de.fhg.igd.semoa.server
Class Ticket

java.lang.Object
  de.fhg.igd.semoa.server.Ticket

All Implemented Interfaces:

Serializable

public class Ticket

extends Object

implements Serializable

Represents the address of an agent's hop. Agents set tickets in order to tell agent servers where to send them next. Agent servers pass tickets to agents in order to tell them where they came from.

This ticket supports methods for specifying QoS parameters that shall apply to the transport of the agent. The parameters which can be specified cover security parameters to be met by agent transport gateways. Furthermore, certificate information of the ticket's target can be passed in a ticket.

An agents server should set the certificate chain of an agent's sender in the ticket that is given to the agent. This enables agents to acquire evidence on their senders' identities. However, trust in a ticket requires trust in the hosting server, always remember that.

Please note that not all protocols support secure transport. QoS parameters are only checked by gateways which implement protocols that do support the requested security services. There is no guarantee whatsoever that the agent server or the gateways actually enable the requested security services.

This implementation is preliminary. A more elaborate version will be implemented when the nature of the parameters to be specified are better understood.

This class uses de.fhg.igd.util.URL rather than java.net.URLbecause no connection handlers need to be implemented that way.

Version:

"$Id: Ticket.java 1913 2007-08-08 02:41:53Z jpeters $"

Author:

Volker Roth

See Also:

Serialized Form

Field Summary

private X509Certificate	cachedCert_ The cached certificate object.
private byte[]	certificate_ The encoded certificate of the agent's sender.
private String	cipherSuite_ The SSL cipher suite that was used for the agent's transport, or null if the transport wasn't protected.
private ShipService	ship_ The reference to the Ship service.
private URL[]	target_ The list of alternative URLs to the destination.

Constructor Summary

Ticket(String url)
Creates a ticket with the given URL as the destination for this ticket.

Ticket(URL url)
Creates a ticket with the given URL as the destination for this ticket.

Ticket(URL[] urls)
Creates a ticket with a list of alternative URLs for the next hop.

Ticket(URL senderURL, byte[] senderCert, String cipherSuite)
Creates a ticket with the given URL and certificate.

Ticket(URL senderURL, X509Certificate senderCert)
Creates a ticket with the given URL and certificate.

Method Summary

X509Certificate	getCertificate() Returns the certificate of the sender of the agent, or null if no cert is available.
String	getCipherSuite()
String[]	getProtocols() Returns the list of protocols defined in the ticket such that each protocol appears at most once.
URL	getTarget() Returns the preferred target of this ticket.
URL[]	getTarget(String protocol) Returns the target URLs matching the given protocol in the preferred order (as defined in the constructor).
URL[]	getTargets()
boolean	isLocal() This method determines whether this ticket is pointing to the local host.
private Object	isLocal0()
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

target_

private URL[] target_

The list of alternative URLs to the destination.

certificate_

private byte[] certificate_

The encoded certificate of the agent's sender. This information is available only if the transport channel was authenticated.

cipherSuite_

private String cipherSuite_

The SSL cipher suite that was used for the agent's transport, or null if the transport wasn't protected.

ship_

private ShipService ship_

The reference to the Ship service. Since we only need the service to obtain the local ship server URL including the ship port, it is sufficient to use the Server interface of the service.

cachedCert_

private transient X509Certificate cachedCert_

The cached certificate object. This object is not serialized with the ticket.

Constructor Detail

Ticket

public Ticket(URL url)

Creates a ticket with the given URL as the destination for this ticket. Please note that the URL class used is de.fhg.igd.util.URL rather than java.net.URL.

Parameters:

url - The URL where this ticket should point to.

Throws:

NullPointerException - if the given URL is null.

Ticket

public Ticket(String url)
       throws MalformedURLException

Creates a ticket with the given URL as the destination for this ticket.

Parameters:

url - The URL where this ticket should point to.

Throws:

NullPointerException - if the given URL is null.

MalformedURLException - if the given URL is not well-formed.

Ticket

public Ticket(URL[] urls)

Creates a ticket with a list of alternative URLs for the next hop. Any one of them might be chosen as the destination for this ticket.

Parameters:

urls - The list of alternative URLs for the next hop.

Throws:

NullPointerException - if urls is null or the length of the array is 0.

Ticket

public Ticket(URL senderURL,
              X509Certificate senderCert)
       throws CertificateEncodingException

Creates a ticket with the given URL and certificate. This constructor shall be used by agent servers in order to create informative tickets for agents. This type of ticket is meant to given agents information on where they came from and who sent them.

Parameters:

senderURL - The URL of the agent's sender.

senderCert - The certificate of the agent's sender.

Throws:

CertificateEncodingException - if the given certificate is not null and cannot be encoded properly.

NullPointerException - if senderURL is null.

Ticket

public Ticket(URL senderURL,
              byte[] senderCert,
              String cipherSuite)
       throws CertificateEncodingException

Creates a ticket with the given URL and certificate. This constructor shall be used by agent servers in order to create informative tickets for agents. This type of ticket is meant to given agents information on where they came from and who sent them.

Parameters:

senderURL - The URL of the agent's sender.

senderCert - The encoding of the certificate of the agent's sender.

cipherSuite - The SSL cipher suite that was used for the agent's transport, or null if the transport wasn't protected. If there is a certificate then there should also be a cipher suite and vice versa.

Throws:

NullPointerException - if senderURL is null.

CertificateEncodingException

Method Detail

getTarget

public final URL getTarget()

Returns the preferred target of this ticket. Using a constructor that accepts muliple URLs on initialization, the preferred target is always first target in the list. If the ticket was issued by an agent server in order to pass information to an agent on where it came from then the returned URL is probably incomplete. In other words, the returned URL does not contain sufficient information to create return tickets from it. The only way to generate a valid return ticket is to look up an appropriate URL based on the host name that is contained in the returned URL.

Returns:

The URL of the ticket's target.

getTargets

public final URL[] getTargets()

Returns:

The array of target URLS.

getCipherSuite

public String getCipherSuite()

Returns:

The SSL cipher suite that was used during transport of the agent, or null if the transport was not protected.

getTarget

public final URL[] getTarget(String protocol)

Returns the target URLs matching the given protocol in the preferred order (as defined in the constructor). Preference is decreasing with increasing index in the array. The preferred choice is thus the target URL with index 0. If protocol is null then all target URLs are returned.

Parameters:

protocol - The protocol that returned target URLs should match.

Returns:

The array of target URLs that match the given protocol or an empty array with no elements in it if none were found.

getProtocols

public String[] getProtocols()

Returns the list of protocols defined in the ticket such that each protocol appears at most once. The protocols are returned in the order in which they appear in the URLs of this ticket.

Returns:

The sanitized list of protocols defined in the given ticket.

isLocal

public final boolean isLocal()

This method determines whether this ticket is pointing to the local host.

This implementation simply compares the INET address of the local host with those of the hosts of the stored URLs. If a match is found the true is returned.

Returns:

true<\code> iff the ticket is pointing to the local host.

isLocal0

private final Object isLocal0()

getCertificate

public final X509Certificate getCertificate()
                                     throws CertificateException

Returns the certificate of the sender of the agent, or null if no cert is available.

The certificate is decoded from the encoded representation stored in the ticket. The local installation must support an appropriate certificate decoding. Decoding is done by means of the default Java Security Provider (the first provider which implements a "X.509" certificate factory).

Returns:

The certificate or null if no cert is stored in the ticket.

Throws:

CertificateException - if no X.509 certificate factory is available or the certficate could not be decoded properly.

toString

public final String toString()

Returns:

The string representation of the ticket.