ServerEndpoint by passing the ListenEndpoint for each of them to listenContext, which will ensure an active listen operation on each endpoint, and returns an Endpoint instance corresponding to the listen operations chosen by listenContext. This method uses listenContext to cooperate with the caller to ensure the appropriate listen operations. In this cooperation,
ServerEndpoint is responsible for declaring to the caller the discrete communication endpoints represented by this ServerEndpoint as ListenEndpoint instances passed to listenContext's {@link ListenContext#addListenEndpoint addListenEndpoint} method, andServerEndpoint.enumerateListenEndpoints invocation corresponding to each discrete communication endpoint as {@link ListenCookie ListenCookie} instances returned fromlistenContext's addListenEndpoint method. ListenEndpoint, the caller (through listenContext) may choose to start a new listen operation, or it may choose to reuse a previously started listen operation that it has a ListenCookie for. This method sequentially invokes addListenEndpoint on listenContext once for each discrete communication endpoint represented by this ServerEndpoint, passing the ListenEndpoint representing that communication endpoint. If any of the invocations of ListenContext.addListenEndpoint throws an exception, this method throws that exception. Otherwise, this method returns an Endpoint instance that sends requests to be received by the listen operations chosen by listenContext.
@param listenContext the ListenContext to passthis ServerEndpoint's ListenEndpoint instances to
@return the Endpoint instance for sending requeststo this ServerEndpoint's communication endpoints being listened on
@throws IOException if an I/O exception occurs while attemptingto listen for requests on the communication endpoints represented by this ServerEndpoint. This could occur, for example, if an I/O resource associated with one of the communication endpoints is already in exclusive use, or if there are insufficient I/O resources for the operation.
@throws SecurityException if the current security context doesnot have the permissions necessary to listen for requests on one of the communication endpoints represented by this ServerEndpoint
@throws IllegalArgumentException if an invocation of theaddListenEndpoint method on the supplied ListenContext returns a ListenCookie that does not correspond to the ListenEndpoint that was passed to it
@throws NullPointerException if listenContext isnull
KerberosServerEndpoint tolistenContext, which will ensure an active listen operation on the endpoint, and returns a KerberosEndpoint instance corresponding to the listen operation chosen by listenContext. If this server endpoint's server host is null, then the endpoint returned will contain the default server host. This method computes the default by invoking {@link InetAddress#getLocalHost InetAddress.getLocalHost} to obtain anInetAddress for the local host. If InetAddress.getLocalHost throws an UnknownHostException, this method throws an UnknownHostException. The default host name will be the string returned by invoking {@link InetAddress#getHostAddress getHostAddress} on the obtainedInetAddress. If there is a security manager, its {@link SecurityManager#checkConnect(String,int) checkConnect} methodwill be invoked with the string returned by invoking {@link InetAddress#getHostName getHostName} on that sameInetAddress as the host argument and -1 as the port argument; this could result in a SecurityException.
This method invokes addListenEndpoint on listenContext once, passing a ListenEndpoint as described below. If addListenEndpoint throws an exception, then this method throws that exception. Otherwise, this method returns a KerberosEndpoint instance with the host name described above, the TCP port number bound by the listen operation represented by the {@link net.jini.jeri.ServerEndpoint.ListenHandle ListenHandle} returned by addListenEndpoint, and the sameserver principal and SocketFactory as this KerberosServerEndpoint.
