Package org.globus.common
Class CoGProperties
- java.lang.Object
-
- java.util.Dictionary<K,V>
-
- java.util.Hashtable<java.lang.Object,java.lang.Object>
-
- java.util.Properties
-
- org.globus.common.CoGProperties
-
- All Implemented Interfaces:
java.io.Serializable
,java.lang.Cloneable
,java.util.Map<java.lang.Object,java.lang.Object>
public class CoGProperties extends java.util.Properties
Responsible for managing the properties file "~/.globus/cog.properties", which holds information about various properties needed by the security classes. These properties include:- the location of the user certificate file
- the location of the user key file
- the location of the CA certificates
- the location of the proxy file
- the tcp port range
- the local ip address for DHCP systems
- the socket timeout when connecting to a myproxy host
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
BASEDN
static java.lang.String
CERT_CACHE_LIFETIME
static java.lang.String
CONFIG_FILE
the configuration file properties are read from -- located in ~/.globus"static java.lang.String
configFile
the config file locationstatic java.lang.String
CRL_CACHE_LIFETIME
Deprecated.private static java.lang.String
DEFAULT_RANDOM_ALGORITHM
private static java.lang.String
DEFAULT_RANDOM_PROVIDER
private static CoGProperties
defaultProps
the default properties filestatic java.lang.String
DELEGATION_KEY_CACHE_LIFETIME
static java.lang.String
ENFORCE_SIGNING_POLICY
private static org.apache.commons.logging.Log
logger
static java.lang.String
MDSHOST
static java.lang.String
MDSPORT
static java.lang.String
NO_CACHE
private static java.lang.String
REVERSE_DNS_CACHE_LIFETIME
private static java.lang.String
REVERSE_DNS_CACHETYPE
(package private) static java.lang.String
SOCKET_TIMEOUT
static java.lang.String
THREADED_CACHE
-
Constructor Summary
Constructors Constructor Description CoGProperties()
CoGProperties(java.lang.String file)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description boolean
enforceSigningPolicy()
static void
fixSpace(java.util.Properties p)
protected boolean
getAsBoolean(java.lang.String key, boolean defaultValue)
protected int
getAsInt(java.lang.String label, int defValue)
java.lang.String
getCaCertLocations()
Retrieves the location of the CA certificate files.long
getCertCacheLifetime()
Returns the Cert cache lifetime.long
getCRLCacheLifetime()
Deprecated.replaced bygetCertCacheLifetime()
static CoGProperties
getDefault()
java.lang.String
getDefaultPKCS11Handle()
int
getDelegationKeyCacheLifetime()
Returns the delegation key cache lifetime for all delegations from this JVM.java.lang.String
getHostName()
Returns the user specified hostname.java.lang.String
getIPAddress()
Returns the user specified ip address.java.lang.String
getPKCS11LibraryName()
java.lang.String
getProxyFile()
Retrieves the location of the proxy file.int
getProxyLifeTime()
int
getProxyStrength()
java.lang.String
getReverseDNSCacheType()
Returns the reverse DNS cache type.long
getReveseDNSCacheLifetime()
Returns the reverse DNS cache time.java.lang.String
getSecureRandomAlgorithm()
java.lang.String
getSecureRandomProvider()
int
getSocketTimeout()
Returns the timeout (in milliseconds) for sockets operations.java.lang.String
getTcpPortRange()
Returns the tcp port range.java.lang.String
getTcpSourcePortRange()
Returns the tcp source port range.java.lang.String
getUdpSourcePortRange()
Returns the udp source port range.java.lang.String
getUserCertFile()
Retrieves the location of the user cert file.java.lang.String
getUserKeyFile()
Retrieves the location of the user key file.protected static boolean
isNullOrEmpty(java.lang.String tmp)
void
load(java.io.InputStream in)
void
load(java.lang.String file)
void
save()
void
save(java.lang.String file)
void
setCaCertLocations(java.lang.String list)
static void
setDefault(CoGProperties properties)
Sets default configuration.void
setHostName(java.lang.String host)
Sets hostnamevoid
setIPAddress(java.lang.String ipAddress)
Sets ip addressvoid
setProxyFile(java.lang.String proxyFile)
void
setProxyLifeTime(int lifeTimeInHours)
void
setProxyStrength(int strength)
void
setSocketTimeout(int socketTimeout)
void
setUserCertFile(java.lang.String userCertFile)
void
setUserKeyFile(java.lang.String userKeyFile)
Sets user key file locationboolean
useDevRandom()
Returns whether to use the /dev/urandom device for seed generation.-
Methods inherited from class java.util.Properties
clear, clone, compute, computeIfAbsent, computeIfPresent, contains, containsKey, containsValue, elements, entrySet, equals, forEach, get, getOrDefault, getProperty, getProperty, hashCode, isEmpty, keys, keySet, list, list, load, loadFromXML, merge, propertyNames, put, putAll, putIfAbsent, rehash, remove, remove, replace, replace, replaceAll, save, setProperty, size, store, store, storeToXML, storeToXML, storeToXML, stringPropertyNames, toString, values
-
-
-
-
Field Detail
-
logger
private static org.apache.commons.logging.Log logger
-
DEFAULT_RANDOM_PROVIDER
private static final java.lang.String DEFAULT_RANDOM_PROVIDER
- See Also:
- Constant Field Values
-
DEFAULT_RANDOM_ALGORITHM
private static final java.lang.String DEFAULT_RANDOM_ALGORITHM
- See Also:
- Constant Field Values
-
ENFORCE_SIGNING_POLICY
public static final java.lang.String ENFORCE_SIGNING_POLICY
- See Also:
- Constant Field Values
-
DELEGATION_KEY_CACHE_LIFETIME
public static final java.lang.String DELEGATION_KEY_CACHE_LIFETIME
- See Also:
- Constant Field Values
-
CRL_CACHE_LIFETIME
@Deprecated public static final java.lang.String CRL_CACHE_LIFETIME
Deprecated.- See Also:
- Constant Field Values
-
CERT_CACHE_LIFETIME
public static final java.lang.String CERT_CACHE_LIFETIME
- See Also:
- Constant Field Values
-
MDSHOST
public static final java.lang.String MDSHOST
- See Also:
- Constant Field Values
-
MDSPORT
public static final java.lang.String MDSPORT
- See Also:
- Constant Field Values
-
BASEDN
public static final java.lang.String BASEDN
- See Also:
- Constant Field Values
-
SOCKET_TIMEOUT
static final java.lang.String SOCKET_TIMEOUT
- See Also:
- Constant Field Values
-
REVERSE_DNS_CACHETYPE
private static final java.lang.String REVERSE_DNS_CACHETYPE
- See Also:
- Constant Field Values
-
REVERSE_DNS_CACHE_LIFETIME
private static final java.lang.String REVERSE_DNS_CACHE_LIFETIME
- See Also:
- Constant Field Values
-
NO_CACHE
public static final java.lang.String NO_CACHE
- See Also:
- Constant Field Values
-
THREADED_CACHE
public static final java.lang.String THREADED_CACHE
- See Also:
- Constant Field Values
-
CONFIG_FILE
public static final java.lang.String CONFIG_FILE
the configuration file properties are read from -- located in ~/.globus"- See Also:
- Constant Field Values
-
defaultProps
private static CoGProperties defaultProps
the default properties file
-
configFile
public static java.lang.String configFile
the config file location
-
-
Method Detail
-
getDefault
public static CoGProperties getDefault()
-
setDefault
public static void setDefault(CoGProperties properties)
Sets default configuration. It can be used to set a different configuration dynamically.
