ServerEndpoint
by passing the ListenEndpoint
for each of them to listenContext
, which will ensure an active listen operation on each endpoint, and returns an Endpoint
instance corresponding to the listen operations chosen by listenContext
. This method uses listenContext
to cooperate with the caller to ensure the appropriate listen operations. In this cooperation,
ServerEndpoint
is responsible for declaring to the caller the discrete communication endpoints represented by this ServerEndpoint
as ListenEndpoint
instances passed to listenContext
's {@link ListenContext#addListenEndpoint addListenEndpoint} method, andServerEndpoint.enumerateListenEndpoints
invocation corresponding to each discrete communication endpoint as {@link ListenCookie ListenCookie} instances returned fromlistenContext
's addListenEndpoint
method. ListenEndpoint
, the caller (through listenContext
) may choose to start a new listen operation, or it may choose to reuse a previously started listen operation that it has a ListenCookie
for. This method sequentially invokes addListenEndpoint
on listenContext
once for each discrete communication endpoint represented by this ServerEndpoint
, passing the ListenEndpoint
representing that communication endpoint. If any of the invocations of ListenContext.addListenEndpoint
throws an exception, this method throws that exception. Otherwise, this method returns an Endpoint
instance that sends requests to be received by the listen operations chosen by listenContext
.
@param listenContext the ListenContext
to passthis ServerEndpoint
's ListenEndpoint
instances to
@return the Endpoint
instance for sending requeststo this ServerEndpoint
's communication endpoints being listened on
@throws IOException if an I/O exception occurs while attemptingto listen for requests on the communication endpoints represented by this ServerEndpoint
. This could occur, for example, if an I/O resource associated with one of the communication endpoints is already in exclusive use, or if there are insufficient I/O resources for the operation.
@throws SecurityException if the current security context doesnot have the permissions necessary to listen for requests on one of the communication endpoints represented by this ServerEndpoint
@throws IllegalArgumentException if an invocation of theaddListenEndpoint
method on the supplied ListenContext
returns a ListenCookie
that does not correspond to the ListenEndpoint
that was passed to it
@throws NullPointerException if listenContext
isnull
KerberosServerEndpoint
tolistenContext
, which will ensure an active listen operation on the endpoint, and returns a KerberosEndpoint
instance corresponding to the listen operation chosen by listenContext
. If this server endpoint's server host is null
, then the endpoint returned will contain the default server host. This method computes the default by invoking {@link InetAddress#getLocalHost InetAddress.getLocalHost} to obtain anInetAddress
for the local host. If InetAddress.getLocalHost
throws an UnknownHostException
, this method throws an UnknownHostException
. The default host name will be the string returned by invoking {@link InetAddress#getHostAddress getHostAddress} on the obtainedInetAddress
. If there is a security manager, its {@link SecurityManager#checkConnect(String,int) checkConnect} methodwill be invoked with the string returned by invoking {@link InetAddress#getHostName getHostName} on that sameInetAddress
as the host argument and -1
as the port argument; this could result in a SecurityException
.
This method invokes addListenEndpoint
on listenContext
once, passing a ListenEndpoint
as described below. If addListenEndpoint
throws an exception, then this method throws that exception. Otherwise, this method returns a KerberosEndpoint
instance with the host name described above, the TCP port number bound by the listen operation represented by the {@link net.jini.jeri.ServerEndpoint.ListenHandle ListenHandle} returned by addListenEndpoint
, and the sameserver principal and SocketFactory
as this KerberosServerEndpoint
.
The ListenEndpoint
passed to addListenEndpoint
represents the server subject, server principal, TCP port number, and ServerSocketFactory
of this KerberosServerEndpoint
. Its methods behave as follows:
{@link net.jini.jeri.ServerEndpoint.ListenEndpoint#listen ListenHandlelisten(RequestDispatcher)}:
Listens for requests received on this endpoint's TCP port, dispatching them to the supplied{@link net.jini.jeri.ServerEndpoint.ListenEndpoint#checkPermissions void checkPermissions()}:RequestDispatcher
in the form of {@link net.jini.jeri.InboundRequest} instances.When the implementation of this method needs to create a new
ServerSocket
, it will do so by invoking one of thecreateServerSocket
methods that returns a bound server socket on the containedServerSocketFactory
if non-null
, or it will create aServerSocket
directly otherwise.If there is a security manager, its {@link SecurityManager#checkListen checkListen} method will be invoked with this endpoint's TCP port; thiscould result in a
SecurityException
. In addition, the security manager's {@link SecurityManager#checkPermission checkPermission} method will be invoked with an {@link net.jini.security.AuthenticationPermission} containing the serverprincipal of this endpoint and thelisten
action; this could also result in aSecurityException
. Furthermore, before a givenInboundRequest
gets dispatched to the supplied request dispatcher, the security manager's {@link SecurityManager#checkAccept checkAccept} method must have beensuccessfully invoked in the security context of thislisten
invocation with the remote IP address and port of theSocket
used to receive the request, and the security manager'scheckPermission
method must have been successfully invoked in the same context with anAuthenticationPermission
containing the server principal of this endpoint as local principal, the client's authenticated principal as peer principal, and theaccept
action. ThecheckPermissions
method of the dispatchedInboundRequest
also performs these latter security checks. (Note that in some cases, the implementation may carry out some of these security checks indirectly, such as through invocations ofServerSocket
's constructors oraccept
method.)Once a
ListenEndpoint
of this provider starts to listen, each time a new inbound request comes in, it verifies that theserverSubject
of the corresponding server endpoint still holds a validKerberosKey
corresponding to itsserverPrincipal
. It rejects the request if the verification fails. This guarantees that as soon as theKerberosKey
for the principal in theSubject
is destroyed (logout) or expired, no more new requests will be accepted.Requests will be dispatched in a {@link PrivilegedAction} wrapped by a{@link SecurityContext} obtained when this method was invoked, with the{@link AccessControlContext} of that
SecurityContext
ineffect.Dispatched requests will implement {@link net.jini.jeri.InboundRequest#populateContext populateContext} topopulate the given collection with an element that implements the {@link net.jini.io.context.ClientHost} interface, and an element thatimplements the {@link net.jini.io.context.ClientSubject} interface. The
ClientHost
element implements {@link net.jini.io.context.ClientHost#getClientHost getClientHost} to returnthe IP address of theSocket
that the request was received over (see {@link Socket#getInetAddress}).Throws {@link IOException} if an I/O exception occurs while performingthis operation, such as if the TCP port is already in use.
Throws {@link SecurityException} if there is a security manager and aninvocation of its
checkListen
orcheckPermission
method fails.Throws {@link NullPointerException} if
requestDispatcher
isnull
Verifies that the current security context has all of the security permissions necessary to listen for requests on this endpoint.{@link Object#equals boolean equals(Object)}:If there is a security manager, its
checkListen
method will be invoked with this endpoint's TCP port; this could result in aSecurityException
. In addition, the security manager's {@link SecurityManager#checkPermission checkPermission} method will beinvoked with an {@link net.jini.security.AuthenticationPermission}containing the server principal of this endpoint and thelisten
action; this could also result in aSecurityException
.Throws {@link SecurityException} if there is a security manager and aninvocation of its
checkListen
orcheckPermission
method fails.
Compares the specified object with this@throws SecurityException if there is a security manager, andeither its {@link SecurityManager#checkListen checkListen} method fails, orListenEndpoint
for equality.This method returns
true
if and only if the specified object is also aListenEndpoint
produced by aKerberosServerEndpoint
, and the two listen endpoints both have server subjects that compare equal using==
; have the same server principal; have the same values for TCP port; and have server socket factories that are either bothnull
, or have the same actual class and are equal.
serverHost
is null
and the security manager's {@link SecurityManager#checkConnect checkConnect} methodfails; or if the calling thread does not have permission to authenticate as the endpoint's server principal when listening for connections
@throws IllegalArgumentException {@inheritDoc}
@throws NullPointerException {@inheritDoc}
@throws UnknownHostException if this instance's server hostis null
and InetAddress.getLocalHost
throws an UnknownHostException
@throws UnsupportedConstraintException if the server subject ismissing any of the endpoint's server principals or the associated credentials
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|