org.jboss.security.plugins
Class JaasSecurityDomain

java.lang.Object
  extended by org.jboss.mx.util.JBossNotificationBroadcasterSupport
      extended by org.jboss.system.ServiceMBeanSupport
          extended by org.jboss.security.plugins.JaasSecurityManager
              extended by org.jboss.security.plugins.JaasSecurityDomain
All Implemented Interfaces:
javax.management.MBeanRegistration, javax.management.NotificationBroadcaster, javax.management.NotificationEmitter, AuthenticationManager, JaasSecurityDomainMBean, RealmMapping, SecurityDomain, SubjectSecurityManager, org.jboss.system.Service, org.jboss.system.ServiceMBean

public class JaasSecurityDomain
extends JaasSecurityManager
implements SecurityDomain, JaasSecurityDomainMBean

The JaasSecurityDomain is an extension of JaasSecurityManager that addes the notion of a KeyStore, and JSSE KeyManagerFactory and TrustManagerFactory for supporting SSL and other cryptographic use cases. Attributes:

Version:
$Revision: 1.21.2.3 $
Author:
Scott.Stark@jboss.org, Jason Essington

Nested Class Summary
 
Nested classes/interfaces inherited from class org.jboss.security.plugins.JaasSecurityManager
JaasSecurityManager.DomainInfo
 
Field Summary
 
Fields inherited from class org.jboss.security.plugins.JaasSecurityManager
log, trace
 
Fields inherited from class org.jboss.system.ServiceMBeanSupport
server, SERVICE_CONTROLLER_SIG, serviceName
 
Fields inherited from interface org.jboss.system.ServiceMBean
CREATE_EVENT, CREATED, DESTROY_EVENT, DESTROYED, FAILED, REGISTERED, START_EVENT, STARTED, STARTING, states, STOP_EVENT, STOPPED, STOPPING, UNREGISTERED
 
Constructor Summary
JaasSecurityDomain()
          Creates a default JaasSecurityDomain for with a securityDomain name of 'other'.
JaasSecurityDomain(String securityDomain)
          Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.
JaasSecurityDomain(String securityDomain, CallbackHandler handler)
          Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.
 
Method Summary
 byte[] decode(byte[] secret)
          Decrypt the secret using the cipherKey.
 byte[] decode64(String secret)
          Decrypt the base64 encoded secret using the cipherKey.
 byte[] encode(byte[] secret)
          Encrypt the secret using the cipherKey.
 String encode64(byte[] secret)
          Encrypt the secret using the cipherKey and return a base64 encoding.
 String getCipherAlgorithm()
           
 KeyManagerFactory getKeyManagerFactory()
          Get the KeyManagerFactory associated with the security domain
 KeyStore getKeyStore()
          Get the keystore associated with the security domain
 String getKeyStoreType()
          KeyStore implementation type being used.
 String getKeyStoreURL()
          Get the KeyStore database URL string.
 javax.management.ObjectName getManagerServiceName()
          The JMX object name string of the security manager service.
 String getName()
           
 TrustManagerFactory getTrustManagerFactory()
          Get the TrustManagerFactory associated with the security domain
 KeyStore getTrustStore()
          Get the truststore associated with the security domain.
 String getTrustStoreType()
          Get the type of the trust store
 String getTrustStoreURL()
          Get the trust store database URL string.
 void reloadKeyAndTrustStore()
          Reload the key- and truststore
 void setCipherAlgorithm(String cipherAlgorithm)
           
 void setIterationCount(int iterationCount)
          Set the iteration count used with PBE based on the keystore password.
 void setKeyStorePass(String password)
          Set the credential string for the KeyStore.
 void setKeyStoreType(String type)
          Set the type of KeyStore implementation to use.
 void setKeyStoreURL(String storeURL)
          Set the KeyStore database URL string.
 void setManagerServiceName(javax.management.ObjectName managerServiceName)
          Set the JMX object name string of the security manager service.
 void setSalt(String salt)
          Set the salt used with PBE based on the keystore password.
 void setTrustStorePass(String password)
          Set the credential string for the trust store.
 void setTrustStoreType(String type)
          Set the type of the trust store
 void setTrustStoreURL(String storeURL)
          Set the trust store database URL string.
protected  void startService()
           
protected  void stopService()
           
 
Methods inherited from class org.jboss.security.plugins.JaasSecurityManager
doesRoleGroupHaveRole, doesUserHaveRole, doesUserHaveRole, flushCache, getActiveSubject, getPrincipal, getSecurityDomain, getUserRoles, isValid, isValid, setCachePolicy, setDeepCopySubjectOption
 
Methods inherited from class org.jboss.system.ServiceMBeanSupport
create, createService, destroy, destroyService, getDeploymentInfo, getLog, getNextNotificationSequenceNumber, getObjectName, getServer, getServiceName, getState, getStateString, jbossInternalCreate, jbossInternalDescription, jbossInternalDestroy, jbossInternalLifecycle, jbossInternalStart, jbossInternalStop, postDeregister, postRegister, preDeregister, preRegister, start, stop
 
Methods inherited from class org.jboss.mx.util.JBossNotificationBroadcasterSupport
addNotificationListener, getNotificationInfo, handleNotification, nextNotificationSequenceNumber, removeNotificationListener, removeNotificationListener, sendNotification
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.jboss.security.AuthenticationManager
getActiveSubject, getSecurityDomain, isValid, isValid
 
Methods inherited from interface org.jboss.security.RealmMapping
doesUserHaveRole, getPrincipal, getUserRoles
 
Methods inherited from interface org.jboss.system.ServiceMBean
getState, getStateString, jbossInternalLifecycle
 
Methods inherited from interface org.jboss.system.Service
create, destroy, start, stop
 

Constructor Detail

JaasSecurityDomain

public JaasSecurityDomain()
Creates a default JaasSecurityDomain for with a securityDomain name of 'other'.


JaasSecurityDomain

public JaasSecurityDomain(String securityDomain)
Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.

Parameters:
securityDomain - , the name of the security domain

JaasSecurityDomain

public JaasSecurityDomain(String securityDomain,
                          CallbackHandler handler)
Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.

Parameters:
securityDomain - , the name of the security domain
handler - , the CallbackHandler to use to obtain login module info
Method Detail

getKeyStore

public KeyStore getKeyStore()
                     throws SecurityException
Description copied from interface: SecurityDomain
Get the keystore associated with the security domain

Specified by:
getKeyStore in interface SecurityDomain
Throws:
SecurityException

getKeyManagerFactory

public KeyManagerFactory getKeyManagerFactory()
                                       throws SecurityException
Description copied from interface: SecurityDomain
Get the KeyManagerFactory associated with the security domain

Specified by:
getKeyManagerFactory in interface SecurityDomain
Throws:
SecurityException

getTrustStore

public KeyStore getTrustStore()
                       throws SecurityException
Description copied from interface: SecurityDomain
Get the truststore associated with the security domain. This may be the same as the keystore.

Specified by:
getTrustStore in interface SecurityDomain
Throws:
SecurityException

getTrustManagerFactory

public TrustManagerFactory getTrustManagerFactory()
                                           throws SecurityException
Description copied from interface: SecurityDomain
Get the TrustManagerFactory associated with the security domain

Specified by:
getTrustManagerFactory in interface SecurityDomain
Throws:
SecurityException

getManagerServiceName

public javax.management.ObjectName getManagerServiceName()
The JMX object name string of the security manager service.

Specified by:
getManagerServiceName in interface JaasSecurityDomainMBean
Returns:
The JMX object name string of the security manager service.

setManagerServiceName

public void setManagerServiceName(javax.management.ObjectName managerServiceName)
Set the JMX object name string of the security manager service.

Specified by:
setManagerServiceName in interface JaasSecurityDomainMBean

getKeyStoreType

public String getKeyStoreType()
Description copied from interface: JaasSecurityDomainMBean
KeyStore implementation type being used.

Specified by:
getKeyStoreType in interface JaasSecurityDomainMBean
Returns:
the KeyStore implementation type being used.

setKeyStoreType

public void setKeyStoreType(String type)
Description copied from interface: JaasSecurityDomainMBean
Set the type of KeyStore implementation to use. This is passed to the KeyStore.getInstance() factory method.

Specified by:
setKeyStoreType in interface JaasSecurityDomainMBean

getKeyStoreURL

public String getKeyStoreURL()
Description copied from interface: JaasSecurityDomainMBean
Get the KeyStore database URL string.

Specified by:
getKeyStoreURL in interface JaasSecurityDomainMBean

setKeyStoreURL

public void setKeyStoreURL(String storeURL)
                    throws IOException
Description copied from interface: JaasSecurityDomainMBean
Set the KeyStore database URL string. This is used to obtain an InputStream to initialize the KeyStore.

