int MIN_PASSWORD_LENGTH- See Also:
-
MYPROXY_PROTOCOL_VERSION
- See Also:
-
DEFAULT_PORT
public static final int DEFAULT_PORTThe default MyProxy server port (7512).- See Also:
-
DEFAULT_KEYBITS
public static final int DEFAULT_KEYBITSThe default key size (2048 bits).- See Also:
-
GET_PROXY
public static final int GET_PROXYThe integer command number for the MyProxy 'Get' command (0).- See Also:
-
PUT_PROXY
public static final int PUT_PROXYThe integer command number for the MyProxy 'Put' command (1).- See Also:
-
INFO_PROXY
public static final int INFO_PROXYThe integer command number for the MyProxy 'Info' command (2).- See Also:
-
DESTROY_PROXY
public static final int DESTROY_PROXYThe integer command number for the MyProxy 'Destroy' command (3).- See Also:
-
CHANGE_PASSWORD
public static final int CHANGE_PASSWORDThe integer command number for the MyProxy Password Change command (4).- See Also:
-
STORE_CREDENTIAL
public static final int STORE_CREDENTIALThe integer command number for the MyProxy 'Store' command (5).- See Also:
-
RETRIEVE_CREDENTIAL
public static final int RETRIEVE_CREDENTIALThe integer command number for the MyProxy 'Retrieve' command (6).- See Also:
-
GET_TRUSTROOTS
public static final int GET_TRUSTROOTSThe integer command number for the MyProxy 'Get Trustroots' command (7).- See Also:
-
host
The hostname(s) of the target MyProxy server(s). Multiple host names can be specified comma delimited with each hostname optionally followed by a ':' and port number. The client will communicate with the first server it has a successful network connection with. -
port
protected int portThe port of the target MyProxy server (default 7512). -
authorization
The authorization policy in effect for the target MyProxy server. -
context
The GSSContext for communication with the MyProxy server. -
trustrootFilenames
Trustroot information and path constant. -
trustrootData
-
-
Constructor Details
-
MyProxy
public MyProxy()Initialize the MyProxy client object with the default authorization policy. -
MyProxy
Prepare to connect to the MyProxy server at the specified host and port using the default authorization policy.- Parameters:
host
- The hostname(s) of the MyProxy server(s) with optional port info. Multiple hostnames can be specified in a comma separated list with each hostname optionally followed by a ':' and port number. The client will communicate with the first server it has a successful network connection with.port
- The port number of the MyProxy server to use if one is not specified as part of the host string.
-
-
Method Details
-
setHost
Set MyProxy server hostname.- Parameters:
host
- The hostname(s) of the MyProxy server(s). Multiple host names are comma delimited with each hostname optionally followed by a ':' and port number. The client will communicate with the first server it has a successful network connection with.
-
getHost
Get MyProxy server hostname.- Returns:
- The hostname of the MyProxy server.
-
setPort
public void setPort(int port) Set MyProxy server port.- Parameters:
port
- The port number of the MyProxy server to use if one is not specified as part of the host string. Defaults to MyProxy.DEFAULT_PORT.
-
getPort
public int getPort()Get MyProxy server port.- Returns:
- The port number of the MyProxy server.
-
setAuthorization
Set MyProxy server authorization mechanism.- Parameters:
authorization
- The authorization mechanism for the MyProxy server.
-
getAuthorization
Get MyProxy server authorization mechanism.- Returns:
- The authorization mechanism for the MyProxy server.
-
put
public void put(GSSCredential credential, String username, String passphrase, int lifetime) throws MyProxyException Delegate credentials to a MyProxy server.- Parameters:
credential
- The GSI credentials to use.username
- The username to store the credentials under.passphrase
- The passphrase to use to encrypt the stored credentials.lifetime
- The maximum lifetime of credentials delegated by the server (in seconds).- Throws:
MyProxyException
- If an error occurred during the operation.
-
put
Delegate credentials to a MyProxy server.- Parameters:
credential
- The GSI credentials to use.params
- The parameters for the put operation.- Throws:
MyProxyException
- If an error occurred during the operation.
-
store
public void store(GSSCredential credential, X509Certificate[] certs, OpenSSLKey key, StoreParams params) throws MyProxyException Store credentials on a MyProxy server. Copies certificate(s) and private key directly to the server rather than delegating an X.509 proxy credential.- Parameters:
credential
- The local GSI credentials to use for authentication.certs
- The certificate(s) to store.key
- The private key to store (typically encrypted).params
- The parameters for the store operation.- Throws:
MyProxyException
- If an error occurred during the operation.
