Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.geronimo.security.keystore
Class FileKeystoreManager

java.lang.Object
  extended by org.apache.geronimo.security.keystore.FileKeystoreManager
All Implemented Interfaces:
org.apache.geronimo.gbean.GBeanLifecycle, org.apache.geronimo.management.geronimo.KeystoreManager
public class FileKeystoreManager
extends Object
implements org.apache.geronimo.management.geronimo.KeystoreManager, org.apache.geronimo.gbean.GBeanLifecycle

An implementation of KeystoreManager that assumes every file in a specified directory is a keystore.

Field Summary
static org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
           
 
Constructor Summary
FileKeystoreManager(URI keystoreDir, org.apache.geronimo.system.serverinfo.ServerInfo serverInfo, Collection keystores, org.apache.geronimo.kernel.Kernel kernel)
           
 
Method Summary
 org.apache.geronimo.management.geronimo.KeystoreInstance createKeystore(String name, char[] password)
           
 SSLContext createSSLContext(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, String trustStore, ClassLoader loader)
          Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 SSLServerSocketFactory createSSLServerFactory(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader)
          Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.
 void doFail()
           
 void doStart()
           
 void doStop()
           
 X509Certificate generateCert(PublicKey publicKey, PrivateKey privateKey, String sigalg, int validity, String cn, String ou, String o, String l, String st, String c)
           
static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()
           
 org.apache.geronimo.management.geronimo.KeystoreInstance getKeystore(String name)
           
 org.apache.geronimo.management.geronimo.KeystoreInstance[] getKeystores()
           
 org.apache.geronimo.management.geronimo.KeystoreInstance[] getUnlockedKeyStores()
           
 org.apache.geronimo.management.geronimo.KeystoreInstance[] getUnlockedTrustStores()
           
 String[] listKeystoreFiles()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

GBEAN_INFO

public static final org.apache.geronimo.gbean.GBeanInfo GBEAN_INFO
Constructor Detail

FileKeystoreManager

public FileKeystoreManager(URI keystoreDir,
                           org.apache.geronimo.system.serverinfo.ServerInfo serverInfo,
                           Collection keystores,
                           org.apache.geronimo.kernel.Kernel kernel)
Method Detail

doStart

public void doStart()
             throws Exception
Specified by:
doStart in interface org.apache.geronimo.gbean.GBeanLifecycle
Throws:
Exception

doStop

public void doStop()
            throws Exception
Specified by:
doStop in interface org.apache.geronimo.gbean.GBeanLifecycle
Throws:
Exception

doFail

public void doFail()
Specified by:
doFail in interface org.apache.geronimo.gbean.GBeanLifecycle

listKeystoreFiles

public String[] listKeystoreFiles()

getKeystores

public org.apache.geronimo.management.geronimo.KeystoreInstance[] getKeystores()
Specified by:
getKeystores in interface org.apache.geronimo.management.geronimo.KeystoreManager

getKeystore

public org.apache.geronimo.management.geronimo.KeystoreInstance getKeystore(String name)

createSSLFactory

public SSLSocketFactory createSSLFactory(String provider,
                                         String protocol,
                                         String algorithm,
                                         String trustStore,
                                         ClassLoader loader)
                                  throws org.apache.geronimo.management.geronimo.KeystoreException
Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLFactory in interface org.apache.geronimo.management.geronimo.KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
A created SSLSocketFactory item created from the KeystoreManager.
Throws:
org.apache.geronimo.management.geronimo.KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
NoSuchAlgorithmException
UnrecoverableKeyException
KeyStoreException
KeyManagementException
NoSuchProviderException
org.apache.geronimo.management.geronimo.KeystoreException

createSSLFactory

public SSLSocketFactory createSSLFactory(String provider,
                                         String protocol,
                                         String algorithm,
                                         String keyStore,
                                         String keyAlias,
                                         String trustStore,
                                         ClassLoader loader)
                                  throws org.apache.geronimo.management.geronimo.KeystoreException
Gets a SocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLFactory in interface org.apache.geronimo.management.geronimo.KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
A created SSLSocketFactory item created from the KeystoreManager.
Throws:
org.apache.geronimo.management.geronimo.KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeystoreException

createSSLServerFactory

public SSLServerSocketFactory createSSLServerFactory(String provider,
                                                     String protocol,
                                                     String algorithm,
                                                     String keyStore,
                                                     String keyAlias,
                                                     String trustStore,
                                                     ClassLoader loader)
                                              throws org.apache.geronimo.management.geronimo.KeystoreException
Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLServerFactory in interface org.apache.geronimo.management.geronimo.KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Throws:
org.apache.geronimo.management.geronimo.KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeystoreException

createSSLContext

public SSLContext createSSLContext(String provider,
                                   String protocol,
                                   String algorithm,
                                   String keyStore,
                                   String keyAlias,
                                   String trustStore,
                                   ClassLoader loader)
                            throws org.apache.geronimo.management.geronimo.KeystoreException
Gets a ServerSocketFactory using one Keystore to access the private key and another to provide the list of trusted certificate authorities.

Specified by:
createSSLContext in interface org.apache.geronimo.management.geronimo.KeystoreManager
Parameters:
provider - The SSL provider to use, or null for the default
protocol - The SSL protocol to use
algorithm - The SSL algorithm to use
keyStore - The key keystore name as provided by listKeystores. The KeystoreInstance for this keystore must be unlocked.
keyAlias - The name of the private key in the keystore. The KeystoreInstance for this keystore must have unlocked this key.
trustStore - The trust keystore name as provided by listKeystores. The KeystoreInstance for this keystore must have unlocked this key.
loader - The class loader used to resolve factory classes.
Returns:
SSLContext using the security info provided
Throws:
org.apache.geronimo.management.geronimo.KeystoreIsLocked - Occurs when the requested key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeyIsLocked - Occurs when the requested private key in the key keystore cannot be used because it has not been unlocked.
org.apache.geronimo.management.geronimo.KeystoreException

createKeystore

public org.apache.geronimo.management.geronimo.KeystoreInstance createKeystore(String name,
                                                                               char[] password)
                                                                        throws org.apache.geronimo.management.geronimo.KeystoreException
Specified by:
createKeystore in interface org.apache.geronimo.management.geronimo.KeystoreManager
Throws:
org.apache.geronimo.management.geronimo.KeystoreException

getUnlockedKeyStores

public org.apache.geronimo.management.geronimo.KeystoreInstance[] getUnlockedKeyStores()
Specified by:
getUnlockedKeyStores in interface org.apache.geronimo.management.geronimo.KeystoreManager

getUnlockedTrustStores

public org.apache.geronimo.management.geronimo.KeystoreInstance[] getUnlockedTrustStores()
Specified by:
getUnlockedTrustStores in interface org.apache.geronimo.management.geronimo.KeystoreManager

getGBeanInfo

public static org.apache.geronimo.gbean.GBeanInfo getGBeanInfo()

generateCert

public X509Certificate generateCert(PublicKey publicKey,
                                    PrivateKey privateKey,
                                    String sigalg,
                                    int validity,
                                    String cn,
                                    String ou,
                                    String o,
                                    String l,
                                    String st,
                                    String c)
                             throws SignatureException,
                                    InvalidKeyException
Throws:
SignatureException
InvalidKeyException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2003-2007 Apache Software Foundation. All Rights Reserved.