Examples of net.jini.io.UnsupportedConstraintException

• net.jini.io.UnsupportedConstraintException
  Typically used as the nested exception of a {@link java.rmi.ConnectIOException} if the constraints for a remote callcannot be satisfied. Such an exception can be thrown at the point a remote method is invoked for a variety of reasons, including:

  • A client requirement is not supported by the server.
  • A client or server requirement conflicts with some other client or server requirement.
  • A client or server requirement cannot be satisfied by the proxy implementation.
  • The local subject that would be used for authentication does not contain sufficient credentials to satisfy a client or server requirement.
  • For a client or server requirement, the proxy implementation does not implement any algorithm in common with the server (for example, because the proxy implementation only uses algorithms that are available in the client environment rather than downloading algorithm implementations).
  • A delegated remote call is being attempted, and the current time is either earlier than the granted delegation start time or later than the granted delegation stop time.

  @author Sun Microsystems, Inc. @since 2.0 @see net.jini.core.constraint.RemoteMethodControl

  protocolVersions = cr.reduce(
      new InvocationConstraints(constraints.requirements(), null));
  if (!protocolVersions.isEmpty() &&
      intersect(protocolVersions, supportedProtocols).isEmpty())
  {
      throw new UnsupportedConstraintException(
    "no supported protocols: " + protocolVersions);
  }
  preferredProtocolVersion = chooseProtocolVersion(
      protocolVersions, cr.reduce(constraints), unfulfilled);

    {
  if (!(protocolVersions.isEmpty() ||
        protocolVersions.contains(
      DiscoveryProtocolVersion.getInstance(version))))
  {
      throw new UnsupportedConstraintException(
    "disallowed protocol: " + version);
  }
    }

    if (!toReduce.isEmpty()) {
        Set s = reduce0(reduced, toReduce);
        if (!s.isEmpty()) {
      reduced = s;
        } else if (required) {
      throw new UnsupportedConstraintException(
          "constraints conflict: " + constraints);
        }
    }
      }
      return reduced;

      {
    InvocationConstraint c = (InvocationConstraint) i.next();
    if (c instanceof ServerMinPrincipal) {
        Set s = ((ServerMinPrincipal) c).elements();
        if (s.size() > 1) {
      throw new UnsupportedConstraintException(
          "multiple server principals");
        }
        Principal p = (Principal) s.iterator().next();
        if (!(p instanceof KerberosPrincipal)) {
      throw new UnsupportedConstraintException(
          "non-kerberos server principal");
        }
        if (principal == null) {
      principal = (KerberosPrincipal) p;
        } else if (!principal.equals(p)) {
      throw new UnsupportedConstraintException(
          "multiple server principals");
        }
    }
    // NYI: support ConstraintAlternatives with ServerMinPrincipals
      }
      if (principal != null) {
    return principal;
      }
      for (Iterator i = constraints.preferences().iterator(); i.hasNext(); )
      {
    InvocationConstraint c = (InvocationConstraint) i.next();
    if (c instanceof ServerMinPrincipal) {
        Set s = ((ServerMinPrincipal) c).elements();
        for (Iterator j = s.iterator(); j.hasNext(); ) {
      Principal p = (Principal) j.next();
      if (p instanceof KerberosPrincipal) {
          return (KerberosPrincipal) p;
      }
        }
    }
    // NYI: support ConstraintAlternatives with ServerMinPrincipals
      }
      throw new UnsupportedConstraintException("no kerberos principal");
  }

      return unfulfilledConstraints;
        }
    } while (client != null);
      } while (server != null);
  }
  UnsupportedConstraintException uce =
      new UnsupportedConstraintException(
      "Constraints are not supported: " + constraints);
  if (logger.isLoggable(Levels.FAILED)) {
      logThrow(
    logger, Levels.FAILED,
    SslServerEndpoint.class, "checkConstraints",