-
save
public void save() throws java.io.IOException
- Throws:
java.io.IOException
-
save
public void save(java.lang.String file) throws java.io.IOException
- Throws:
java.io.IOException
-
load
public void load(java.lang.String file) throws java.io.IOException
- Throws:
java.io.IOException
-
load
public void load(java.io.InputStream in) throws java.io.IOException
- Overrides:
load
in classjava.util.Properties
- Throws:
java.io.IOException
-
fixSpace
public static void fixSpace(java.util.Properties p)
-
getUserCertFile
public java.lang.String getUserCertFile()
Retrieves the location of the user cert file. It first checks the X509_USER_CERT system property. If the property is not set, it checks next the 'usercert' property in the current configuration. If that property is not set, it returns a default location of the user cert file. The default value is the 'usercert.pem' file in the user's globus directory. For example: ${user.home}/.globus/usercert.pem.- Returns:
String
the location of the user cert file
-
setUserCertFile
public void setUserCertFile(java.lang.String userCertFile)
-
getPKCS11LibraryName
public java.lang.String getPKCS11LibraryName()
-
getDefaultPKCS11Handle
public java.lang.String getDefaultPKCS11Handle()
-
getUserKeyFile
public java.lang.String getUserKeyFile()
Retrieves the location of the user key file. It first checks the X509_USER_KEY system property. If the property is not set, it checks next the 'userkey' property in the current configuration. If that property is not set, it returns a default location of the user key file. The default value is the 'userkey.pem' file in the user's globus directory. For example: ${user.home}/.globus/userkey.pem.- Returns:
String
the location of the user key file
-
setUserKeyFile
public void setUserKeyFile(java.lang.String userKeyFile)
Sets user key file location- Parameters:
userKeyFile
- user key file location
-
getHostName
public java.lang.String getHostName()
Returns the user specified hostname. This is used for DHCP machines where java is unable to determine the right hostname/IP address. It first checks the 'GLOBUS_HOSTNAME' system property. If the property is not set, it checks the 'host' system property next. If the 'host' property is not set in the current configuration, null is returned (and default 'localhost' hostname will be used)- Returns:
String
the hostname of the machine.
-
setHostName
public void setHostName(java.lang.String host)
Sets hostname- Parameters:
host
- hostname
-
getIPAddress
public java.lang.String getIPAddress()
Returns the user specified ip address. This is used for DHCP machines where java is unable to determine the right IP address. It first checks the 'org.globus.ip' system property. If that property is not set, it checks next the 'ip' property in the current configuration. If the 'ip' property is not set in the current configuration, the hostname of the machine is looked up using thegetHostName()
function. IfgetHostName()
returns a hostname that hostname is converted into an IP address and it is returned. Otherwise, null is returned (and default ip address will be used)- Returns:
String
the ip address of the machine.
-
setIPAddress
public void setIPAddress(java.lang.String ipAddress)
Sets ip address- Parameters:
ipAddress
- ip address
-
getCaCertLocations
public java.lang.String getCaCertLocations()
Retrieves the location of the CA certificate files. It first checks the X509_CERT_DIR system property. If the property is not set, it checks next the 'cacert' property in the current configuration. If that property is not set, it tries to find the certificates using the following rules:
First the ${user.home}/.globus/certificates directory is checked. If the directory does not exist, and on a Unix machine, the /etc/grid-security/certificates directory is checked next. If that directory does not exist and GLOBUS_LOCATION system property is set then the ${GLOBUS_LOCATION}/share/certificates directory is checked. Otherwise, null is returned. This indicates that the certificates directory could not be found.
