public final class Integrity extends Object implements InvocationConstraint, Serializable
RemoteException
will be
thrown (in the client or in the server, depending on which side detected
the violation). If an integrity violation on out-of-band data is detected,
an IOException
will be thrown at the point where the data
is downloaded.
Although most of the data for a remote call is transmitted in band as part of the call itself, code is downloaded out of band, based on codebase URLs that are transmitted in band. For a remote call to have integrity, the out-of-band code as well as the in-band data must have integrity. A proxy implementation that provides for integrity must ensure the integrity of both code and data.
Code signing is difficult to use for this purpose if the classes span more than a single package (because individual files are signed rather than the entire JAR file being signed, and the only automatic enforcement is that classes in a single package all have the same signers), or if the code references bundled resources (because there is no way to determine the signers of a resource). A better technique is to use codebase URLs that provide content integrity, such as HTTPMD or HTTPS URLs. If integrity-protecting codebase URLs are used, and the URLs themselves are sent as part of the integrity-protected in-band data, the result is complete object integrity. Because out-of-band communication is used, integrity-protecting URLs must either contain sufficient information to independently verify integrity (as is the case with HTTPMD URLs), or must contain sufficient information to authenticate the origin of the content and use sufficient means to maintain content integrity in transit (as is the case with HTTPS URLs).
Serialization for this class is guaranteed to produce instances that are
comparable with ==
.
Security.verifyCodebaseIntegrity
,
Serialized FormModifier and Type | Field and Description |
---|---|
static Integrity |
NO
Do not detect when message contents have been altered by third parties.
|
static Integrity |
YES
Detect when message contents (both requests and replies) have been
altered by third parties, and if detected, refuse to process the
message and throw an exception.
|
public static final Integrity YES
public static final Integrity NO
Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.