Specified by:
setKeyStoreURL in interface JaasSecurityDomainMBean
Throws:
IOException

setKeyStorePass

public void setKeyStorePass(String password)
Description copied from interface: JaasSecurityDomainMBean
Set the credential string for the KeyStore.

Specified by:
setKeyStorePass in interface JaasSecurityDomainMBean

getTrustStoreType

public String getTrustStoreType()
Description copied from interface: JaasSecurityDomainMBean
Get the type of the trust store

Specified by:
getTrustStoreType in interface JaasSecurityDomainMBean
Returns:
the type of the trust store

setTrustStoreType

public void setTrustStoreType(String type)
Description copied from interface: JaasSecurityDomainMBean
Set the type of the trust store

Specified by:
setTrustStoreType in interface JaasSecurityDomainMBean
Parameters:
type - - the trust store implementation type

setTrustStorePass

public void setTrustStorePass(String password)
Description copied from interface: JaasSecurityDomainMBean
Set the credential string for the trust store.

Specified by:
setTrustStorePass in interface JaasSecurityDomainMBean

getTrustStoreURL

public String getTrustStoreURL()
Description copied from interface: JaasSecurityDomainMBean
Get the trust store database URL string.

Specified by:
getTrustStoreURL in interface JaasSecurityDomainMBean

setTrustStoreURL

public void setTrustStoreURL(String storeURL)
                      throws IOException
Description copied from interface: JaasSecurityDomainMBean
Set the trust store database URL string. This is used to obtain an InputStream to initialize the trust store.

Specified by:
setTrustStoreURL in interface JaasSecurityDomainMBean
Throws:
IOException

setSalt

public void setSalt(String salt)
Description copied from interface: JaasSecurityDomainMBean
Set the salt used with PBE based on the keystore password.

Specified by:
setSalt in interface JaasSecurityDomainMBean
Parameters:
salt - - an 8 char randomization string

setIterationCount

public void setIterationCount(int iterationCount)
Description copied from interface: JaasSecurityDomainMBean
Set the iteration count used with PBE based on the keystore password.

Specified by:
setIterationCount in interface JaasSecurityDomainMBean
Parameters:
iterationCount - - an iteration count randomization value

getCipherAlgorithm

public String getCipherAlgorithm()

setCipherAlgorithm

public void setCipherAlgorithm(String cipherAlgorithm)

getName

public String getName()
Specified by:
getName in interface org.jboss.system.ServiceMBean
Overrides:
getName in class org.jboss.system.ServiceMBeanSupport

encode

public byte[] encode(byte[] secret)
              throws Exception
Encrypt the secret using the cipherKey.

Specified by:
encode in interface JaasSecurityDomainMBean
Parameters:
secret - - the plaintext secret to encrypt
Returns:
the encrypted secret
Throws:
Exception

decode

public byte[] decode(byte[] secret)
              throws Exception
Decrypt the secret using the cipherKey.

Specified by:
decode in interface JaasSecurityDomainMBean
Parameters:
secret - - the encrypted secret to decrypt.
Returns:
the decrypted secret
Throws:
Exception

encode64

public String encode64(byte[] secret)
                throws Exception
Encrypt the secret using the cipherKey and return a base64 encoding.

Specified by:
encode64 in interface JaasSecurityDomainMBean
Parameters:
secret - - the plaintext secret to encrypt
Returns:
the encrypted secret as a base64 string
Throws:
Exception

decode64

public byte[] decode64(String secret)
                throws Exception
Decrypt the base64 encoded secret using the cipherKey.

Specified by:
decode64 in interface JaasSecurityDomainMBean
Parameters:
secret - - the base64 encoded encrypted secret to decrypt.
Returns:
the decrypted secret
Throws:
Exception

reloadKeyAndTrustStore

public void reloadKeyAndTrustStore()
                            throws Exception
Reload the key- and truststore

Specified by:
reloadKeyAndTrustStore in interface JaasSecurityDomainMBean
Throws:
Exception

startService

protected void startService()
                     throws Exception
Overrides:
startService in class org.jboss.system.ServiceMBeanSupport
Throws:
Exception

stopService

protected void stopService()
Overrides:
stopService in class org.jboss.system.ServiceMBeanSupport


Copyright © 2002 JBoss Group, LLC. All Rights Reserved.