Package org.jboss.security
Interface JSSESecurityDomain
-
- All Superinterfaces:
BaseSecurityManager
- All Known Implementing Classes:
JBossJSSESecurityDomain
public interface JSSESecurityDomain extends BaseSecurityManager
Security domain used for configuring SSL.- Author:
- Marcus Moyses
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description Properties
getAdditionalProperties()
Returns the additional properties mapCertificate
getCertificate(String alias)
Returns the certificate with the given alias or null if no such certificate exists, from the trust store this security domain delegates to.String[]
getCipherSuites()
Returns the cipher suites that should be enabled on SSLSocketsString
getClientAlias()
Get the preferred client alias nameKey
getKey(String alias, String serviceAuthToken)
Returns the key with the given alias from the key store this security domain delegates to.KeyManager[]
getKeyManagers()
Get the KeyManagers created by the configured KeyManagerFactoryKeyStore
getKeyStore()
Get the keystore associated with the security domainString[]
getProtocols()
Returns the protocols that should be enabled on SSLSocketsString
getServerAlias()
Get the preferred server alias nameTrustManager[]
getTrustManagers()
Get the TrustManagers created by the configured TrustManagerFactoryKeyStore
getTrustStore()
Get the truststore associated with the security domain.boolean
isClientAuth()
Get the client auth flagvoid
reloadKeyAndTrustStore()
Reload/initialize keystore and truststore using the attributes set in the security domain-
Methods inherited from interface org.jboss.security.BaseSecurityManager
getSecurityDomain
-
-
-
-
Method Detail
-
getKeyStore
KeyStore getKeyStore() throws SecurityException
Get the keystore associated with the security domain- Returns:
- the keystore
- Throws:
SecurityException
-
getKeyManagers
KeyManager[] getKeyManagers() throws SecurityException
Get the KeyManagers created by the configured KeyManagerFactory- Returns:
- the initialized KeyManagers
- Throws:
SecurityException
-
getTrustStore
KeyStore getTrustStore() throws SecurityException
Get the truststore associated with the security domain. This may be the same as the keystore- Returns:
- the truststore
- Throws:
SecurityException
-
getTrustManagers
TrustManager[] getTrustManagers() throws SecurityException
Get the TrustManagers created by the configured TrustManagerFactory- Returns:
- the initialized TrustManagers
- Throws:
SecurityException
-
reloadKeyAndTrustStore
void reloadKeyAndTrustStore() throws Exception
Reload/initialize keystore and truststore using the attributes set in the security domain- Throws:
Exception
- if an error occurs
-
getServerAlias
String getServerAlias()
Get the preferred server alias name- Returns:
- the preferred server alias, in case the underlying keystore contains multiple server aliases that can be used, and we wish to have more control over picking a specific one. Will return null if no preferred server alias is configured.
-
getClientAlias
String getClientAlias()
Get the preferred client alias name- Returns:
- the preferred client alias, in case the underlying keystore contains multiple client aliases that can be used, and we wish to have more control over picking a specific one. Will return null if no preferred client alias is configured.
-
isClientAuth
boolean isClientAuth()
Get the client auth flag- Returns:
- true to instruct callers into the implementations of this interface to require client authentication during the SSL handshake. If this flag is "true", the SSL handshake is supposed to fail if a client does not provide a valid certificate.
-
getKey
Key getKey(String alias, String serviceAuthToken) throws Exception
Returns the key with the given alias from the key store this security domain delegates to. All keys except public keys require a service authentication token. In case of a public key the authentication token will be ignored, and it can be safely null.- Parameters:
alias
- - the alias corresponding to the key to be retrieved.serviceAuthToken
- - the authentication token that establishes whether the calling service has the permission to retrieve the key. If no authentication token provided, or invalid authentication token is provided, the method will throw SecurityException- Returns:
- the requested key, or null if the given alias does not exist or does not identify a key-related entry.
- Throws:
SecurityException
- for missing or invalid serviceAuthToken.IllegalStateException
- if sensitive information is requested, but no service authorization token is configured on security domain.Exception
- See Also:
KeyStore.getKey(String, char[])
-
getCertificate
Certificate getCertificate(String alias) throws Exception
Returns the certificate with the given alias or null if no such certificate exists, from the trust store this security domain delegates to.- Parameters:
alias
- - the alias corresponding to the certificate to be retrieved.- Returns:
- the requested certificate, or null if the given alias does not exist or does not identify a certificate-related entry.
- Throws:
Exception
- See Also:
KeyStore.getKey(String, char[])
-
getCipherSuites
String[] getCipherSuites()
Returns the cipher suites that should be enabled on SSLSockets- Returns:
- array of cipher suite names
-
getProtocols
String[] getProtocols()
Returns the protocols that should be enabled on SSLSockets- Returns:
- array of protocol names
-
getAdditionalProperties
Properties getAdditionalProperties()
Returns the additional properties map- Returns:
- map with additional properties
-
-