Package com.sun.enterprise.security.ssl

Class J2EEKeyManager

  • All Implemented Interfaces:
    KeyManager, X509KeyManager
    public final class J2EEKeyManager
extends X509ExtendedKeyManager
    This a J2EE specific Key Manager class that is used to select user certificates for SSL client authentication. It delegates most of the functionality to the provider specific KeyManager class.
    Author:
    Vivek Nagar, Harpreet Singh

    • Method Detail

      • chooseClientAlias

        public String chooseClientAlias​(String[] keyType,
                                Principal[] issuers,
                                Socket socket)
        Choose the client alias that will be used to select the client certificate for SSL client auth.
        Parameters:
        the - keytype
        the - certificate issuers.
        the - socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.
        Returns:
        the alias.

      • chooseServerAlias

        public String chooseServerAlias​(String keyType,
                                Principal[] issuers,
                                Socket socket)
        Choose the server alias that will be used to select the server certificate for SSL server auth.
        Parameters:
        the - keytype
        the - certificate issuers.
        the - socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.
        Returns:
        the alias

      • getCertificateChain

        public X509Certificate[] getCertificateChain​(String alias)
        Return the certificate chain for the specified alias.
        Parameters:
        the - alias.
        Returns:
        the chain of X509 Certificates.

      • getClientAliases

        public String[] getClientAliases​(String keyType,
                                 Principal[] issuers)
        Return all the available client aliases for the specified key type.
        Parameters:
        the - keytype
        the - certificate issuers.
        Returns:
        the array of aliases.

      • getServerAliases

        public String[] getServerAliases​(String keyType,
                                 Principal[] issuers)
        Return all the available server aliases for the specified key type.
        Parameters:
        the - keytype
        the - certificate issuers.
        Returns:
        the array of aliases.

      • getPrivateKey

        public PrivateKey getPrivateKey​(String alias)
        Return the private key for the specified alias.
        Parameters:
        the - alias.
        Returns:
        the private key.

      • doClientLogin

        public static Subject doClientLogin​(int type,
                                    CallbackHandler jaasHandler)
                             throws LoginException
        Perform login on the client side. It just simulates the login on the client side. The method uses the callback handlers and generates correct credential information that will be later sent to the server
        Parameters:
        int - type whether it is username_password or certificate based login.
        CallbackHandler - the callback handler to gather user information.
        Throws:
        LoginException - the exception thrown by the callback handler.