Package com.sun.enterprise.security.ssl
Class J2EEKeyManager
java.lang.Object
javax.net.ssl.X509ExtendedKeyManager
com.sun.enterprise.security.ssl.J2EEKeyManager
- All Implemented Interfaces:
KeyManager
,X509KeyManager
This a J2EE specific Key Manager class that is used to select user certificates for SSL client authentication. It delegates
most of the functionality to the provider specific KeyManager class.
- Author:
- Vivek Nagar, Harpreet Singh
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionchooseClientAlias
(String[] keyType, Principal[] issuers, Socket socket) Choose the client alias that will be used to select the client certificate for SSL client auth.chooseEngineClientAlias
(String[] keyType, Principal[] issuers, SSLEngine engine) chooseEngineServerAlias
(String keyType, Principal[] issuers, SSLEngine engine) chooseServerAlias
(String keyType, Principal[] issuers, Socket socket) Choose the server alias that will be used to select the server certificate for SSL server auth.static Subject
doClientLogin
(int type, CallbackHandler jaasHandler) Perform login on the client side.getCertificateChain
(String alias) Return the certificate chain for the specified alias.String[]
getClientAliases
(String keyType, Principal[] issuers) Return all the available client aliases for the specified key type.getPrivateKey
(String alias) Return the private key for the specified alias.String[]
getServerAliases
(String keyType, Principal[] issuers) Return all the available server aliases for the specified key type.
-
Constructor Details
-
J2EEKeyManager
-
-
Method Details
-
chooseEngineClientAlias
- Overrides:
chooseEngineClientAlias
in classX509ExtendedKeyManager
-
chooseEngineServerAlias
- Overrides:
chooseEngineServerAlias
in classX509ExtendedKeyManager
-
chooseClientAlias
Choose the client alias that will be used to select the client certificate for SSL client auth.- Parameters:
the
- keytypethe
- certificate issuers.the
- socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.- Returns:
- the alias.
-
chooseServerAlias
Choose the server alias that will be used to select the server certificate for SSL server auth.- Parameters:
the
- keytypethe
- certificate issuers.the
- socket used for this connection. This parameter can be null, in which case the method will return the most generic alias to use.- Returns:
- the alias
-
getCertificateChain
Return the certificate chain for the specified alias.- Parameters:
the
- alias.- Returns:
- the chain of X509 Certificates.
-
getClientAliases
Return all the available client aliases for the specified key type.- Parameters:
the
- keytypethe
- certificate issuers.- Returns:
- the array of aliases.
-
getServerAliases
Return all the available server aliases for the specified key type.- Parameters:
the
- keytypethe
- certificate issuers.- Returns:
- the array of aliases.
-
getPrivateKey
Return the private key for the specified alias.- Parameters:
the
- alias.- Returns:
- the private key.
-
doClientLogin
Perform login on the client side. It just simulates the login on the client side. The method uses the callback handlers and generates correct credential information that will be later sent to the server- Parameters:
int
- type whether it is username_password or certificate based login.CallbackHandler
- the callback handler to gather user information.- Throws:
LoginException
- the exception thrown by the callback handler.
-