Package org.globus.common
Class CoGProperties
- java.lang.Object
-
- java.util.Dictionary<K,V>
-
- java.util.Hashtable<Object,Object>
-
- java.util.Properties
-
- org.globus.common.CoGProperties
-
- All Implemented Interfaces:
Serializable
,Cloneable
,Map<Object,Object>
public class CoGProperties extends Properties
Responsible for managing the properties file "~/.globus/cog.properties", which holds information about various properties needed by the security classes. These properties include:- the location of the user certificate file
- the location of the user key file
- the location of the CA certificates
- the location of the proxy file
- the tcp port range
- the local ip address for DHCP systems
- the socket timeout when connecting to a myproxy host
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static String
BASEDN
static String
CERT_CACHE_LIFETIME
static String
CONFIG_FILE
the configuration file properties are read from -- located in ~/.globus"static String
configFile
the config file locationstatic String
CRL_CACHE_LIFETIME
Deprecated.static String
DELEGATION_KEY_CACHE_LIFETIME
static String
ENFORCE_SIGNING_POLICY
static String
MDSHOST
static String
MDSPORT
static String
NO_CACHE
static String
THREADED_CACHE
-
Fields inherited from class java.util.Properties
defaults
-
-
Constructor Summary
Constructors Constructor Description CoGProperties()
CoGProperties(String file)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description boolean
enforceSigningPolicy()
static void
fixSpace(Properties p)
protected boolean
getAsBoolean(String key, boolean defaultValue)
protected int
getAsInt(String label, int defValue)
String
getCaCertLocations()
Retrieves the location of the CA certificate files.long
getCertCacheLifetime()
Returns the Cert cache lifetime.long
getCRLCacheLifetime()
Deprecated.replaced bygetCertCacheLifetime()
static CoGProperties
getDefault()
String
getDefaultPKCS11Handle()
int
getDelegationKeyCacheLifetime()
Returns the delegation key cache lifetime for all delegations from this JVM.String
getHostName()
Returns the user specified hostname.String
getIPAddress()
Returns the user specified ip address.String
getPKCS11LibraryName()
String
getProxyFile()
Retrieves the location of the proxy file.int
getProxyLifeTime()
int
getProxyStrength()
String
getReverseDNSCacheType()
Returns the reverse DNS cache type.long
getReveseDNSCacheLifetime()
Returns the reverse DNS cache time.String
getSecureRandomAlgorithm()
String
getSecureRandomProvider()
int
getSocketTimeout()
Returns the timeout (in milliseconds) for sockets operations.String
getTcpPortRange()
Returns the tcp port range.String
getTcpSourcePortRange()
Returns the tcp source port range.String
getUdpSourcePortRange()
Returns the udp source port range.String
getUserCertFile()
Retrieves the location of the user cert file.String
getUserKeyFile()
Retrieves the location of the user key file.protected static boolean
isNullOrEmpty(String tmp)
void
load(InputStream in)
void
load(String file)
void
save()
void
save(String file)
void
setCaCertLocations(String list)
static void
setDefault(CoGProperties properties)
Sets default configuration.void
setHostName(String host)
Sets hostnamevoid
setIPAddress(String ipAddress)
Sets ip addressvoid
setProxyFile(String proxyFile)
void
setProxyLifeTime(int lifeTimeInHours)
void
setProxyStrength(int strength)
void
setSocketTimeout(int socketTimeout)
void
setUserCertFile(String userCertFile)
void
setUserKeyFile(String userKeyFile)
Sets user key file locationboolean
useDevRandom()
Returns whether to use the /dev/urandom device for seed generation.-
Methods inherited from class java.util.Properties
clear, clone, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, get, getOrDefault, getProperty, getProperty, hashCode, isEmpty, keys, keySet, list, list, load, loadFromXML, merge, propertyNames, put, putAll, putIfAbsent, rehash, remove, remove, replace, replace, replaceAll, save, setProperty, size, store, store, storeToXML, storeToXML, storeToXML, stringPropertyNames, toString, values
-
-
-
-
Field Detail
-
ENFORCE_SIGNING_POLICY
public static final String ENFORCE_SIGNING_POLICY
- See Also:
- Constant Field Values
-
DELEGATION_KEY_CACHE_LIFETIME
public static final String DELEGATION_KEY_CACHE_LIFETIME
- See Also:
- Constant Field Values
-
CRL_CACHE_LIFETIME
@Deprecated public static final String CRL_CACHE_LIFETIME
Deprecated.- See Also:
- Constant Field Values
-
CERT_CACHE_LIFETIME
public static final String CERT_CACHE_LIFETIME
- See Also:
- Constant Field Values
-
MDSHOST
public static final String MDSHOST
- See Also:
- Constant Field Values
-
MDSPORT
public static final String MDSPORT
- See Also:
- Constant Field Values
-
BASEDN
public static final String BASEDN
- See Also:
- Constant Field Values
-
NO_CACHE
public static final String NO_CACHE
- See Also:
- Constant Field Values
-
THREADED_CACHE
public static final String THREADED_CACHE
- See Also:
- Constant Field Values
-
CONFIG_FILE
public static final String CONFIG_FILE
the configuration file properties are read from -- located in ~/.globus"- See Also:
- Constant Field Values
-
configFile
public static String configFile
the config file location
-
-
Constructor Detail
-
CoGProperties
public CoGProperties()
-
CoGProperties
public CoGProperties(String file) throws IOException
- Throws:
IOException
-
-
Method Detail
-
getDefault
public static CoGProperties getDefault()
-
setDefault
public static void setDefault(CoGProperties properties)
Sets default configuration. It can be used to set a different configuration dynamically.
