Class CoGProperties

  • All Implemented Interfaces:
    Serializable, Cloneable, Map<Object,​Object>

    public class CoGProperties
    extends Properties
    Responsible for managing the properties file "~/.globus/cog.properties", which holds information about various properties needed by the security classes. These properties include:
    • the location of the user certificate file
    • the location of the user key file
    • the location of the CA certificates
    • the location of the proxy file
    • the tcp port range
    • the local ip address for DHCP systems
    • the socket timeout when connecting to a myproxy host
    See Also:
    Serialized Form
    • Method Detail

      • setDefault

        public static void setDefault​(CoGProperties properties)
        Sets default configuration. It can be used to set a different configuration dynamically.
      • fixSpace

        public static void fixSpace​(Properties p)
      • getUserCertFile

        public String getUserCertFile()
        Retrieves the location of the user cert file. It first checks the X509_USER_CERT system property. If the property is not set, it checks next the 'usercert' property in the current configuration. If that property is not set, it returns a default location of the user cert file. The default value is the 'usercert.pem' file in the user's globus directory. For example: ${user.home}/.globus/usercert.pem.
        Returns:
        String the location of the user cert file
      • setUserCertFile

        public void setUserCertFile​(String userCertFile)
      • getPKCS11LibraryName

        public String getPKCS11LibraryName()
      • getDefaultPKCS11Handle

        public String getDefaultPKCS11Handle()
      • getUserKeyFile

        public String getUserKeyFile()
        Retrieves the location of the user key file. It first checks the X509_USER_KEY system property. If the property is not set, it checks next the 'userkey' property in the current configuration. If that property is not set, it returns a default location of the user key file. The default value is the 'userkey.pem' file in the user's globus directory. For example: ${user.home}/.globus/userkey.pem.
        Returns:
        String the location of the user key file
      • setUserKeyFile

        public void setUserKeyFile​(String userKeyFile)
        Sets user key file location
        Parameters:
        userKeyFile - user key file location
      • getHostName

        public String getHostName()
        Returns the user specified hostname. This is used for DHCP machines where java is unable to determine the right hostname/IP address. It first checks the 'GLOBUS_HOSTNAME' system property. If the property is not set, it checks the 'host' system property next. If the 'host' property is not set in the current configuration, null is returned (and default 'localhost' hostname will be used)
        Returns:
        String the hostname of the machine.
      • setHostName

        public void setHostName​(String host)
        Sets hostname
        Parameters:
        host - hostname
      • getIPAddress

        public String getIPAddress()
        Returns the user specified ip address. This is used for DHCP machines where java is unable to determine the right IP address. It first checks the 'org.globus.ip' system property. If that property is not set, it checks next the 'ip' property in the current configuration. If the 'ip' property is not set in the current configuration, the hostname of the machine is looked up using the getHostName() function. If getHostName() returns a hostname that hostname is converted into an IP address and it is returned. Otherwise, null is returned (and default ip address will be used)
        Returns:
        String the ip address of the machine.
      • setIPAddress

        public void setIPAddress​(String ipAddress)
        Sets ip address
        Parameters:
        ipAddress - ip address
      • getCaCertLocations

        public String getCaCertLocations()
        Retrieves the location of the CA certificate files. It first checks the X509_CERT_DIR system property. If the property is not set, it checks next the 'cacert' property in the current configuration. If that property is not set, it tries to find the certificates using the following rules:
        First the ${user.home}/.globus/certificates directory is checked. If the directory does not exist, and on a Unix machine, the /etc/grid-security/certificates directory is checked next. If that directory does not exist and GLOBUS_LOCATION system property is set then the ${GLOBUS_LOCATION}/share/certificates directory is checked. Otherwise, null is returned. This indicates that the certificates directory could not be found.
        Moreover, this function can return multiple file and directory locations. The locations must be comma separated.
        Returns:
        String the locations of the CA certificates
      • setCaCertLocations

