java.lang.Object
- org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler
- - org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler
  - - org.dcache.xrootd.plugins.authn.gsi.post49.GSIPost49ServerRequestHandler

```
public class GSIPost49ServerRequestHandler
extends GSIServerRequestHandler
```
Implementation of server side of GSI handshake according to XrootD 4.9+. Supports proxy delegation.

Nested Class Summary
- Nested classes/interfaces inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler
  GSIServerRequestHandler.CertRequestBuckets

Field Summary
- Fields inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler
  LOGGER, subject
- Fields inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler
  ASYNC_CIPHER_MODE, bufferHandler, challenge, CHALLENGE_BYTES, credentialManager, CRYPTO_MODE, CRYPTO_MODE_NO_PAD, dhSession, lastRequest, MAX_TIME_SKEW, noPadding, PROTO_PRE_DELEGATION, PROTO_WITH_DELEGATION, PROTOCOL, PROTOCOL_VERSION, PUBLIC_KEY_ALGORITHM, PUBLIC_KEY_FOOTER, PUBLIC_KEY_HEADER, RANDOM, rsaSession, SESSION_IV_DELIM, SESSION_IV_LEN, SUPPORTED_CIPHER_ALGORITHM, SUPPORTED_DIGESTS, SYNC_CIPHER_BLOCKSIZE, SYNC_CIPHER_MODE_PADDED, SYNC_CIPHER_MODE_UNPADDED, SYNC_CIPHER_NAME

Constructor Summary

Constructors
Constructor Description

GSIPost49ServerRequestHandler(javax.security.auth.Subject subject, GSICredentialManager credentialManager)

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`int`	`getProtocolVersion()`
`protected java.lang.String`	`getSyncCipherMode()`
`XrootdResponse<AuthenticationRequest>`	`handleCertReqStep(AuthenticationRequest request)`
`XrootdResponse<AuthenticationRequest>`	`handleCertStep(AuthenticationRequest request)`	Handle the second step (reply by client to authmore).
`XrootdResponse<AuthenticationRequest>`	`handleSigPxyStep(AuthenticationRequest request)`	Decrypt main bucket, check signed rtag, and then use included signed certificate to finalize proxy (and send to the credential store).
`boolean`	`isFinished(AuthenticationRequest request)`

Methods inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler
cancelHandshake, getDecrypter, handleCertReqStep, validateCiphers, validateDigests

Methods inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler
decryptMainBucketWithSessionKey, dhParams, extractChain, finalizeSessionKey, findSessionIVLen, generateChallengeString, isRequestExpired, postProcessMainBucket, processRSAVerification, updateLastRequest, validateCiphers, validateCryptoMode, validateDigests, verifySignedRTag

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - GSIPost49ServerRequestHandler
```
public GSIPost49ServerRequestHandler(javax.security.auth.Subject subject,
                                     GSICredentialManager credentialManager)
                              throws XrootdException
```
    Throws:
    
    XrootdException
- Method Detail
  - getProtocolVersion
```
public int getProtocolVersion()
```
    Specified by:
    
    getProtocolVersion in class GSIRequestHandler
  - handleCertReqStep
```
public XrootdResponse<AuthenticationRequest> handleCertReqStep(AuthenticationRequest request)
                                                        throws XrootdException
```
    Specified by:
    
    handleCertReqStep in class GSIServerRequestHandler
    
    Throws:
    
    XrootdException
  - handleCertStep
```
public XrootdResponse<AuthenticationRequest> handleCertStep(AuthenticationRequest request)
                                                     throws XrootdException
```
    Handle the second step (reply by client to authmore). This involves finalizing the session key, verifying rsa certificate and decrypting and verifying the signed hash. A check is then made for the existence of a proxy. If there is none, a request is generated.
    
    Specified by:
    
    handleCertStep in class GSIServerRequestHandler
    
    Parameters:
    
    request - AuthenticationRequest received by the client
    
    Returns:
    
    either an AuthenticationResponse with step kXGS_pxyreq if there is no currently valid proxy, or and OK response.
    
    Throws:
    
    XrootdException
  - handleSigPxyStep
```
public XrootdResponse<AuthenticationRequest> handleSigPxyStep(AuthenticationRequest request)
                                                       throws XrootdException
```
    Decrypt main bucket, check signed rtag, and then use included signed certificate to finalize proxy (and send to the credential store).
    
    Specified by:
    
    handleSigPxyStep in class GSIServerRequestHandler
    
    Returns:
    
    OKResponse if all is well.
    
    Throws:
    
    XrootdException
  - isFinished
```
public boolean isFinished(AuthenticationRequest request)
```
    Specified by:
    
    isFinished in class GSIServerRequestHandler
  - getSyncCipherMode
```
protected java.lang.String getSyncCipherMode()
```
    Specified by:
    
    getSyncCipherMode in class GSIRequestHandler

Class GSIPost49ServerRequestHandler

Nested Class Summary

Nested classes/interfaces inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

Field Summary

Fields inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

Fields inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Constructor Summary

Method Summary

Methods inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIServerRequestHandler

Methods inherited from class org.dcache.xrootd.plugins.authn.gsi.GSIRequestHandler

Methods inherited from class java.lang.Object

Constructor Detail

GSIPost49ServerRequestHandler

Method Detail

getProtocolVersion

handleCertReqStep

handleCertStep

handleSigPxyStep

isFinished

getSyncCipherMode