|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.sun.jini.tool.envcheck.AbstractPlugin
com.sun.jini.tool.envcheck.plugins.CheckJsseProps
public class CheckJsseProps
Checks whether various security oriented configuration files exist and are
accessible. content verification is done only for the login configuration,
and is limited to verifying that
javax.security.auth.login.Configuration.getConfiguration()
can
be called successfully. The -security
must be included on the
command line for these checks to be done. The checks performed include:
DynamicPolicyProvider
javax.net.ssl.trustStore
is defined
and its value is the name of a readable non-directory file
com.sun.jini.discovery.x500.trustStore
is
defined, and if so that its value is the name of a readable non-directory
file
javax.net.ssl.keyStore
is defined, and if
so that its value is the name of a readable non-directory file
java.security.auth.login.config
system property and the
login.config.url.[n]
entries in the security properties, or
the users .java.login.config
file if no other source is
defined). Verify that at least one such entry exists. Verify that all
defined configuration files exists, are readable, and are not
directories. Verify that
javax.security.auth.login.Configuration.getConfiguration()
can be called successfully.
Nested Class Summary | |
---|---|
static class |
CheckJsseProps.CheckLoginConfigInit
Checks the existence and accessibility of the login configuration. |
static class |
CheckJsseProps.CheckProviderTask
Checks the policy provider of the group. |
static class |
CheckJsseProps.GetGroupLoginConfigs
Gets login configuration urls of the group. |
Field Summary | |
---|---|
private static boolean |
doChecks
flag indicating whether to run this plugin |
(package private) EnvCheck |
envCheck
reference to the plugin container |
(package private) String |
fileAccessTask
|
Constructor Summary | |
---|---|
CheckJsseProps()
|
Method Summary | |
---|---|
private String[] |
args(String s1,
String s2)
Return a string array representing the given arguments. |
private void |
checkDiscoveryStore(SharedActivationGroupDescriptor gd)
Check the validity of the discovery trust store definition for the command line or group. |
private boolean |
checkExistance(SharedActivationGroupDescriptor gd,
String propName,
String desc,
String source)
Check the existence of a property definition in the group or command line. |
private void |
checkKeyStore(SharedActivationGroupDescriptor gd)
Check the validity of the key store definition for the command line or group. |
private void |
checkLoginConfigs(SharedActivationGroupDescriptor gd)
Check the validity of the login configuration for the command line or group. |
private void |
checkProvider(SharedActivationGroupDescriptor gd)
Check that the security provider is an instance of DynamicPolicyProvider . |
private void |
checkTrustStore(SharedActivationGroupDescriptor gd)
Check the validity of the trust store definition for the command line or group. |
private static ArrayList |
getLoginConfigs()
Get the names of the login configuration files which will be accessed when the login configuration is constructed. |
private String |
getSource(SharedActivationGroupDescriptor gd)
Get the source string identifying the activation group (if gd is not null ) or the command line
(if gd is null ). |
boolean |
isPluginOption(String opt)
Determine whether arg is a plugin-specific command-line
option for this plugin and save any necessary state. |
void |
run(EnvCheck envCheck)
Check the security files for the current VM and for the group VM if there is a SharedActivationGroupDescriptor . |
Methods inherited from class com.sun.jini.tool.envcheck.AbstractPlugin |
---|
getBundle, getString, getString, getString, getString, handleUnexpectedSubtaskReturn, taskName |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
EnvCheck envCheck
private static boolean doChecks
String fileAccessTask
Constructor Detail |
---|
public CheckJsseProps()
Method Detail |
---|
public boolean isPluginOption(String opt)
Plugin
arg
is a plugin-specific command-line
option for this plugin and save any necessary state. State should
be saved in static fields since plugin instances may not be cached.
isPluginOption
in interface Plugin
isPluginOption
in class AbstractPlugin
opt
- the command-line option to examine
public void run(EnvCheck envCheck)
SharedActivationGroupDescriptor
.
envCheck
- a reference to the plugin containerprivate String getSource(SharedActivationGroupDescriptor gd)
gd
is not null
) or the command line
(if gd
is null
).
gd
- the group descriptor
private String[] args(String s1, String s2)
s1
- first array objects2
- second array object
private void checkTrustStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkDiscoveryStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkKeyStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkLoginConfigs(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate static ArrayList getLoginConfigs()
java.security.auth.login.config
is defined with a '==', then
it's value is the sole configuration file. Otherwise, search the
security properties for property names of the form
login.config.url.[n]
, starting with n
of one
until there is a break in the sequence. Merge the resulting list with the
value of java.security.auth.login.config
if it was defined
(with a single '='). If the resulting list is not empty, return it;
otherwise, check for the existence of a file named
.java.login.config
in the users home directory. If found,
place this value in the list.
private boolean checkExistance(SharedActivationGroupDescriptor gd, String propName, String desc, String source)
gd
- the group descriptor, or null
to check
the command linepropName
- the property name to check fordesc
- phrase describing the propertysource
- the source descriptive text
true
if the property is definedprivate void checkProvider(SharedActivationGroupDescriptor gd)
DynamicPolicyProvider
. Done for the tool VM and for the
group VM if a SharedActivationGroupDescriptor
exists.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |