org.apache.river.landlord.LandlordProxyVerifier Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of jgdms-lib-dl Show documentation
The newest version!
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.apache.river.landlord;

import java.io.IOException;
import java.io.InvalidObjectException;
import java.io.ObjectInputStream;
import java.io.Serializable;
import java.rmi.RemoteException;
import net.jini.core.constraint.MethodConstraints;
import net.jini.core.constraint.RemoteMethodControl;
import net.jini.id.ReferentUuid;
import net.jini.id.Uuid;
import net.jini.security.TrustVerifier;
import net.jini.security.proxytrust.TrustEquivalence;
import org.apache.river.api.io.AtomicSerial;
import org.apache.river.api.io.AtomicSerial.GetArg;

/** 
 * This class defines a trust verifier for the proxies defined
 * in the landlord package.
 *
 * @see net.jini.security.TrustVerifier
 * @author Sun Microsystems, Inc.
 * @since 2.0
 */
@AtomicSerial
final public class LandlordProxyVerifier 
    implements Serializable, TrustVerifier 
{
    private static final long serialVersionUID = 1L;

    /** 
     * The canonical instance of the server reference. This
     * instance will be used by the isTrusted method 
     * as the known trusted object used to determine whether or not a
     * given proxy is equivalent in trust, content, and function.
     *
     * @serial
     */
    private final RemoteMethodControl landlord;

    /**
     * The Uuid associated landlord.
     * @serial
     */
    private final Uuid landlordUuid;

    /**
     * Returns a verifier for the proxies defined in the landlord
     * package with the specified server reference and server
     * Uuid.
     *
     * @param landlord the reference to the Landlord
     *                 being used by the leases for communication
     *                 back to the server.
     * @param landlordUuid a universally unique id that has been
     *                 assigned to the server granting of the lease.
     *                 Ideally the Uuid {@link
     *                 ReferentUuid#getReferentUuid landlord.getUuid} would
     *                 return if landlord implemented
     *                 {@link ReferentUuid}. Used to determine when
     *                 two leases can be batched together.  
     * @throws UnsupportedOperationException if landlord does
     *	       not implement both {@link RemoteMethodControl} and {@link
     *         TrustEquivalence} 
     * @throws NullPointerException if either argument is 
     *         null.
     */
    public LandlordProxyVerifier(Landlord landlord, Uuid landlordUuid) {
	this(landlord, landlordUuid, check(landlord, landlordUuid));
    }
    
    private LandlordProxyVerifier(Landlord landlord, Uuid landlordUuid, boolean check){
	this.landlord = (RemoteMethodControl)landlord;
	this.landlordUuid = landlordUuid;
    }
    
    LandlordProxyVerifier(GetArg arg) throws IOException {
	this((Landlord) arg.get("landlord", null),
		(Uuid) arg.get("landlordUuid", null));
    }
    
    private static boolean check(Landlord landlord, Uuid landlordUuid){
	if (landlord == null)
	    throw new NullPointerException("landlord must not be null");

	if (landlordUuid == null)
	    throw new NullPointerException("landlordUuid must not be null");

        if(!(landlord instanceof RemoteMethodControl)) {
            throw new UnsupportedOperationException
		("cannot construct verifier - server reference does not " +
		 "implement RemoteMethodControl");
	}
	
	if (!(landlord instanceof TrustEquivalence)) {
            throw new UnsupportedOperationException
		("cannot construct verifier - server reference does not " +
		 "implement TrustEquivalence");
        }
	return true;
    }

    /** 
     * Returns true if the specified proxy object (that is
     * not yet known to be trusted) is equivalent in trust, content, and
     * function to the canonical server reference this object was 
     * constructed with; otherwise returns false.
     *
     * @param obj proxy object that will be compared to this class's stored
     *            canonical proxy to determine whether or not the given
     *            proxy object is equivalent in trust, content, and function.
     *            
     * @return true if the specified object (that is not yet
     *                           known to be trusted) is equivalent in trust,
     *                           content, and function to the canonical inner
     *                           proxy object referenced in this class;
     *                           otherwise returns false.
     *
     * @throws NullPointerException if any argument is null
     */
    public boolean isTrustedObject(Object obj, TrustVerifier.Context ctx)
	throws RemoteException
    {
        /* Validate the arguments */
        if (obj == null || ctx == null) {
            throw new NullPointerException("arguments must not be null");
	}

        /* Prepare the input proxy object for trust verification. The types
         * of proxies, specific to the service, that this method will
         * handle are:
         *  - ConstrainableLandlordLease
         */

	// Server reference from input proxy
        final RemoteMethodControl inputProxyServer;
        if (obj instanceof ConstrainableLandlordLease) {
	    final ConstrainableLandlordLease cll = 
		(ConstrainableLandlordLease)obj;

	    // Check the landlordUuid of obj
	    if (!landlordUuid.equals(cll.landlordUuid()))
		return false;

	    // Extract the landlord ref
            inputProxyServer = (RemoteMethodControl)cll.landlord();
        } else {
	    // A proxy type we don't know about
            return false;
        }

        /* Get the client constraints currently set on the server reference
	 * of contained in the input proxy 
	 */
        final MethodConstraints mConstraints = 
	    inputProxyServer.getConstraints();

        /* Create a copy of the canonical server reference with its method
	 * constraints replaced with the method constraints on
	 * server reference of the input proxy.
         */
        final TrustEquivalence constrainedServer =
             (TrustEquivalence)landlord.setConstraints(mConstraints);
 
	/* With respect to trust, content, and function, test whether
	 * the server reference from the input proxy is equivalent to
	 * the canonical server reference we have (once method
	 * constraints have been normalized.)
	 */
        return constrainedServer.checkTrustEquivalence(inputProxyServer);
    }

    /**
     * Verifies that the server reference implements
     * TrustEquivalence.
     */
    private void readObject(ObjectInputStream in)
	throws IOException, ClassNotFoundException
    {
	in.defaultReadObject();

	if (landlord == null)
	    throw new InvalidObjectException("null landlord reference");

	if (landlordUuid == null)
	    throw new InvalidObjectException("null landlordUuid reference");

	if (!(landlord instanceof TrustEquivalence)) {
	    throw new InvalidObjectException(
		"server does not implement TrustEquivalence");
	}
    }
}