|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Objectorg.glite.security.util.proxy.ProxyRestrictionData
public class ProxyRestrictionData
An utility class for defining the allowed address space, used both to define the source and target restrictions. The format is:
iGTFProxyRestrictFrom ::= NameConstraints
iGTFProxyRestrictTarget ::= NameConstraints
NameConstraints::= SEQUENCE {
permittedSubtrees [0] GeneralSubtrees OPTIONAL,
excludedSubtrees [1] GeneralSubtrees OPTIONAL }
GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
GeneralSubtree ::= SEQUENCE {
base GeneralName,
minimum [0] BaseDistance DEFAULT 0,
maximum [1] BaseDistance OPTIONAL }
BaseDistance ::= INTEGER (0..MAX)
GeneralName ::= CHOICE {
otherName [0] OtherName,
rfc822Name [1] IA5String,
dNSName [2] IA5String,
x400Address [3] ORAddress,
directoryName [4] Name,
ediPartyName [5] EDIPartyName,
uniformResourceIdentifier [6] IA5String,
iPAddress [7] OCTET STRING,
registeredID [8] OBJECT IDENTIFIER }
OtherName ::= SEQUENCE {
type-id OBJECT IDENTIFIER,
value [0] EXPLICIT ANY DEFINED BY type-id }
EDIPartyName ::= SEQUENCE {
nameAssigner [0] DirectoryString OPTIONAL,
partyName [1] DirectoryString }
And in this class only the IPAddress as a IP address - netmask combination is supported.
| Field Summary | |
|---|---|
static java.lang.String |
SOURCE_RESTRICTION_OID
The OID for the proxy source restriction |
static java.lang.String |
TARGET_RESTRICTION_OID
The OID for the proxy target Restriction |
| Constructor Summary | |
|---|---|
ProxyRestrictionData()
Constructor to generate an empty ProxyRestrictionData object for creating new restrictions. |
|
ProxyRestrictionData(byte[] bytes)
Parses the restriction data from byte array. |
|
| Method Summary | |
|---|---|
void |
addExcludedIPAddressWithNetmask(java.lang.String address)
Adds a new excluded IP addressSpace to the data structure. |
void |
addPermittedIPAddressWithNetmask(java.lang.String address)
Adds a new permitted IP addressSpace to the data structure. |
byte[][][] |
getIPSpaces()
Returns a Vector of Vectors of IP address spaces as defined in rfc 4632. |
org.bouncycastle.asn1.DERSequence |
getNameConstraints()
Returns the NameConstraints structure of the restrictions. |
| Methods inherited from class java.lang.Object |
|---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final java.lang.String SOURCE_RESTRICTION_OID
public static final java.lang.String TARGET_RESTRICTION_OID
| Constructor Detail |
|---|
public ProxyRestrictionData(byte[] bytes)
throws java.io.IOException
bytes - The byte array to parse.
java.io.IOException - In case there is a problem parsing the structure.public ProxyRestrictionData()
| Method Detail |
|---|
public void addPermittedIPAddressWithNetmask(java.lang.String address)
address - The address space to add to the allowed ip address space. Example of the format: 192.168.0.0/16.
Which equals a 192.168.0.0 with a net mask 255.255.0.0. A single IP address can be defined as
xxx.xxx.xxx.xxx/32. public void addExcludedIPAddressWithNetmask(java.lang.String address)
address - The address space to add to the allowed ip address space. Example of the format: 192.168.0.0/16.
Which equals a 192.168.0.0 with a net mask 255.255.0.0. A single IP address can be defined as
xxx.xxx.xxx.xxx/32. public org.bouncycastle.asn1.DERSequence getNameConstraints()
public byte[][][] getIPSpaces()
addExcludedIPAddressWithNetmask(String)
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||