Package com.adobe.granite.auth.cert

Interface UserCertificateMapping

public interface UserCertificateMapping

Provides a service to store and map certificates to users.

Method Summary

Modifier and Type	Method	Description
Map<String,X509Certificate>	listCertificates(ResourceResolver resolver, String userId)	List the accessible certificates mapped to the given user.
void	mapCertificate(ResourceResolver resolver, String userId, X509Certificate certificate)	Maps a certificate to a user by adding it to the global trust store using an autogenerated alias based on the given user ID and a timestamp.
void	unmapCertificate(ResourceResolver resolver, String alias)	Unmaps a certificate by removing the certificate from the global trust-store.

Method Detail

mapCertificate

void mapCertificate(ResourceResolver resolver,
                    String userId,
                    X509Certificate certificate)
             throws UserCertificateMappingException

Maps a certificate to a user by adding it to the global trust store using an autogenerated alias based on the given user ID and a timestamp.

Parameters:

resolver - the resource resolver to use for accessing the global trust-store

userId - the ID of the user to map the certificate to

certificate - the certificate to map

Throws:

UserCertificateMappingException - if the mapping fails for various reasons like the given user doesn't exist or trust-store access denied

unmapCertificate

void unmapCertificate(ResourceResolver resolver,
                      String alias)
               throws UserCertificateMappingException

Unmaps a certificate by removing the certificate from the global trust-store.

Parameters:

resolver - the resource resolver to use for accessing the global trust-store

alias - the alias of the certificate to remove

Throws:

UserCertificateMappingException - if the certificate removal fails for various reasons like the given alias doesn't exist or trust-store access denied

listCertificates

Map<String,X509Certificate> listCertificates(ResourceResolver resolver,
                                                   String userId)
                                            throws UserCertificateMappingException

List the accessible certificates mapped to the given user.

Parameters:

userId - the ID of the user who's certificates are listed

Returns:

a map of accessible certificates, using the alias as key, corresponding to the given user

Throws:

UserCertificateMappingException - if the listing fails for various reasons like the given user doesn't exist or trust-store access denied