Package com.sun.enterprise.security.ssl
Class J2EEKeyManager
- java.lang.Object
-
- javax.net.ssl.X509ExtendedKeyManager
-
- com.sun.enterprise.security.ssl.J2EEKeyManager
-
- All Implemented Interfaces:
KeyManager
,X509KeyManager
public final class J2EEKeyManager extends X509ExtendedKeyManager
This a J2EE specific Key Manager class that is used to select user certificates for SSL client authentication. It delegates most of the functionality to the provider specific KeyManager class.- Author:
- Vivek Nagar, Harpreet Singh
-
-
Constructor Summary
Constructors Constructor Description J2EEKeyManager(X509KeyManager mgr, String alias)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description String
chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose the client alias that will be used to select the client certificate for SSL client auth.String
chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
String
chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
String
chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Choose the server alias that will be used to select the server certificate for SSL server auth.static Subject
doClientLogin(int type, CallbackHandler jaasHandler)
Perform login on the client side.X509Certificate[]
getCertificateChain(String alias)
Return the certificate chain for the specified alias.String[]
getClientAliases(String keyType, Principal[] issuers)
Return all the available client aliases for the specified key type.PrivateKey
getPrivateKey(String alias)
Return the private key for the specified alias.String[]
getServerAliases(String keyType, Principal[] issuers)
Return all the available server aliases for the specified key type.
-
-
-
Constructor Detail
-
J2EEKeyManager
public J2EEKeyManager(X509KeyManager mgr, String alias)
-
-
Method Detail
-
chooseEngineClientAlias
public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
- Overrides:
chooseEngineClientAlias
in classX509ExtendedKeyManager
-
chooseEngineServerAlias
public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
- Overrides:
chooseEngineServerAlias
in classX509ExtendedKeyManager
-
chooseClientAlias
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose the client alias that will be used to select the client certificate for SSL client auth.- Parameters:
the
- keytypethe
- certificate issuers.the
- socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.- Returns:
- the alias.
-
chooseServerAlias
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Choose the server alias that will be used to select the server certificate for SSL server auth.- Parameters:
the
- keytypethe
- certificate issuers.the
- socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.- Returns:
- the alias
-
getCertificateChain
public X509Certificate[] getCertificateChain(String alias)
Return the certificate chain for the specified alias.- Parameters:
the
- alias.- Returns:
- the chain of X509 Certificates.
-
getClientAliases
public String[] getClientAliases(String keyType, Principal[] issuers)
Return all the available client aliases for the specified key type.- Parameters:
the
- keytypethe
- certificate issuers.- Returns:
- the array of aliases.
-
getServerAliases
public String[] getServerAliases(String keyType, Principal[] issuers)
Return all the available server aliases for the specified key type.- Parameters:
the
- keytypethe
- certificate issuers.- Returns:
- the array of aliases.
-
getPrivateKey
public PrivateKey getPrivateKey(String alias)
Return the private key for the specified alias.- Parameters:
the
- alias.- Returns:
- the private key.
-
doClientLogin
public static Subject doClientLogin(int type, CallbackHandler jaasHandler) throws LoginException
Perform login on the client side. It just simulates the login on the client side. The method uses the callback handlers and generates correct credential information that will be later sent to the server- Parameters:
int
- type whether it is username_password or certificate based login.CallbackHandler
- the callback handler to gather user information.- Throws:
LoginException
- the exception thrown by the callback handler.
-
-