        public void setCaCertLocations​(String list)
      • getProxyFile

        public String getProxyFile()
        Retrieves the location of the proxy file. It first checks the X509_USER_PROXY system property. If the property is not set, it checks next the 'proxy' property in the current configuration. If that property is not set, then it defaults to a value based on the following rules:
        If a UID system property is set, and running on a Unix machine it returns /tmp/x509up_u${UID}. If any other machine then Unix, it returns ${tempdir}/x509up_u${UID}, where tempdir is a platform-specific temporary directory as indicated by the java.io.tmpdir system property. If a UID system property is not set, the username will be used instead of the UID. That is, it returns ${tempdir}/x509up_u_${username}
        This is done this way because Java is not able to obtain the current uid.
        Returns:
        String the location of the proxy file
      • setProxyFile

        public void setProxyFile​(String proxyFile)
      • getTcpPortRange

        public String getTcpPortRange()
        Returns the tcp port range. It first checks the 'GLOBUS_TCP_PORT_RANGE' system property. If that system property is not set then 'org.globus.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
        The port range is in the following form: <minport>, <maxport>
        Returns:
        String the port range.
      • getTcpSourcePortRange

        public String getTcpSourcePortRange()
        Returns the tcp source port range. It first checks the 'GLOBUS_TCP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
        The port range is in the following form: <minport>, <maxport>
        Returns:
        String the port range.
      • getUdpSourcePortRange

        public String getUdpSourcePortRange()
        Returns the udp source port range. It first checks the 'GLOBUS_UDP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.udp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
        The port range is in the following form: <minport>, <maxport>
        Returns:
        String the port range.
      • useDevRandom

        public boolean useDevRandom()
        Returns whether to use the /dev/urandom device for seed generation.
        Returns:
        true if the device should be used (if available of course) Returns true by default unless specified otherwise by the user.
      • enforceSigningPolicy

        public boolean enforceSigningPolicy()
      • getDelegationKeyCacheLifetime

        public int getDelegationKeyCacheLifetime()
        Returns the delegation key cache lifetime for all delegations from this JVM. If this property is not set or set to zero or less, no caching is done.
        Returns:
        the number of milliseconds the key/pair is cached
      • getCRLCacheLifetime

        @Deprecated
        public long getCRLCacheLifetime()
        Deprecated.
        Returns the CRL cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the CRLs are cached without checking for modifications on disk. Defaults to 60s.
        Returns:
        the CRL cache lifetime in milliseconds
        Throws:
        NumberFormatException - if the cache lifetime property could not be parsed
      • getCertCacheLifetime

        public long getCertCacheLifetime()
                                  throws NumberFormatException
        Returns the Cert cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the certificates are cached without checking for modifications on disk. Defaults to 60s.
        Returns:
        the Cert cache lifetime in milliseconds
        Throws:
        NumberFormatException - if the cache lifetime property could not be parsed
      • getReveseDNSCacheLifetime

        public long getReveseDNSCacheLifetime()
                                       throws NumberFormatException
        Returns the reverse DNS cache time. Defaults to 1h.
        Returns:
        the reverse DNS cache lifetime in milliseconds
        Throws:
        NumberFormatException - if the cache lifetime property could not be parsed
      • getReverseDNSCacheType

        public String getReverseDNSCacheType()
        Returns the reverse DNS cache type. Defaults to a threaded chache.
        Returns:
        the type of cache for reverse DNS requests
      • getSecureRandomProvider

        public String getSecureRandomProvider()
      • getSecureRandomAlgorithm

        public String getSecureRandomAlgorithm()
      • getSocketTimeout

        public int getSocketTimeout()
        Returns the timeout (in milliseconds) for sockets operations. The default timeout of 30 seconds (30,000 ms) is returned.
        Returns:
        The timeout for sockets operations. Defaults to 30 seconds.
      • setSocketTimeout

        public void setSocketTimeout​(int socketTimeout)
      • getProxyStrength

        public int getProxyStrength()
      • setProxyStrength

        public void setProxyStrength​(int strength)
      • getProxyLifeTime

        public int getProxyLifeTime()
      • setProxyLifeTime

        public void setProxyLifeTime​(int lifeTimeInHours)
      • getAsBoolean

        protected boolean getAsBoolean​(String key,
                                       boolean defaultValue)
      • getAsInt

        protected int getAsInt​(String label,
                               int defValue)
      • isNullOrEmpty

        protected static final boolean isNullOrEmpty​(String tmp)