Package com.adobe.granite.security.user
Interface SSLConfigurationService
-
public interface SSLConfigurationService
TheSSLConfigurationService
allows verifying whether a valid SSL configuration is present.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
KEYSTORE_ALIAS
The name of the alias under which key and certificate are stored in the key store.static java.lang.String
SSL_SERVICE_USER_ID
The id of the service user holding the key store.
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description boolean
isSSLConfigured(ResourceResolver resolver)
Verifies whether an HTTPs listener is configured and available.
-
-
-
Field Detail
-
SSL_SERVICE_USER_ID
static final java.lang.String SSL_SERVICE_USER_ID
The id of the service user holding the key store.- See Also:
- Constant Field Values
-
KEYSTORE_ALIAS
static final java.lang.String KEYSTORE_ALIAS
The name of the alias under which key and certificate are stored in the key store.- See Also:
- Constant Field Values
-
-
Method Detail
-
isSSLConfigured
boolean isSSLConfigured(ResourceResolver resolver) throws java.lang.SecurityException
Verifies whether an HTTPs listener is configured and available. The method must be called with the resource resolver of the admin user itself. Membership of the administrators group is insufficient.
The configuration is considered valid in the following circumstances:- An OSGi configuration for the Granite SSL Connector Factory is present
- The "Keystore User" (
SSL_SERVICE_USER_ID
normally) from the Granite SSL Connector Factory configuration exists and its key store contains a valid private key and certificate (chain) under the correct alias (KEYSTORE_ALIAS
normally) - The
SSLConfigurationService
is able to perform an HTTPS request upon its own instance and the return code is <400 or 401. Note: invalid (i.e. self-signed) SSL certificates are silently accepted. Note: The hostname to connect to is derived from the Sling Topology local endpoint property.
- Parameters:
resolver
- The admin-user resource resolver to access configuration and key store.- Returns:
true
if the SSL configuration is present and valid.- Throws:
java.lang.SecurityException
- If the resolver is not the one of the admin user.
-
-