Moreover, this function can return multiple file and directory locations. The locations must be comma separated.- Returns:
String
the locations of the CA certificates
-
setCaCertLocations
public void setCaCertLocations(java.lang.String list)
-
getProxyFile
public java.lang.String getProxyFile()
Retrieves the location of the proxy file. It first checks the X509_USER_PROXY system property. If the property is not set, it checks next the 'proxy' property in the current configuration. If that property is not set, then it defaults to a value based on the following rules:
If a UID system property is set, and running on a Unix machine it returns /tmp/x509up_u${UID}. If any other machine then Unix, it returns ${tempdir}/x509up_u${UID}, where tempdir is a platform-specific temporary directory as indicated by the java.io.tmpdir system property. If a UID system property is not set, the username will be used instead of the UID. That is, it returns ${tempdir}/x509up_u_${username}
This is done this way because Java is not able to obtain the current uid.- Returns:
String
the location of the proxy file
-
setProxyFile
public void setProxyFile(java.lang.String proxyFile)
-
getTcpPortRange
public java.lang.String getTcpPortRange()
Returns the tcp port range. It first checks the 'GLOBUS_TCP_PORT_RANGE' system property. If that system property is not set then 'org.globus.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
getTcpSourcePortRange
public java.lang.String getTcpSourcePortRange()
Returns the tcp source port range. It first checks the 'GLOBUS_TCP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.tcp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
getUdpSourcePortRange
public java.lang.String getUdpSourcePortRange()
Returns the udp source port range. It first checks the 'GLOBUS_UDP_SOURCE_PORT_RANGE' system property. If that system property is not set then 'org.globus.source.udp.port.range' system property is checked. If that system property is not set then it returns the value specified in the configuration file. Returns null if the port range is not defined.
The port range is in the following form: <minport>, <maxport>- Returns:
String
the port range.
-
useDevRandom
public boolean useDevRandom()
Returns whether to use the /dev/urandom device for seed generation.- Returns:
- true if the device should be used (if available of course) Returns true by default unless specified otherwise by the user.
-
enforceSigningPolicy
public boolean enforceSigningPolicy()
-
getDelegationKeyCacheLifetime
public int getDelegationKeyCacheLifetime()
Returns the delegation key cache lifetime for all delegations from this JVM. If this property is not set or set to zero or less, no caching is done.- Returns:
- the number of milliseconds the key/pair is cached
-
getCRLCacheLifetime
@Deprecated public long getCRLCacheLifetime()
Deprecated.replaced bygetCertCacheLifetime()
Returns the CRL cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the CRLs are cached without checking for modifications on disk. Defaults to 60s.- Returns:
- the CRL cache lifetime in milliseconds
- Throws:
java.lang.NumberFormatException
- if the cache lifetime property could not be parsed
-
getCertCacheLifetime
public long getCertCacheLifetime() throws java.lang.NumberFormatException
Returns the Cert cache lifetime. If this property is set to zero or less, no caching is done. The value is the number of milliseconds the certificates are cached without checking for modifications on disk. Defaults to 60s.- Returns:
- the Cert cache lifetime in milliseconds
- Throws:
java.lang.NumberFormatException
- if the cache lifetime property could not be parsed
-
getReveseDNSCacheLifetime
public long getReveseDNSCacheLifetime() throws java.lang.NumberFormatException
Returns the reverse DNS cache time. Defaults to 1h.- Returns:
- the reverse DNS cache lifetime in milliseconds
- Throws:
java.lang.NumberFormatException
- if the cache lifetime property could not be parsed
-
getReverseDNSCacheType
public java.lang.String getReverseDNSCacheType()
Returns the reverse DNS cache type. Defaults to a threaded chache.- Returns:
- the type of cache for reverse DNS requests
-
getSecureRandomProvider
public java.lang.String getSecureRandomProvider()
-
getSecureRandomAlgorithm
public java.lang.String getSecureRandomAlgorithm()
-
getSocketTimeout
public int getSocketTimeout()
Returns the timeout (in milliseconds) for sockets operations. The default timeout of 30 seconds (30,000 ms) is returned.- Returns:
- The timeout for sockets operations. Defaults to 30 seconds.
-
setSocketTimeout
public void setSocketTimeout(int socketTimeout)
-
getProxyStrength
public int getProxyStrength()
-
setProxyStrength
public void setProxyStrength(int strength)
-
getProxyLifeTime
public int getProxyLifeTime()
-
setProxyLifeTime
public void setProxyLifeTime(int lifeTimeInHours)
-
getAsBoolean
protected boolean getAsBoolean(java.lang.String key, boolean defaultValue)
-
getAsInt
protected int getAsInt(java.lang.String label, int defValue)
-
isNullOrEmpty
protected static final boolean isNullOrEmpty(java.lang.String tmp)
-
-