java.rmi.ref
Interface TrustVerifier


public interface TrustVerifier

Defines the interface for trust verifiers. The SecurityConstraint classes that are trusted can be extended beyond those defined in the java.rmi.constraint package using security providers. Similarly, the Principal classes, SecureClientEndpoint classes, and proxy objects that are trusted can be extended. A list of TrustVerifier instances is obtained as specified below. A method of each one is called with the constraint class, principal class, endpoint class, or proxy object. If any verifier returns true, the class or object is trusted. If none of the verifiers returns true, a SecurityException is thrown.

The list of trust verifiers is obtained as follows. Each of the providers returned by the getProviders method of java.security.Security is considered in order, and if a provider has a property named "rmi.verifier", and the property value is the name of a class that implements TrustVerifier and has a no-arg constructor, and no instance of that class already exists in the list, then an instance of that class is created and added to the end of the list.

Note that the SecurityConstraint semantics impose some restrictions on the extensibility of the constraint system, in that adding a new constraint class may in some cases require reimplementing the reduceBy method of existing related constraints to take the new class into account.

Since:
1.4

Method Summary
 boolean trustedClientEndpointClass(java.lang.Class c)
          Returns true if the given class is known to be a trusted SecureClientEndpoint class; returns false otherwise.
 boolean trustedConstraintClass(java.lang.Class c)
          Returns true if the given class is known to be a trusted SecurityConstraint class; returns false otherwise.
 boolean trustedPrincipalClass(java.lang.Class c)
          Returns true if the given class is known to be a trusted Principal class, instances of which can be used in security constraints; returns false otherwise.
 boolean trustedPrincipalType(java.lang.Class c)
          Returns true if the given class is known to be a trusted Principal class or a supertype, such that the class itself (not instances of the class) can be used in security constraints; returns false otherwise.
 boolean trustedProxy(java.lang.Object proxy, SecurityConstraints constraints)
          Returns true if the given proxy is known to be trusted to correctly implement the RemoteSecurity interface; returns false otherwise.
 

Method Detail

trustedConstraintClass

public boolean trustedConstraintClass(java.lang.Class c)
Returns true if the given class is known to be a trusted SecurityConstraint class; returns false otherwise. This method does not need to return true for the standard constraint classes, it need only return true for any additional constraint classes supported by the provider.
Parameters:
c - the constraint class
Returns:
true if the given class is known to be a trusted SecurityConstraint class; false otherwise

trustedPrincipalClass

public boolean trustedPrincipalClass(java.lang.Class c)
Returns true if the given class is known to be a trusted Principal class, instances of which can be used in security constraints; returns false otherwise. This method only needs to return true for the specific principal classes supported by the provider.
Parameters:
c - the principal class
Returns:
true if the given class is known to be a trusted Principal class, instances of which can be used in security constraints; false otherwise

trustedPrincipalType

public boolean trustedPrincipalType(java.lang.Class c)
Returns true if the given class is known to be a trusted Principal class or a supertype, such that the class itself (not instances of the class) can be used in security constraints; returns false otherwise. This method only needs to return true for the specific principal classes (and their supertypes) supported by the provider. This method is permitted to return true for the degenerate classes Principal, Object and Serializable.

In the usual case, for any class t, trustedPrincipalType(t) is true if there exists a class c such that trustedPrincipalClass(c) is true and t.isAssignableFrom(c) is true.

Parameters:
c - the principal class or supertype
Returns:
true if the given class is known to be a trusted Principal class or a supertype, such that the class itself (not instances of the class) can be used in security constraints; false otherwise

trustedClientEndpointClass

public boolean trustedClientEndpointClass(java.lang.Class c)
Returns true if the given class is known to be a trusted SecureClientEndpoint class; returns false otherwise. This method only needs to return true for the specific client endpoint classes used by the provider.

An RMI implementation may impose additional requirements on endpoint implementations, such as requiring code to be signed by trusted entities, but only to the extent required by government encryption control regulations.

Parameters:
c - the endpoint class
Returns:
true if the given class is known to be a trusted SecureClientEndpoint class; false otherwise

trustedProxy

public boolean trustedProxy(java.lang.Object proxy,
                            SecurityConstraints constraints)
                     throws java.rmi.RemoteException
Returns true if the given proxy is known to be trusted to correctly implement the RemoteSecurity interface; returns false otherwise. This method should always return false in most providers, leaving trust to remote object implementations using the ProxyTrust interface.
Parameters:
proxy - the proxy
constraints - constraints to use for calls to the remote object, or null
Returns:
true if the given proxy is known to be trusted to correctly implement the RemoteSecurity interface; false otherwise
Throws:
java.rmi.RemoteException - if a communication-related exception occurs
NullPointerException - if the proxy is null


Copyright © 2000 Sun Microsystems, Inc. All rights reserved