org.opends.server.extensions

Class LDAPKeyManagerProvider

java.lang.Object

org.opends.server.api.KeyManagerProvider<LdapKeyManagerProviderCfg>

org.opends.server.extensions.LDAPKeyManagerProvider

All Implemented Interfaces:

ConfigurationChangeListener<LdapKeyManagerProviderCfg>

public final class LDAPKeyManagerProvider
extends KeyManagerProvider<LdapKeyManagerProviderCfg>
implements ConfigurationChangeListener<LdapKeyManagerProviderCfg>

This class defines a key manager provider that will access keys stored in an LDAP backend.

Nested Class Summary

Nested classes/interfaces inherited from class org.opends.server.api.KeyManagerProvider

KeyManagerProvider.CertificateMonitor

Constructor Summary

Constructors

Constructor and Description
LDAPKeyManagerProvider()

Method Summary

Modifier and Type	Method and Description
ConfigChangeResult	applyConfigurationChange(LdapKeyManagerProviderCfg cfg) Applies the configuration changes to this change listener.
boolean	containsAtLeastOneKey() Verifies that the keystore has at least one usable key.
boolean	containsKeyWithAlias(String alias) Verifies that an alias is defined in the scope of this Key Manager.
protected void	finalizeKeyManagerProviderImpl() Performs any other finalization actions that may be necessary by this key manager provider implementation.
KeyManager[]	getKeyManagers() Retrieves a set of KeyManager objects that may be used for interactions requiring access to a key manager.
protected KeyStore	getKeyStore() Returns the keystore used by this key manager provider.
void	initializeKeyManagerProvider(LdapKeyManagerProviderCfg cfg) Initializes this key manager provider based on the information in the provided key manager provider configuration.
boolean	isConfigurationAcceptable(LdapKeyManagerProviderCfg cfg, List<LocalizableMessage> unacceptableReasons) Indicates whether the provided configuration is acceptable for this key manager provider.
boolean	isConfigurationChangeAcceptable(LdapKeyManagerProviderCfg cfg, List<LocalizableMessage> unacceptableReasons) Indicates whether the proposed change to the configuration is acceptable to this change listener.

Methods inherited from class org.opends.server.api.KeyManagerProvider

finalizeKeyManagerProvider, getConfig, getName, registerCertificateMonitorEntries, setConfig, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

LDAPKeyManagerProvider

public LDAPKeyManagerProvider()

Method Detail

initializeKeyManagerProvider

public void initializeKeyManagerProvider(LdapKeyManagerProviderCfg cfg)

Description copied from class: KeyManagerProvider

Initializes this key manager provider based on the information in the provided key manager provider configuration.

Specified by:

initializeKeyManagerProvider in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Parameters:

cfg - The key manager provider configuration that contains the information to use to initialize this key manager provider.

getKeyStore

protected KeyStore getKeyStore()

Description copied from class: KeyManagerProvider

Returns the keystore used by this key manager provider.

Specified by:

getKeyStore in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Returns:

The KeyStore used by this key manager provider.

finalizeKeyManagerProviderImpl

protected void finalizeKeyManagerProviderImpl()

Description copied from class: KeyManagerProvider

Performs any other finalization actions that may be necessary by this key manager provider implementation.

Specified by:

finalizeKeyManagerProviderImpl in class KeyManagerProvider<LdapKeyManagerProviderCfg>

containsKeyWithAlias

public boolean containsKeyWithAlias(String alias)

Description copied from class: KeyManagerProvider

Verifies that an alias is defined in the scope of this Key Manager.

Overrides:

containsKeyWithAlias in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Parameters:

alias - The alias to check.

Returns:

true if the alias exists, false otherwise

getKeyManagers

public KeyManager[] getKeyManagers()
                            throws LdapException

Description copied from class: KeyManagerProvider

Retrieves a set of KeyManager objects that may be used for interactions requiring access to a key manager.

Specified by:

getKeyManagers in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Returns:

A set of KeyManager objects that may be used for interactions requiring access to a key manager.

Throws:

LdapException - If a problem occurs while attempting to obtain the set of key managers.

containsAtLeastOneKey

public boolean containsAtLeastOneKey()

Description copied from class: KeyManagerProvider

Verifies that the keystore has at least one usable key.

Overrides:

containsAtLeastOneKey in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Returns:

true if the keystore has at least one usable key, false otherwise

isConfigurationAcceptable

public boolean isConfigurationAcceptable(LdapKeyManagerProviderCfg cfg,
                                         List<LocalizableMessage> unacceptableReasons)

Description copied from class: KeyManagerProvider

Indicates whether the provided configuration is acceptable for this key manager provider. It should be possible to call this method on an uninitialized key manager provider instance in order to determine whether the key manager provider would be able to use the provided configuration.

Overrides:

isConfigurationAcceptable in class KeyManagerProvider<LdapKeyManagerProviderCfg>

Parameters:

cfg - The key manager provider configuration for which to make the determination.

unacceptableReasons - A list that may be used to hold the reasons that the provided configuration is not acceptable.

Returns:

true if the provided configuration is acceptable for this key manager provider, or false if not.

isConfigurationChangeAcceptable

public boolean isConfigurationChangeAcceptable(LdapKeyManagerProviderCfg cfg,
                                               List<LocalizableMessage> unacceptableReasons)

Description copied from interface: ConfigurationChangeListener

Indicates whether the proposed change to the configuration is acceptable to this change listener.

Specified by:

isConfigurationChangeAcceptable in interface ConfigurationChangeListener<LdapKeyManagerProviderCfg>

Parameters:

cfg - The new configuration containing the changes.

unacceptableReasons - A list that can be used to hold messages about why the provided configuration is not acceptable.

Returns:

Returns true if the proposed change is acceptable, or false if it is not.

applyConfigurationChange

public ConfigChangeResult applyConfigurationChange(LdapKeyManagerProviderCfg cfg)

Description copied from interface: ConfigurationChangeListener

Applies the configuration changes to this change listener.

Specified by:

applyConfigurationChange in interface ConfigurationChangeListener<LdapKeyManagerProviderCfg>

Parameters:

cfg - The new configuration containing the changes.

Returns:

Returns information about the result of changing the configuration.