Interface JSSESecurityDomain

    • Method Detail

      • reloadKeyAndTrustStore

        void reloadKeyAndTrustStore()
                             throws Exception
        Reload/initialize keystore and truststore using the attributes set in the security domain
        Throws:
        Exception - if an error occurs
      • getServerAlias

        String getServerAlias()
        Get the preferred server alias name
        Returns:
        the preferred server alias, in case the underlying keystore contains multiple server aliases that can be used, and we wish to have more control over picking a specific one. Will return null if no preferred server alias is configured.
      • getClientAlias

        String getClientAlias()
        Get the preferred client alias name
        Returns:
        the preferred client alias, in case the underlying keystore contains multiple client aliases that can be used, and we wish to have more control over picking a specific one. Will return null if no preferred client alias is configured.
      • isClientAuth

        boolean isClientAuth()
        Get the client auth flag
        Returns:
        true to instruct callers into the implementations of this interface to require client authentication during the SSL handshake. If this flag is "true", the SSL handshake is supposed to fail if a client does not provide a valid certificate.
      • getKey

        Key getKey​(String alias,
                   String serviceAuthToken)
            throws Exception
        Returns the key with the given alias from the key store this security domain delegates to. All keys except public keys require a service authentication token. In case of a public key the authentication token will be ignored, and it can be safely null.
        Parameters:
        alias - - the alias corresponding to the key to be retrieved.
        serviceAuthToken - - the authentication token that establishes whether the calling service has the permission to retrieve the key. If no authentication token provided, or invalid authentication token is provided, the method will throw SecurityException
        Returns:
        the requested key, or null if the given alias does not exist or does not identify a key-related entry.
        Throws:
        SecurityException - for missing or invalid serviceAuthToken.
        IllegalStateException - if sensitive information is requested, but no service authorization token is configured on security domain.
        Exception
        See Also:
        KeyStore.getKey(String, char[])
      • getCertificate

        Certificate getCertificate​(String alias)
                            throws Exception
        Returns the certificate with the given alias or null if no such certificate exists, from the trust store this security domain delegates to.
        Parameters:
        alias - - the alias corresponding to the certificate to be retrieved.
        Returns:
        the requested certificate, or null if the given alias does not exist or does not identify a certificate-related entry.
        Throws:
        Exception
        See Also:
        KeyStore.getKey(String, char[])
      • getCipherSuites

        String[] getCipherSuites()
        Returns the cipher suites that should be enabled on SSLSockets
        Returns:
        array of cipher suite names
      • getProtocols

        String[] getProtocols()
        Returns the protocols that should be enabled on SSLSockets
        Returns:
        array of protocol names
      • getAdditionalProperties

        Properties getAdditionalProperties()
        Returns the additional properties map
        Returns:
        map with additional properties