The ListenEndpoint passed to addListenEndpoint represents the server subject, server principal, TCP port number, and ServerSocketFactory of this KerberosServerEndpoint. Its methods behave as follows:
{@link net.jini.jeri.ServerEndpoint.ListenEndpoint#listen ListenHandlelisten(RequestDispatcher)}:
Listens for requests received on this endpoint's TCP port, dispatching them to the supplied{@link net.jini.jeri.ServerEndpoint.ListenEndpoint#checkPermissions void checkPermissions()}:RequestDispatcherin the form of {@link net.jini.jeri.InboundRequest} instances.When the implementation of this method needs to create a new
ServerSocket, it will do so by invoking one of thecreateServerSocketmethods that returns a bound server socket on the containedServerSocketFactoryif non-null, or it will create aServerSocketdirectly otherwise.If there is a security manager, its {@link SecurityManager#checkListen checkListen} method will be invoked with this endpoint's TCP port; thiscould result in a
SecurityException. In addition, the security manager's {@link SecurityManager#checkPermission checkPermission} method will be invoked with an {@link net.jini.security.AuthenticationPermission} containing the serverprincipal of this endpoint and thelistenaction; this could also result in aSecurityException. Furthermore, before a givenInboundRequestgets dispatched to the supplied request dispatcher, the security manager's {@link SecurityManager#checkAccept checkAccept} method must have beensuccessfully invoked in the security context of thislisteninvocation with the remote IP address and port of theSocketused to receive the request, and the security manager'scheckPermissionmethod must have been successfully invoked in the same context with anAuthenticationPermissioncontaining the server principal of this endpoint as local principal, the client's authenticated principal as peer principal, and theacceptaction. ThecheckPermissionsmethod of the dispatchedInboundRequestalso performs these latter security checks. (Note that in some cases, the implementation may carry out some of these security checks indirectly, such as through invocations ofServerSocket's constructors oracceptmethod.)Once a
ListenEndpointof this provider starts to listen, each time a new inbound request comes in, it verifies that theserverSubjectof the corresponding server endpoint still holds a validKerberosKeycorresponding to itsserverPrincipal. It rejects the request if the verification fails. This guarantees that as soon as theKerberosKeyfor the principal in theSubjectis destroyed (logout) or expired, no more new requests will be accepted.Requests will be dispatched in a {@link PrivilegedAction} wrapped by a{@link SecurityContext} obtained when this method was invoked, with the{@link AccessControlContext} of that
SecurityContextineffect.Dispatched requests will implement {@link net.jini.jeri.InboundRequest#populateContext populateContext} topopulate the given collection with an element that implements the {@link net.jini.io.context.ClientHost} interface, and an element thatimplements the {@link net.jini.io.context.ClientSubject} interface. The
ClientHostelement implements {@link net.jini.io.context.ClientHost#getClientHost getClientHost} to returnthe IP address of theSocketthat the request was received over (see {@link Socket#getInetAddress}).Throws {@link IOException} if an I/O exception occurs while performingthis operation, such as if the TCP port is already in use.
Throws {@link SecurityException} if there is a security manager and aninvocation of its
checkListenorcheckPermissionmethod fails.Throws {@link NullPointerException} if
requestDispatcherisnull
Verifies that the current security context has all of the security permissions necessary to listen for requests on this endpoint.{@link Object#equals boolean equals(Object)}:If there is a security manager, its
checkListenmethod will be invoked with this endpoint's TCP port; this could result in aSecurityException. In addition, the security manager's {@link SecurityManager#checkPermission checkPermission} method will beinvoked with an {@link net.jini.security.AuthenticationPermission}containing the server principal of this endpoint and thelistenaction; this could also result in aSecurityException.Throws {@link SecurityException} if there is a security manager and aninvocation of its
checkListenorcheckPermissionmethod fails.
Compares the specified object with this@throws SecurityException if there is a security manager, andeither its {@link SecurityManager#checkListen checkListen} method fails, orListenEndpointfor equality.This method returns
trueif and only if the specified object is also aListenEndpointproduced by aKerberosServerEndpoint, and the two listen endpoints both have server subjects that compare equal using==; have the same server principal; have the same values for TCP port; and have server socket factories that are either bothnull, or have the same actual class and are equal.
serverHostis null and the security manager's {@link SecurityManager#checkConnect checkConnect} methodfails; or if the calling thread does not have permission to authenticate as the endpoint's server principal when listening for connections
@throws IllegalArgumentException {@inheritDoc}
@throws NullPointerException {@inheritDoc}
@throws UnknownHostException if this instance's server hostis null and InetAddress.getLocalHost throws an UnknownHostException
@throws UnsupportedConstraintException if the server subject ismissing any of the endpoint's server principals or the associated credentials
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |