• Home
• org.jglobus
• gss
• 2.1.0
• source code
• GssServer.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.globus.gsi.gssapi.example.GssServer Maven / Gradle / Ivy

/*
 * Copyright 1999-2010 University of Chicago
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in
 * compliance with the License.  You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License is
 * distributed on an "AS IS" BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
 * express or implied.
 *
 * See the License for the specific language governing permissions and limitations under the License.
 */
package org.globus.gsi.gssapi.example;

import org.globus.gsi.gssapi.GlobusGSSCredentialImpl;
import org.globus.gsi.gssapi.SSLUtil;
import org.globus.gsi.gssapi.GSSConstants;
import org.globus.gsi.gssapi.GlobusGSSManagerImpl;
import org.globus.gsi.GSIConstants;

import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSCredential;

import org.gridforum.jgss.ExtendedGSSContext;

import java.io.OutputStream;
import java.io.InputStream;
import java.net.Socket;
import java.net.ServerSocket;

public class GssServer {

    private static final String helpMsg =
	"Where options are:\n" +
	" -gss-mode mode\t\t\tmode is: 'ssl' or 'gsi' (default)\n" +
	" -deleg-type type\t\ttype is: 'none', 'limited' (default), or 'full'\n" +
	" -lifetime time\t\t\tLifetime of context. time is in seconds.\n" +
	" -rejectLimitedProxy\t\tEnables checking for limited proxies. By default off\n" +
	" -anonymous\t\t\tDo not require client authentication\n" +
	" -enable-conf\t\t\tEnables confidentiality (do encryption) (enabled by default)\n" +
	" -disable-conf\t\t\tDisables confidentiality (no encryption)";

    public static void main(String [] args) {

	String usage = "Usage: java GssServer [options] [port]";

	GetOpts opts = new GetOpts(usage, helpMsg);

	int pos = opts.parse(args);
	int port = 0;

	if (pos < args.length) {
	    port = Integer.parseInt(args[pos]);
	}

	try {
	    ServerSocket server = new ServerSocket(port);
	    System.out.println("Server running at: " + server.getLocalPort());
	    while(true) {
		Client c = new Client(server.accept(), opts);
		c.start();
	    }
	} catch (Exception e) {
	    e.printStackTrace();
	}
    }

}

class Client extends Thread {

    GetOpts opts;
    Socket s;

    public Client(Socket s, GetOpts opts) {
	this.s = s;
	this.opts = opts;
    }

    public void run() {

	System.out.println("client connected");

	// to make sure we use right impl
	GSSManager manager = new GlobusGSSManagerImpl();
	ExtendedGSSContext context = null;

	try {
	    OutputStream out = s.getOutputStream();
	    InputStream in = s.getInputStream();

	    byte [] inToken = null;
	    byte [] outToken = null;

	    context = (ExtendedGSSContext)manager.createContext((GSSCredential)null);

	    context.requestConf(opts.conf);

	    context.setOption(GSSConstants.GSS_MODE,
			      (opts.gsiMode) ?
			      GSIConstants.MODE_GSI :
			      GSIConstants.MODE_SSL);

	    context.setOption(GSSConstants.REJECT_LIMITED_PROXY,
			      new Boolean(opts.rejectLimitedProxy));

	    context.setOption(GSSConstants.REQUIRE_CLIENT_AUTH,
			      new Boolean(!opts.anonymity));

	    // Loop while there still is a token to be processed
	    while (!context.isEstablished()) {
		inToken = SSLUtil.readSslMessage(in);

		outToken
		    = context.acceptSecContext(inToken, 0, inToken.length);

		if (outToken != null) {
		    out.write(outToken);
		    out.flush();
		}
	    }

	    System.out.println("Context established.");
	    System.out.println("Initiator : " + context.getSrcName());
	    System.out.println("Acceptor  : " + context.getTargName());
	    System.out.println("Lifetime  : " + context.getLifetime());
	    System.out.println("Privacy   : " + context.getConfState());

	    GlobusGSSCredentialImpl cred =
		(GlobusGSSCredentialImpl)context.getDelegCred();
	    System.out.println("Delegated credential :");
	    if (cred != null) {
		System.out.println(cred.getX509Credential());
	    } else {
		System.out.println("None");
	    }

	    inToken = SSLUtil.readSslMessage(in);

	    outToken = context.unwrap(inToken, 0, inToken.length, null);

	    System.out.println(new String(outToken));

	    byte[] msg =
		"HTTP/1.1 404 Not Found\r\nConnection: close\r\n\r\n".getBytes();

	    outToken = context.wrap(msg, 0, msg.length, null);

	    out.write(outToken);
	    out.flush();

	} catch (Exception e) {
	    e.printStackTrace();
	} finally {
	    try { s.close(); } catch(Exception e) {}
	    try {
		context.dispose();
	    } catch (Exception e) {
		e.printStackTrace();
	    }
	    System.out.println("client disconnected");
	}
    }
}