Examples of net.jini.jeri.kerberos.KerberosServerEndpoint

• net.jini.jeri.kerberos.KerberosServerEndpoint
  etf.org/rfc/rfc1964.txt">RFC 1964, over socket connections between client and server endpoints.

  Note that, because Kerberos inherently requires client authentication, this transport provider does not support distributed garbage collection (DGC); if DGC is enabled using {@link net.jini.jeri.BasicJeriExporter}, all DGC remote calls through this provider will silently fail. @com.sun.jini.impl This class uses the following {@link Logger} to log informationat the following logging levels:

  net.jini.jeri.kerberos.server

  Level	Description
  {@link java.util.logging.Level#WARNING WARNING}	unexpected failure while accepting connections on the created ServerSocket.
  {@link com.sun.jini.logging.Levels#FAILED FAILED}	problems with permission checking, server principal and Kerberos key presence checking, {@link org.ietf.jgss.GSSCredential} creation, socket connectacception, {@link org.ietf.jgss.GSSContext}establishment, credential expiration, or wrap/unwrap GSS tokens
  {@link com.sun.jini.logging.Levels#HANDLED HANDLED}	failure to set TCP no delay or keep alive properties on sockets
  {@link java.util.logging.Level#FINE FINE}	server endpoint creation, {@link net.jini.jeri.ServerCapabilities#checkConstraints checkConstraints} results, server socket creation,socket connect acceptance, server connection creation/destruction, GSSContext establishment
  {@link java.util.logging.Level#FINEST FINEST}	data message encoding/decoding using GSSContext

  When the ListenEndpoint.listen method of this implementation is invoked, a search is conducted on the private credentials of the serverSubject, the first valid KerberosKey whose principal equals to the serverPrincipal is chosen as the server credential for the listen operation. The presence of this server credential in the serverSubject as well as its validity are checked both when a new incoming connection is received and a new request arrives on an established connection; if the checks fail, the listen operation or the connection will be aborted permanently.

  This implementation uses the standard Java(TM) GSS-API. Additionally, for each inbound connection established, it invokes {@link GSSUtil#createSubject GSSUtil.createSubject} to construct aSubject instance, which encapsulates the principal and delegated credential, if any, of the corresponding remote caller. @author Sun Microsystems, Inc. @see KerberosEndpoint @see KerberosTrustVerifier @since 2.0

    throw new FailedException(name() + " failed!");
  }

  private Object createSep() throws Exception {
      try {
          KerberosServerEndpoint sep =
        KerberosServerEndpoint.getInstance(
      subject, serverPrincipal, serverHost, port, csf, ssf);
    sep.enumerateListenEndpoints(new ListenContext() {
      public ListenCookie addListenEndpoint(
          ListenEndpoint listenEndpoint) throws IOException
      {
          ListenHandle handle = listenEndpoint.listen(
        new RequestDispatcher() {

      InvocationConstraints serverConstraints =
    new InvocationConstraints(
        new InvocationConstraint[] {Integrity.YES},
        null);

      KerberosServerEndpoint serverEndpoint =
    KerberosServerEndpoint.getInstance(
    serverSubject, null, null, 0, null, null);

      serverExporter = new BasicJeriExporter(
    serverEndpoint,