-
save
public void save() throws IOException
- Throws:
IOException
-
save
public void save(String file) throws IOException
- Throws:
IOException
-
load
public void load(String file) throws IOException
- Throws:
IOException
-
load
public void load(InputStream in) throws IOException
- Overrides:
load
in classProperties
- Throws:
IOException
-
fixSpace
public static void fixSpace(Properties p)
-
getUserCertFile
public String getUserCertFile()
Retrieves the location of the user cert file. It first checks the X509_USER_CERT system property. If the property is not set, it checks next the 'usercert' property in the current configuration. If that property is not set, it returns a default location of the user cert file. The default value is the 'usercert.pem' file in the user's globus directory. For example: ${user.home}/.globus/usercert.pem.- Returns:
String
the location of the user cert file
-
setUserCertFile
public void setUserCertFile(String userCertFile)
-
getPKCS11LibraryName
public String getPKCS11LibraryName()
-
getDefaultPKCS11Handle
public String getDefaultPKCS11Handle()
-
getUserKeyFile
public String getUserKeyFile()
Retrieves the location of the user key file. It first checks the X509_USER_KEY system property. If the property is not set, it checks next the 'userkey' property in the current configuration. If that property is not set, it returns a default location of the user key file. The default value is the 'userkey.pem' file in the user's globus directory. For example: ${user.home}/.globus/userkey.pem.- Returns:
String
the location of the user key file
-
setUserKeyFile
public void setUserKeyFile(String userKeyFile)
Sets user key file location- Parameters:
userKeyFile
- user key file location
-
getHostName
public String getHostName()
Returns the user specified hostname. This is used for DHCP machines where java is unable to determine the right hostname/IP address. It first checks the 'GLOBUS_HOSTNAME' system property. If the property is not set, it checks the 'host' system property next. If the 'host' property is not set in the current configuration, null is returned (and default 'localhost' hostname will be used)- Returns:
String
the hostname of the machine.
-
setHostName
public void setHostName(String host)
Sets hostname- Parameters:
host
- hostname
-
getIPAddress
public String getIPAddress()
Returns the user specified ip address. This is used for DHCP machines where java is unable to determine the right IP address. It first checks the 'org.globus.ip' system property. If that property is not set, it checks next the 'ip' property in the current configuration. If the 'ip' property is not set in the current configuration, the hostname of the machine is looked up using thegetHostName()
function. IfgetHostName()
returns a hostname that hostname is converted into an IP address and it is returned. Otherwise, null is returned (and default ip address will be used)- Returns:
String
the ip address of the machine.
-
setIPAddress
public void setIPAddress(String ipAddress)
Sets ip address- Parameters:
ipAddress
- ip address
-
getCaCertLocations
public String getCaCertLocations()
Retrieves the location of the CA certificate files. It first checks the X509_CERT_DIR system property. If the property is not set, it checks next the 'cacert' property in the current configuration. If that property is not set, it tries to find the certificates using the following rules:
First the ${user.home}/.globus/certificates directory is checked. If the directory does not exist, and on a Unix machine, the /etc/grid-security/certificates directory is checked next. If that directory does not exist and GLOBUS_LOCATION system property is set then the ${GLOBUS_LOCATION}/share/certificates directory is checked. Otherwise, null is returned. This indicates that the certificates directory could not be found.
