org.opends.server.api

Class KeyManagerProvider<T extends KeyManagerProviderCfg>

java.lang.Object

org.opends.server.api.KeyManagerProvider<T>

Type Parameters:

T - The type of key manager provider configuration handled by this key manager provider implementation.

Direct Known Subclasses:

FileBasedKeyManagerProvider, JvmKeyManagerProvider, LDAPKeyManagerProvider, PKCS11KeyManagerProvider

@PublicAPI(stability=VOLATILE,
           mayInstantiate=false,
           mayExtend=true,
           mayInvoke=true)
public abstract class KeyManagerProvider<T extends KeyManagerProviderCfg>
extends Object

This class defines an API that may be used to obtain a set of javax.net.ssl.KeyManager objects for use when performing SSL communication.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	KeyManagerProvider.CertificateMonitor This class implements a monitor provider that will report alias name and expiry date for each X509 certificate associated to a key manager provider.

Constructor Summary

Constructors

Constructor and Description
KeyManagerProvider()

Method Summary

Modifier and Type	Method and Description
boolean	containsAtLeastOneKey() Verifies that the keystore has at least one usable key.
boolean	containsKeyWithAlias(String alias) Verifies that an alias is defined in the scope of this Key Manager.
void	finalizeKeyManagerProvider() Deregister certificate monitor entries associated to this key manager provider from the server and performs any other finalization that may be necessary.
protected abstract void	finalizeKeyManagerProviderImpl() Performs any other finalization actions that may be necessary by this key manager provider implementation.
protected T	getConfig() Returns the configuration associated to this key manager provider.
abstract KeyManager[]	getKeyManagers() Retrieves a set of KeyManager objects that may be used for interactions requiring access to a key manager.
protected abstract KeyStore	getKeyStore() Returns the keystore used by this key manager provider.
protected String	getName() Returns the name of this key manager provider to be used in certificate monitor entries.
abstract void	initializeKeyManagerProvider(T configuration) Initializes this key manager provider based on the information in the provided key manager provider configuration.
boolean	isConfigurationAcceptable(T configuration, List<LocalizableMessage> unacceptableReasons) Indicates whether the provided configuration is acceptable for this key manager provider.
void	registerCertificateMonitorEntries() Registers one certificate monitor entry for each X509 certificate present in this key manager provider.
protected void	setConfig(T currentConfig) Sets the configuration associated to this key manager provider.
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

KeyManagerProvider

public KeyManagerProvider()

Method Detail

initializeKeyManagerProvider

public abstract void initializeKeyManagerProvider(T configuration)
                                           throws ConfigException,
                                                  InitializationException

Initializes this key manager provider based on the information in the provided key manager provider configuration.

Parameters:

configuration - The key manager provider configuration that contains the information to use to initialize this key manager provider.

Throws:

ConfigException - If an unrecoverable problem arises in the process of performing the initialization as a result of the server configuration.

InitializationException - If a problem occurs during initialization that is not related to the server configuration.

containsKeyWithAlias

public boolean containsKeyWithAlias(String alias)

Verifies that an alias is defined in the scope of this Key Manager.

Parameters:

alias - The alias to check.

Returns:

true if the alias exists, false otherwise

containsAtLeastOneKey

public boolean containsAtLeastOneKey()

Verifies that the keystore has at least one usable key.

Returns:

true if the keystore has at least one usable key, false otherwise

isConfigurationAcceptable

public boolean isConfigurationAcceptable(T configuration,
                                         List<LocalizableMessage> unacceptableReasons)

Indicates whether the provided configuration is acceptable for this key manager provider. It should be possible to call this method on an uninitialized key manager provider instance in order to determine whether the key manager provider would be able to use the provided configuration.

Parameters:

configuration - The key manager provider configuration for which to make the determination.

unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.

Returns:

true if the provided configuration is acceptable for this key manager provider, or false if not.

finalizeKeyManagerProvider

public final void finalizeKeyManagerProvider()

Deregister certificate monitor entries associated to this key manager provider from the server and performs any other finalization that may be necessary.

finalizeKeyManagerProviderImpl

protected abstract void finalizeKeyManagerProviderImpl()

Performs any other finalization actions that may be necessary by this key manager provider implementation.

getKeyManagers

public abstract KeyManager[] getKeyManagers()
                                     throws LdapException

Retrieves a set of KeyManager objects that may be used for interactions requiring access to a key manager.

Returns:

A set of KeyManager objects that may be used for interactions requiring access to a key manager.

Throws:

LdapException - If a problem occurs while attempting to obtain the set of key managers.

registerCertificateMonitorEntries

public final void registerCertificateMonitorEntries()

Registers one certificate monitor entry for each X509 certificate present in this key manager provider.

getKeyStore

protected abstract KeyStore getKeyStore()
                                 throws LdapException

Returns the keystore used by this key manager provider.

Returns:

The KeyStore used by this key manager provider.

Throws:

LdapException - If a problem occurs while attempting to retrieve the keystore.

getConfig

protected final T getConfig()

Returns the configuration associated to this key manager provider.

Returns:

the configuration associated to this KeyManagerProvider.

setConfig

protected final void setConfig(T currentConfig)

Sets the configuration associated to this key manager provider.

Parameters:

currentConfig - The configuration to associate to this KeyManagerProvider

getName

protected String getName()

Returns the name of this key manager provider to be used in certificate monitor entries.

Default implementation returns the name of this key manager provider configuration.

Returns:

A string representing the name of KeyManagerProvider

toString

public String toString()

Overrides:

toString in class Object