Package com.sun.enterprise.server.pluggable

Class SecuritySupport

java.lang.Object

com.sun.enterprise.server.pluggable.SecuritySupport

Direct Known Subclasses:

SecuritySupportImpl

@Contract
public abstract class SecuritySupport
extends Object

SecuritySupport is part of PluggableFeature that provides access to internal services managed by application server.

SecuritySupport deals with loading, caching and providing access to key stores and trust stores, including their managers.

This is mainly used via the com.sun.enterprise.security.ssl.SSLUtils facade, though various other classes such as the BaseContainerCallbackHandler use this directly.

Author:

Shing Wai Chan

Field Summary

Fields

Modifier and Type	Field	Description
static String	additionalKeyStoreProp
static String	additionalTrustStoreProp
static String	KEYSTORE_PASS_PROP
static String	KEYSTORE_TYPE_PROP
static String	keyStoreProp
static String	TRUSTSTORE_PASS_PROP
static String	TRUSTSTORE_TYPE_PROP
static String	trustStoreProp

Constructor Summary

Constructors

Constructor	Description
SecuritySupport()

Method Summary

Modifier and Type	Method	Description
abstract void	checkPermission(String key)	Check permission for the given key.
static SecuritySupport	getDefaultInstance()
abstract KeyManager[]	getKeyManagers(String algorithm)
abstract KeyStore	getKeyStore(String token)
abstract KeyStore[]	getKeyStores()	This method returns an array of keystores containing keys and certificates.
abstract PrivateKey	getPrivateKeyForAlias(String alias, int keystoreIndex)	Gets the PrivateKey for specified alias from the corresponding keystore indicated by the index.
abstract String[]	getTokenNames()	This method returns an array of token names in order corresponding to array of keystores.
abstract TrustManager[]	getTrustManagers(String algorithm)
abstract KeyStore	getTrustStore(String token)
abstract KeyStore[]	getTrustStores()	This method returns an array of truststores containing certificates.
abstract KeyStore	loadNullStore(String type, int index)
void	reset()	Resets the security instance by effectively re-initializing it.
abstract void	synchronizeKeyFile(Object configContext, String fileRealmName)	TODO:V3:Cluster ConfigContext is no longer present so find out what this needs to be
abstract boolean	verifyMasterPassword(char[] masterPass)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

KEYSTORE_PASS_PROP

public static final String KEYSTORE_PASS_PROP

See Also:

Constant Field Values

TRUSTSTORE_PASS_PROP

public static final String TRUSTSTORE_PASS_PROP

See Also:

Constant Field Values

KEYSTORE_TYPE_PROP

public static final String KEYSTORE_TYPE_PROP

See Also:

Constant Field Values

TRUSTSTORE_TYPE_PROP

public static final String TRUSTSTORE_TYPE_PROP

See Also:

Constant Field Values

keyStoreProp

public static final String keyStoreProp

See Also:

Constant Field Values

additionalKeyStoreProp

public static final String additionalKeyStoreProp

See Also:

Constant Field Values

trustStoreProp

public static final String trustStoreProp

See Also:

Constant Field Values

additionalTrustStoreProp

public static final String additionalTrustStoreProp

See Also:

Constant Field Values

Constructor Detail

SecuritySupport

public SecuritySupport()

Method Detail

getDefaultInstance

public static SecuritySupport getDefaultInstance()

getKeyStores

public abstract KeyStore[] getKeyStores()

This method returns an array of keystores containing keys and certificates.

getTrustStores

public abstract KeyStore[] getTrustStores()

This method returns an array of truststores containing certificates.

getKeyStore

public abstract KeyStore getKeyStore(String token)

Parameters:

token -

Returns:

a keystore. If token is null, return the the first keystore.

getTrustStore

public abstract KeyStore getTrustStore(String token)

Parameters:

token -

Returns:

a truststore. If token is null, return the first truststore.

getKeyManagers

public abstract KeyManager[] getKeyManagers(String algorithm)
                                     throws IOException,
                                            KeyStoreException,
                                            NoSuchAlgorithmException,
                                            UnrecoverableKeyException

Parameters:

algorithm -

Returns:

KeyManagers for the specified algorithm.

Throws:

IOException

KeyStoreException

NoSuchAlgorithmException

UnrecoverableKeyException

getTrustManagers

public abstract TrustManager[] getTrustManagers(String algorithm)
                                         throws IOException,
                                                KeyStoreException,
                                                NoSuchAlgorithmException

Parameters:

algorithm -

Returns:

TrustManagers for the specified algorithm.

Throws:

IOException

KeyStoreException

NoSuchAlgorithmException

reset

public void reset()

Resets the security instance by effectively re-initializing it.

This means the default keystores and truststores will be reloaded from their default locations (which may be configured by system properties, such as with the default SecuritySupport instance).

loadNullStore

public abstract KeyStore loadNullStore(String type,
                                       int index)
                                throws KeyStoreException,
                                       IOException,
                                       NoSuchAlgorithmException,
                                       CertificateException

Parameters:

type -

index -

Returns:

load a null keystore of given type.

Throws:

KeyStoreException

IOException

NoSuchAlgorithmException

CertificateException

verifyMasterPassword

public abstract boolean verifyMasterPassword(char[] masterPass)

Parameters:

masterPass -

Returns:

result whether the given master password is correct.

getPrivateKeyForAlias

public abstract PrivateKey getPrivateKeyForAlias(String alias,
                                                 int keystoreIndex)
                                          throws KeyStoreException,
                                                 NoSuchAlgorithmException,
                                                 UnrecoverableKeyException

Gets the PrivateKey for specified alias from the corresponding keystore indicated by the index.

Parameters:

alias - Alias for which the PrivateKey is desired.

keystoreIndex - Index of the keystore.

Returns:

Throws:

KeyStoreException

NoSuchAlgorithmException

UnrecoverableKeyException

getTokenNames

public abstract String[] getTokenNames()

This method returns an array of token names in order corresponding to array of keystores.

synchronizeKeyFile

public abstract void synchronizeKeyFile(Object configContext,
                                        String fileRealmName)
                                 throws Exception

TODO:V3:Cluster ConfigContext is no longer present so find out what this needs to be

Throws:

Exception

checkPermission

public abstract void checkPermission(String key)

Check permission for the given key.

Parameters:

key -