Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.opensaml.xml.security.credential
Class KeyStoreCredentialResolver

java.lang.Object
  extended by org.opensaml.xml.security.credential.AbstractCredentialResolver
      extended by org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
          extended by org.opensaml.xml.security.credential.KeyStoreCredentialResolver
All Implemented Interfaces:
CredentialResolver, Resolver<Credential,CriteriaSet>
public class KeyStoreCredentialResolver
extends AbstractCriteriaFilteringCredentialResolver

A CredentialResolver that extracts Credential's from a key store. If no key usage type is presented at construction time this resolver will return the key, if available, regardless of the usage type provided to its resolve method.

Constructor Summary
KeyStoreCredentialResolver(KeyStore store, Map<String,String> passwords)
          Constructor.
KeyStoreCredentialResolver(KeyStore store, Map<String,String> passwords, UsageType usage)
          Constructor.
 
Method Summary
protected  Credential buildCredential(KeyStore.Entry keyStoreEntry, String entityID, UsageType usage)
          Build a credential instance from the key store entry.
protected  void checkCriteriaRequirements(CriteriaSet criteriaSet)
          Check that required credential criteria are available.
protected  boolean matchUsage(UsageType keyStoreUsage, UsageType criteriaUsage)
          Match usage enum type values from keystore configured usage and from credential criteria.
protected  X509Credential processPrivateKeyEntry(KeyStore.PrivateKeyEntry privateKeyEntry, String entityID, UsageType usage)
          Build an X509Credential from a keystore private key entry.
protected  Credential processSecretKeyEntry(KeyStore.SecretKeyEntry secretKeyEntry, String entityID, UsageType usage)
          Build a Credential from a keystore secret key entry.
protected  X509Credential processTrustedCertificateEntry(KeyStore.TrustedCertificateEntry trustedCertEntry, String entityID, UsageType usage)
          Build an X509Credential from a keystore trusted certificate entry.
protected  Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet)
          Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.
 
Methods inherited from class org.opensaml.xml.security.credential.AbstractCriteriaFilteringCredentialResolver
isMeetAllCriteria, isUnevaluableSatisfies, resolve, setMeetAllCriteria, setUnevaluableSatisfies
 
Methods inherited from class org.opensaml.xml.security.credential.AbstractCredentialResolver
resolveSingle
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyStoreCredentialResolver

public KeyStoreCredentialResolver(KeyStore store,
                                  Map<String,String> passwords)
                           throws IllegalArgumentException
Constructor.

Parameters:
store - key store credentials are retrieved from
passwords - for key entries, map key is the entity id, map value is the password
Throws:
IllegalArgumentException - thrown if the given keystore is null

KeyStoreCredentialResolver

public KeyStoreCredentialResolver(KeyStore store,
                                  Map<String,String> passwords,
                                  UsageType usage)
                           throws IllegalArgumentException
Constructor.

Parameters:
store - key store credentials are retrieved from
passwords - for key entries, map key is the entity id, map value is the password
usage - usage type of all keys in the store
Throws:
IllegalArgumentException - thrown if the given keystore is null
Method Detail

resolveFromSource

protected Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet)
                                          throws SecurityException
Subclasses are required to implement this method to resolve credentials from the implementation-specific type of underlying credential source.

Specified by:
resolveFromSource in class AbstractCriteriaFilteringCredentialResolver
Parameters:
criteriaSet - the set of criteria used to resolve credentials from the credential source
Returns:
an Iterable for the resolved set of credentials
Throws:
SecurityException - thrown if there is an error resolving credentials from the credential source

checkCriteriaRequirements

protected void checkCriteriaRequirements(CriteriaSet criteriaSet)
Check that required credential criteria are available.

Parameters:
criteriaSet - the credential criteria set to evaluate

matchUsage

protected boolean matchUsage(UsageType keyStoreUsage,
                             UsageType criteriaUsage)
Match usage enum type values from keystore configured usage and from credential criteria.

Parameters:
keyStoreUsage - the usage type configured for the keystore
criteriaUsage - the value from credential criteria
Returns:
true if the two usage specifiers match for purposes of resolving credentials, false otherwise

buildCredential

protected Credential buildCredential(KeyStore.Entry keyStoreEntry,
                                     String entityID,
                                     UsageType usage)
                              throws SecurityException
Build a credential instance from the key store entry.

Parameters:
keyStoreEntry - the key store entry to process
entityID - the entityID to include in the credential
usage - the usage type to include in the credential
Returns:
the new credential instance, appropriate to the type of key store entry being processed
Throws:
SecurityException - throw if there is a problem building a credential from the key store entry

processTrustedCertificateEntry

protected X509Credential processTrustedCertificateEntry(KeyStore.TrustedCertificateEntry trustedCertEntry,
                                                        String entityID,
                                                        UsageType usage)
Build an X509Credential from a keystore trusted certificate entry.

Parameters:
trustedCertEntry - the entry being processed
entityID - the entityID to set
usage - the usage type to set
Returns:
new X509Credential instance

processPrivateKeyEntry

protected X509Credential processPrivateKeyEntry(KeyStore.PrivateKeyEntry privateKeyEntry,
                                                String entityID,
                                                UsageType usage)
Build an X509Credential from a keystore private key entry.

Parameters:
privateKeyEntry - the entry being processed
entityID - the entityID to set
usage - the usage type to set
Returns:
new X509Credential instance

processSecretKeyEntry

protected Credential processSecretKeyEntry(KeyStore.SecretKeyEntry secretKeyEntry,
                                           String entityID,
                                           UsageType usage)
Build a Credential from a keystore secret key entry.

Parameters:
secretKeyEntry - the entry being processed
entityID - the entityID to set
usage - the usage type to set
Returns:
new Credential instance
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2006-2011 Internet2. All Rights Reserved.