-
destroy
public void destroy(GSSCredential credential, String username, String passphrase) throws MyProxyException Removes delegated credentials from the MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication.username
- The username of the credentials to remove.passphrase
- The passphrase of the credentials to remove.- Throws:
MyProxyException
- If an error occurred during the operation.
-
destroy
Removes delegated credentials from the MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication.params
- The parameters for the destroy operation.- Throws:
MyProxyException
- If an error occurred during the operation.
-
changePassword
public void changePassword(GSSCredential credential, ChangePasswordParams params) throws MyProxyException Changes the password of the credential on the MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication.params
- The parameters for the change password operation.- Throws:
MyProxyException
- If an error occurred during the operation.
-
info
public CredentialInfo info(GSSCredential credential, String username, String passphrase) throws MyProxyException Retrieves credential information from MyProxy server. Only the information of the default credential is returned by this operation.- Parameters:
credential
- The local GSI credentials to use for authentication.username
- The username of the credentials to remove.passphrase
- The passphrase of the credentials to remove.- Returns:
- The credential information of the default credential.
- Throws:
MyProxyException
- If an error occurred during the operation.
-
info
Retrieves credential information from MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication.params
- The parameters for the info operation.- Returns:
- The array of credential information of all the user's credentials.
- Throws:
MyProxyException
- If an error occurred during the operation.
-
get
Retrieves delegated credentials from MyProxy server Anonymously (without local credentials) Notes: Performs simple verification of private/public keys of the delegated credential. Should be improved later. And only checks for RSA keys.- Parameters:
username
- The username of the credentials to retrieve.passphrase
- The passphrase of the credentials to retrieve.lifetime
- The requested lifetime of the retrieved credential (in seconds).- Returns:
- GSSCredential The retrieved delegated credentials.
- Throws:
MyProxyException
- If an error occurred during the operation.
-
get
public GSSCredential get(GSSCredential credential, String username, String passphrase, int lifetime) throws MyProxyException Retrieves delegated credentials from the MyProxy server. Notes: Performs simple verification of private/public keys of the delegated credential. Should be improved later. And only checks for RSA keys.- Parameters:
credential
- The local GSI credentials to use for authentication. Can be set to null if no local credentials.username
- The username of the credentials to retrieve.passphrase
- The passphrase of the credentials to retrieve.lifetime
- The requested lifetime of the retrieved credential (in seconds).- Returns:
- GSSCredential The retrieved delegated credentials.
- Throws:
MyProxyException
- If an error occurred during the operation.
-
get
Retrieves delegated credentials from the MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication. Can be set to null if no local credentials.params
- The parameters for the get operation.- Returns:
- GSSCredential The retrieved delegated credentials.
- Throws:
MyProxyException
- If an error occurred during the operation.
-
getTrustroots
public void getTrustroots(GSSCredential credential, GetTrustrootsParams params) throws MyProxyException Retrieves trustroot information from the MyProxy server.- Parameters:
credential
- The local GSI credentials to use for authentication. Can be set to null if no local credentials.params
- The parameters for the get-trustroots operation.- Throws:
MyProxyException
- If an error occurred during the operation.
-
bootstrapTrust
Bootstraps trustroot information from the MyProxy server.- Throws:
MyProxyException
- If an error occurred during the operation.
-
getTrustRootPath
Returns the trusted certificates directory location where writeTrustRoots() will store certificates. It first checks the X509_CERT_DIR system property. If that property is not set, it uses ${user.home}/.globus/certificates. Note that, unlike CoGProperties.getCaCertLocations(), it does not return /etc/grid-security/certificates or ${GLOBUS_LOCATION}/share/certificates. -
writeTrustRoots
Writes the retrieved trust roots to the Globus trusted certificates directory.- Returns:
- true if trust roots are written successfully, false if no trust roots are available to be written
- Throws:
IOException
-
writeTrustRoots
Writes the retrieved trust roots to a trusted certificates directory.- Parameters:
directory
- path where the trust roots should be written- Returns:
- true if trust roots are written successfully, false if no trust roots are available to be written
- Throws:
IOException
-