Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.keystore
Class FileKeystoreManager

java.lang.Object
  extended by org.apache.geronimo.security.keystore.FileKeystoreManager
All Implemented Interfaces:
GBeanLifecycle, KeystoreManager
public class FileKeystoreManager
extends Object
implements KeystoreManager, GBeanLifecycle

An implementation of KeystoreManager that assumes every file in a specified directory is a keystore.

Version:
$Rev: 1183230 $ $Date: 2011-10-14 15:24:10 +0800 (Fri, 14 Oct 2011) $

Field Summary
static GBeanInfo GBEAN_INFO
           
 
Constructor Summary
FileKeystoreManager(URI keystoreDir, ServerInfo serverInfo, Collection keystores, Kernel kernel)
           
 
Method Summary
 KeystoreInstance createKeystore(String name, char[] password, String keystoreType)
           
 SSLContext createSSLContext(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, String trustStore, ClassLoader loader)
          Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLServerSocketFactory createSSLServerFactory(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 void doFail()
           
 void doStart()
           
 void doStop()
           
 X509Certificate generateCert(PublicKey publicKey, PrivateKey privateKey, String sigalg, int validity, String cn, String ou, String o, String l, String st, String c)
           
static GBeanInfo getGBeanInfo()
           
 KeystoreInstance getKeystore(String name, String type)
           
 KeystoreInstance[] getKeystores()
           
 KeystoreInstance[] getUnlockedKeyStores()
           
 KeystoreInstance[] getUnlockedTrustStores()
           
 void initializeKeystores()
           
 String[] listKeystoreFiles()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

GBEAN_INFO

public static final GBeanInfo GBEAN_INFO
Constructor Detail

FileKeystoreManager

public FileKeystoreManager(URI keystoreDir,
                           ServerInfo serverInfo,
                           Collection keystores,
                           Kernel kernel)
Method Detail

doStart

public void doStart()
             throws Exception
Specified by:
doStart in interface GBeanLifecycle
Throws:
Exception

doStop

public void doStop()
            throws Exception
Specified by:
doStop in interface GBeanLifecycle
Throws:
Exception

doFail

public void doFail()
Specified by:
doFail in interface GBeanLifecycle

initializeKeystores

public void initializeKeystores()
Specified by:
initializeKeystores in interface KeystoreManager

listKeystoreFiles

public String[] listKeystoreFiles()

getKeystores

public KeystoreInstance[] getKeystores()
Specified by:
getKeystores in interface KeystoreManager

getKeystore

public KeystoreInstance getKeystore(String name,
                                    String type)

createSSLFactory

public SSLSocketFactory createSSLFactory(String provider,
                                         String protocol,
                                         String algorithm,
                                         String trustStore,
                                         ClassLoader loader)
                                  throws KeystoreException
Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLFactory in interface KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
A created SSLSocketFactory item created from the KeystoreManager.
Throws:
KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
NoSuchAlgorithmException
UnrecoverableKeyException
KeyStoreException
KeyManagementException
NoSuchProviderException
KeystoreException

createSSLFactory

public SSLSocketFactory createSSLFactory(String provider,
                                         String protocol,
                                         String algorithm,
                                         String keyStore,
                                         String keyAlias,
                                         String trustStore,
                                         ClassLoader loader)
                                  throws KeystoreException
Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLFactory in interface KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
A created SSLSocketFactory item created from the KeystoreManager.
Throws:
KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
KeystoreException

createSSLServerFactory

public SSLServerSocketFactory createSSLServerFactory(String provider,
                                                     String protocol,
                                                     String algorithm,
                                                     String keyStore,
                                                     String keyAlias,
                                                     String trustStore,
                                                     ClassLoader loader)
                                              throws KeystoreException
Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLServerFactory in interface KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Throws:
KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
KeystoreException

createSSLContext

public SSLContext createSSLContext(String provider,
                                   String protocol,
                                   String algorithm,
                                   String keyStore,
                                   String keyAlias,
                                   String trustStore,
                                   ClassLoader loader)
                            throws KeystoreException
Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLContext in interface KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
SSLContext using the security info provided
Throws:
KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
KeystoreException

createKeystore

public KeystoreInstance createKeystore(String name,
                                       char[] password,
                                       String keystoreType)
                                throws KeystoreException
Specified by:
createKeystore in interface KeystoreManager
Throws:
KeystoreException

getUnlockedKeyStores

public KeystoreInstance[] getUnlockedKeyStores()
Specified by:
getUnlockedKeyStores in interface KeystoreManager

getUnlockedTrustStores

public KeystoreInstance[] getUnlockedTrustStores()
Specified by:
getUnlockedTrustStores in interface KeystoreManager

getGBeanInfo

public static GBeanInfo getGBeanInfo()

generateCert

public X509Certificate generateCert(PublicKey publicKey,
                                    PrivateKey privateKey,
                                    String sigalg,
                                    int validity,
                                    String cn,
                                    String ou,
                                    String o,
                                    String l,
                                    String st,
                                    String c)
                             throws SignatureException,
                                    InvalidKeyException
Throws:
SignatureException
InvalidKeyException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2011 The Apache Geronimo development community. All Rights Reserved.