FileDocCategorySizeDatePackage
SecuritySupportImpl.javaAPI DocGlassfish v2 API8666Fri May 04 22:35:24 BST 2007com.sun.enterprise.security

SecuritySupportImpl

public class SecuritySupportImpl extends Object implements com.sun.enterprise.server.pluggable.SecuritySupport
This implements SecuritySupport used in PluggableFeatureFactory.
author
Shing Wai Chan

Fields Summary
private static final String
keyStoreProp
private static final String
trustStoreProp
protected static final Logger
_logger
protected static boolean
initialized
protected static final List
keyStores
protected static final List
trustStores
protected static final List
keyStorePasswords
protected static final List
tokenNames
Constructors Summary
public SecuritySupportImpl()



      
        this(true);
    
protected SecuritySupportImpl(boolean init)

        if (init) {
            initJKS();
        }
    
Methods Summary
public java.security.KeyStoregetKeyStore(java.lang.String token)

param
token
return
a keystore

        int idx = getTokenIndex(token);
        if (idx < 0) {
            return null;
        }
        return (KeyStore)keyStores.get(idx);
    
public java.lang.StringgetKeyStorePassword(java.lang.String token)

param
token
return
the password for this token

        int idx = getTokenIndex(token);
        if (idx < 0) {
            return null;
        }
        return (String)keyStorePasswords.get(idx);
    
public java.lang.String[]getKeyStorePasswords()
This method returns an array of passwords in order corresponding to array of keystores.

        return (String[])keyStorePasswords.toArray(new String[keyStorePasswords.size()]);
    
public java.security.KeyStore[]getKeyStores()
This method returns an array of keystores containing keys and certificates.

        return (KeyStore[])keyStores.toArray(new KeyStore[keyStores.size()]);
    
private intgetTokenIndex(java.lang.String token)

return
returned index

        int idx = -1;
        if (token!=null) {
            idx = tokenNames.indexOf(token);
            if (idx < 0 && _logger.isLoggable(Level.FINEST)) {
                _logger.log(Level.FINEST, "token " + token + " is not found");
            }
        }
        return idx;        
    
public java.lang.String[]getTokenNames()
This method returns an array of token names in order corresponding to array of keystores.

        return (String[])tokenNames.toArray(new String[tokenNames.size()]);
    
public java.security.KeyStoregetTrustStore(java.lang.String token)

param
token
return
a truststore

        int idx = getTokenIndex(token);
        if (idx < 0) {
            return null;
        }
        return (KeyStore)trustStores.get(idx);        
    
public java.security.KeyStore[]getTrustStores()
This method returns an array of truststores containing certificates.

        return (KeyStore[])trustStores.toArray(new KeyStore[trustStores.size()]);
    
protected voidinitJKS()

        if (!initialized) {
            loadStores(null, KeyStore.getDefaultType(), null,
                System.getProperty(keyStoreProp), SSLUtils.getKeyStorePass(),
                System.getProperty(trustStoreProp), SSLUtils.getTrustStorePass());
            initialized = true;
        }
    
private static java.security.KeyStoreloadKS(java.lang.String keyStoreType, java.security.Provider provider, java.lang.String keyStoreFile, java.lang.String keyStorePass)
This method load keystore with given keystore file and keystore password for a given keystore type and provider. It always return a non-null keystore.

param
keyStoreType
param
provider
param
keyStoreFile
param
keyStorePass
retun
keystore loaded

        KeyStore ks = null;
        if (provider != null) {
            ks = KeyStore.getInstance(keyStoreType, provider);
        } else {
            ks = KeyStore.getInstance(keyStoreType);
        }
        char[] passphrase = keyStorePass.toCharArray();

        FileInputStream istream = null;
        BufferedInputStream bstream = null;
        try {
            if (keyStoreFile != null) {
                if (_logger.isLoggable(Level.FINE)) {
                    _logger.log(Level.FINE, "Loading keystoreFile = " +
                        keyStoreFile + ", keystorePass = " + keyStorePass);
	        }
                istream = new FileInputStream(keyStoreFile);
                bstream = new BufferedInputStream(istream);
            }

            ks.load(bstream, passphrase);
        } finally {
            if (bstream != null) {
	        bstream.close();
            }
            if (istream != null) {
	        istream.close();
            }
        }
	return ks;
    
protected static synchronized voidloadStores(java.lang.String tokenName, java.lang.String storeType, java.security.Provider provider, java.lang.String keyStoreFile, java.lang.String keyStorePass, java.lang.String trustStoreFile, java.lang.String trustStorePass)
This method will load keystore and truststore and add into corresponding list.

param
tokenName
param
storeType
param
provider
param
keyStorePass
param
keyStoreFile
param
trustStorePass
param
trustStoreFile

        try {
            KeyStore keyStore = loadKS(storeType, provider, keyStoreFile,
                keyStorePass);
            KeyStore trustStore = loadKS(storeType, provider,trustStoreFile,
                trustStorePass);
            keyStores.add(keyStore);
            trustStores.add(trustStore);
            keyStorePasswords.add(keyStorePass);
            tokenNames.add(tokenName);
        } catch(Exception ex) {
            throw new IllegalStateException(ex.getMessage());
        }
    
public voidsynchronizeKeyFile(com.sun.enterprise.config.ConfigContext configContext, java.lang.String fileRealmName)
This method synchronize key file for given realm.

param
configContext the ConfigContextx
param
fileRealmName
exception

        // no op