ReplicationTrustManager (ApacheDS Protocol Ldap 2.0.0-M8 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.directory.server.ldap.replication
Class ReplicationTrustManager

java.lang.Object
  org.apache.directory.server.ldap.replication.ReplicationTrustManager

All Implemented Interfaces:: TrustManager, X509TrustManager

public class ReplicationTrustManager
extends Object
implements X509TrustManager
extends Object
implements X509TrustManager

A X509TrustManager implementation used by the replication subsystem. This implementation doesn't require the certificates to be stored in a file, instead it parses the given certificates of replica peers using Bouncycastle's X509CertParser and stores them in the in-memory KeyStore. The SunX509 TrustManagerFactory is then initialized using this KeyStore and the resulting X509TrustManager present in this factory's TrustManagers will be used internally to perform the certificate verification

Author:: Apache Directory Project

Method Summary
`static void`	`addCertificate(String certAlias, byte[] certificate)` stores the given certificate into the keystore with the given alias name
`static void`	`addCertificates(Map<String,byte[]> aliasCertMap)` loads the given map of [alias-name, certificate-data] entries into the keystore to be used by the trust manager
`void`	`checkClientTrusted(X509Certificate[] chain, String authType)`
`void`	`checkServerTrusted(X509Certificate[] chain, String authType)`
`X509Certificate[]`	`getAcceptedIssuers()`
`static ReplicationTrustManager`	`getInstance()` returns the singleton instance of ReplicationTrustManager, note that this return instance can only be used after calling the `addCertificates(Map)` method

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

addCertificates

public static void addCertificates(Map<String,byte[]> aliasCertMap)
                            throws Exception

loads the given map of [alias-name, certificate-data] entries into the keystore to be used by the trust manager

Parameters:: aliasCertMap - the map of [alias-name, certificate-data] entries
Throws:: Exception - in case of any issues related to certificate data parsing

addCertificate

public static void addCertificate(String certAlias,
                                  byte[] certificate)
                           throws Exception

stores the given certificate into the keystore with the given alias name

Parameters:: certAlias - the alias name to be used for this certificate; certificate - the X509 certificate data
Throws:: Exception - in case of any issues related to certificate data parsing

getInstance

public static ReplicationTrustManager getInstance()

returns the singleton instance of ReplicationTrustManager, note that this return instance can only be used after calling the addCertificates(Map) method

Returns:: the instance of the ReplicationTrustManager

checkClientTrusted

public void checkClientTrusted(X509Certificate[] chain,
                               String authType)
                        throws CertificateException

Specified by:: checkClientTrusted in interface X509TrustManager

Throws:: CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] chain,
                               String authType)
                        throws CertificateException

Specified by:: checkServerTrusted in interface X509TrustManager

Throws:: CertificateException

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()

Specified by:: getAcceptedIssuers in interface X509TrustManager