Moreover, this function can return multiple file and directory locations. The locations must be comma separated.- Returns:
String
the locations of the CA certificates
-
setCaCertLocations
public void setCaCertLocations(String list)
-
getProxyFile
public String getProxyFile()
Retrieves the location of the proxy file. It first checks the X509_USER_PROXY system property. If the property is not set, it checks next the 'proxy' property in the current configuration. If that property is not set, then it defaults to a value based on the following rules:
If a UID system property is set, and running on a Unix machine it returns /tmp/x509up_u${UID}. If any other machine then Unix, it returns ${tempdir}/x509up_u${UID}, where tempdir is a platform-specific temporary directory as indicated by the java.io.tmpdir system property. If a UID system property is not set, the username will be used instead of the UID. That is, it returns ${tempdir}/x509up_u_${username}
This is done this way because Java is not able to obtain the current uid.- Returns:
String
the location of the proxy file
-
setProxyFile
public void setProxyFile(String proxyFile)
-
getTcpPortRange
public String getTcpPortRange()
Returns the tcp port range. It first checks the 'GLOBUS_TCP_PORT_RANGE' system property. If that system property is not set then 'org.globus.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
getTcpSourcePortRange
public String getTcpSourcePortRange()
Returns the tcp source port range. It first checks the 'GLOBUS_TCP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
getUdpSourcePortRange
public String getUdpSourcePortRange()
Returns the udp source port range. It first checks the 'GLOBUS_UDP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.udp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
useDevRandom
public boolean useDevRandom()
Returns whether to use the /dev/urandom device for seed generation.- Returns:
- true if the device should be used (if available of course) Returns true by default unless specified otherwise by the user.
-
enforceSigningPolicy
public boolean enforceSigningPolicy()
-
getDelegationKeyCacheLifetime
public int getDelegationKeyCacheLifetime()
Returns the delegation key cache lifetime for all delegations from this JVM. If this property is not set or set to zero or less, no caching is done.- Returns:
- the number of milliseconds the key/pair is cached
-
getCRLCacheLifetime
@Deprecated public long getCRLCacheLifetime()
Deprecated.replaced bygetCertCacheLifetime()
Returns the CRL cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the CRLs are cached without checking for modifications on disk. Defaults to 60s.- Returns:
- the CRL cache lifetime in milliseconds
- Throws:
NumberFormatException
- if the cache lifetime property could not be parsed
-
getCertCacheLifetime
public long getCertCacheLifetime() throws NumberFormatException
Returns the Cert cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the certificates are cached without checking for modifications on disk. Defaults to 60s.- Returns:
- the Cert cache lifetime in milliseconds
- Throws:
NumberFormatException
- if the cache lifetime property could not be parsed
-
getReveseDNSCacheLifetime
public long getReveseDNSCacheLifetime() throws NumberFormatException
Returns the reverse DNS cache time. Defaults to 1h.- Returns:
- the reverse DNS cache lifetime in milliseconds
- Throws:
NumberFormatException
- if the cache lifetime property could not be parsed
-
getReverseDNSCacheType
public String getReverseDNSCacheType()
Returns the reverse DNS cache type. Defaults to a threaded chache.- Returns:
- the type of cache for reverse DNS requests
-
getSecureRandomProvider
public String getSecureRandomProvider()
-
getSecureRandomAlgorithm
public String getSecureRandomAlgorithm()
-
getSocketTimeout
public int getSocketTimeout()
Returns the timeout (in milliseconds) for sockets operations. The default timeout of 30 seconds (30,000 ms) is returned.- Returns:
- The timeout for sockets operations. Defaults to 30 seconds.
-
setSocketTimeout
public void setSocketTimeout(int socketTimeout)
-
getProxyStrength
public int getProxyStrength()
-
setProxyStrength
public void setProxyStrength(int strength)
-
getProxyLifeTime
public int getProxyLifeTime()
-
setProxyLifeTime
public void setProxyLifeTime(int lifeTimeInHours)
-
getAsBoolean
protected boolean getAsBoolean(String key, boolean defaultValue)
-
getAsInt
protected int getAsInt(String label, int defValue)
-
isNullOrEmpty
protected static final boolean isNullOrEmpty(String tmp)
-
-