      /* Keep track of progress; remove entry when check is done */
      Map progress = new HashMap(serverPrincipals.size());
      for (Iterator i = serverPrincipals.iterator(); i.hasNext(); ) {
    X500Principal p = (X500Principal) i.next();
    if (!principals.contains(p)) {
        throw new UnsupportedConstraintException(
      "Missing principal: " + p);
    }
    progress.put(p, X500Principal.class);
      }
      X500PrivateCredential[] privateCredentials =
    (X500PrivateCredential[]) AccessController.doPrivileged(
        new SubjectCredentials.GetAllPrivateCredentialsAction(
      serverSubject));
      List certPaths =
    SubjectCredentials.getCertificateChains(serverSubject);
      if (certPaths != null) {
    for (int i = certPaths.size(); --i >= 0; ) {
        CertPath chain = (CertPath) certPaths.get(i);
        X509Certificate firstCert = firstX509Cert(chain);
        X500Principal p = firstCert.getSubjectX500Principal();
        if (progress.containsKey(p)) {
      try {
          checkValidity(chain, null);
      } catch (CertificateException e) {
          progress.put(p, e);
          continue;
      }
      progress.put(p, CertPath.class);
      for (int j = privateCredentials.length; --j >= 0; ) {
          X509Certificate cert =
        privateCredentials[j].getCertificate();
          if (firstCert.equals(cert)) {
        progress.remove(p);
        break;
          }
      }
        }
    }
      }
      if (!progress.isEmpty()) {
    X500Principal p =
        (X500Principal) progress.keySet().iterator().next();
    Object result = progress.get(p);
    if (result == X500Principal.class) {
        throw new UnsupportedConstraintException(
      "Missing public credentials: " + p);
    } else if (result == CertPath.class) {
        throw new UnsupportedConstraintException(
      "Missing private credentials: " + p);
    } else {
        throw new UnsupportedConstraintException(
      "Problem with certificates: " + p + "\n" + result,
      (CertificateException) result);
    }
      }
  }

        }
    }
    if (credExcept instanceof SecurityException) {
        exception = (SecurityException) credExcept;
    } else {
        exception = new UnsupportedConstraintException(
      "Client not authenticated", credExcept);
    }
      } else {
    if (logger.isLoggable(Level.FINE)) {
        logger.log(Level.FINE,
             "new connection for {0}\ncreates {1}",
             new Object[] { callContext, this });
    }
    return;
      }
  } catch (SSLProtocolException e) {
      /*
       * Don't throw an UnsupportedConstraintException -- this is a
       * problem within the SSL implementation.
       */
      exception = e;
  } catch (SSLException e) {
      exception = new UnsupportedConstraintException(e.getMessage(), e);
  } catch (IOException e) {
      exception = e;
  } catch (SecurityException e) {
      exception = e;
  }

      serverCapabilities.checkConstraints(constraints);
  for (Iterator i = unfulfilled.requirements().iterator(); i.hasNext();)
  {
      InvocationConstraint c = (InvocationConstraint) i.next();
      if (!(c instanceof Integrity)) {
    throw new UnsupportedConstraintException(
        "cannot satisfy unfulfilled constraint: " + c);
      }
      // REMIND: support ConstraintAlternatives containing Integrity?
  }
    }

      {
    InvocationConstraint c = (InvocationConstraint) i.next();
    if (!(c instanceof Integrity) ||
        (!integrity && c == Integrity.YES))
    {
        throw new UnsupportedConstraintException(
            "cannot satisfy unfulfilled constraint: " + c);
    }
    // REMIND: support ConstraintAlternatives containing Integrity?
      }

        }
        return result;
    }
      }
  }
  UnsupportedConstraintException unsupported = null;
  if (contexts.isEmpty()) {
      unsupported = new UnsupportedConstraintException(
    "Constraints not supported: " + constraints);
  } else {
      boolean checkSubject;
      if (constrainedServer) {
    checkSubject = true;