Package com.sun.enterprise.security.ssl

Class J2EEKeyManager

java.lang.Object
javax.net.ssl.X509ExtendedKeyManager
com.sun.enterprise.security.ssl.J2EEKeyManager
All Implemented Interfaces:
KeyManager, X509KeyManager
public final class J2EEKeyManager extends X509ExtendedKeyManager
This a J2EE specific Key Manager class that is used to select user certificates for SSL client authentication. It delegates most of the functionality to the provider specific KeyManager class.
Author:
Vivek Nagar, Harpreet Singh

  • Constructor Details

  • Method Details

    • chooseEngineClientAlias

      public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
      Overrides:
      chooseEngineClientAlias in class X509ExtendedKeyManager

    • chooseEngineServerAlias

      public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)
      Overrides:
      chooseEngineServerAlias in class X509ExtendedKeyManager

    • chooseClientAlias

      public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
      Choose the client alias that will be used to select the client certificate for SSL client auth.
      Parameters:
      the - keytype
      the - certificate issuers.
      the - socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.
      Returns:
      the alias.

    • chooseServerAlias

      public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
      Choose the server alias that will be used to select the server certificate for SSL server auth.
      Parameters:
      the - keytype
      the - certificate issuers.
      the - socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.
      Returns:
      the alias

    • getCertificateChain

      public X509Certificate[] getCertificateChain(String alias)
      Return the certificate chain for the specified alias.
      Parameters:
      the - alias.
      Returns:
      the chain of X509 Certificates.

    • getClientAliases

      public String[] getClientAliases(String keyType, Principal[] issuers)
      Return all the available client aliases for the specified key type.
      Parameters:
      the - keytype
      the - certificate issuers.
      Returns:
      the array of aliases.

    • getServerAliases

      public String[] getServerAliases(String keyType, Principal[] issuers)
      Return all the available server aliases for the specified key type.
      Parameters:
      the - keytype
      the - certificate issuers.
      Returns:
      the array of aliases.

    • getPrivateKey

      public PrivateKey getPrivateKey(String alias)
      Return the private key for the specified alias.
      Parameters:
      the - alias.
      Returns:
      the private key.

    • doClientLogin

      public static Subject doClientLogin(int type, CallbackHandler jaasHandler) throws LoginException
      Perform login on the client side. It just simulates the login on the client side. The method uses the callback handlers and generates correct credential information that will be later sent to the server
      Parameters:
      int - type whether it is username_password or certificate based login.
      CallbackHandler - the callback handler to gather user information.
      Throws:
      LoginException - the exception thrown by the callback handler.