|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.glite.security.util.proxy.ProxyRestrictionData
public class ProxyRestrictionData
An utility class for defining the allowed address space, used both to define the source and target restrictions. The format is:
iGTFProxyRestrictFrom ::= NameConstraints iGTFProxyRestrictTarget ::= NameConstraints NameConstraints::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL } GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER (0..MAX) GeneralName ::= CHOICE { otherName [0] OtherName, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id } EDIPartyName ::= SEQUENCE { nameAssigner [0] DirectoryString OPTIONAL, partyName [1] DirectoryString }And in this class only the IPAddress as a IP address - netmask combination is supported.
Field Summary | |
---|---|
static java.lang.String |
SOURCE_RESTRICTION_OID
The OID for the proxy source restriction |
static java.lang.String |
TARGET_RESTRICTION_OID
The OID for the proxy target Restriction |
Constructor Summary | |
---|---|
ProxyRestrictionData()
Constructor to generate an empty ProxyRestrictionData object for creating new restrictions. |
|
ProxyRestrictionData(byte[] bytes)
Parses the restriction data from byte array. |
Method Summary | |
---|---|
void |
addExcludedIPAddressWithNetmask(java.lang.String address)
Adds a new excluded IP addressSpace to the data structure. |
void |
addPermittedIPAddressWithNetmask(java.lang.String address)
Adds a new permitted IP addressSpace to the data structure. |
byte[][][] |
getIPSpaces()
Returns a Vector of Vectors of IP address spaces as defined in rfc 4632. |
org.bouncycastle.asn1.DERSequence |
getNameConstraints()
Returns the NameConstraints structure of the restrictions. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final java.lang.String SOURCE_RESTRICTION_OID
public static final java.lang.String TARGET_RESTRICTION_OID
Constructor Detail |
---|
public ProxyRestrictionData(byte[] bytes) throws java.io.IOException
bytes
- The byte array to parse.
java.io.IOException
- In case there is a problem parsing the structure.public ProxyRestrictionData()
Method Detail |
---|
public void addPermittedIPAddressWithNetmask(java.lang.String address)
address
- The address space to add to the allowed ip address space. Example of the format: 192.168.0.0/16.
Which equals a 192.168.0.0 with a net mask 255.255.0.0. A single IP address can be defined as
xxx.xxx.xxx.xxx/32. public void addExcludedIPAddressWithNetmask(java.lang.String address)
address
- The address space to add to the allowed ip address space. Example of the format: 192.168.0.0/16.
Which equals a 192.168.0.0 with a net mask 255.255.0.0. A single IP address can be defined as
xxx.xxx.xxx.xxx/32. public org.bouncycastle.asn1.DERSequence getNameConstraints()
public byte[][][] getIPSpaces()
addExcludedIPAddressWithNetmask(String)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |