[jboss-cvs] JBossAS SVN: r90864 - branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 6 15:45:15 EDT 2009
Author: mmoyses
Date: 2009-07-06 15:45:15 -0400 (Mon, 06 Jul 2009)
New Revision: 90864
Modified:
branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
Log:
JBPAPP-2234: added options to set providers and algorithms
Modified: branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2009-07-06 19:42:28 UTC (rev 90863)
+++ branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2009-07-06 19:45:15 UTC (rev 90864)
@@ -147,6 +147,13 @@
private char[] trustStorePassword;
private URL trustStoreURL;
private TrustManagerFactory trustMgr;
+
+ private String keyStoreProvider;
+ private String trustStoreProvider;
+ private String keyMgrFactoryProvider;
+ private String trustMgrFactoryProvider;
+ private String keyMgrFactoryAlgorithm;
+ private String trustMgrFactoryAlgorithm;
/** Creates a default JaasSecurityDomain for with a securityDomain
name of 'other'.
@@ -366,7 +373,67 @@
byte[] decode = decode(encoding);
return decode;
}
+
+ public String getKeyManagerFactoryProvider()
+ {
+ return keyMgrFactoryProvider;
+ }
+
+ public void setKeyManagerFactoryProvider(String provider)
+ {
+ this.keyMgrFactoryProvider = provider;
+ }
+ public String getKeyStoreProvider()
+ {
+ return keyStoreProvider;
+ }
+
+ public void setKeyStoreProvider(String provider)
+ {
+ this.keyStoreProvider = provider;
+ }
+
+ public String getTrustManagerFactoryProvider()
+ {
+ return trustMgrFactoryProvider;
+ }
+
+ public void setTrustManagerFactoryProvider(String provider)
+ {
+ this.trustMgrFactoryProvider = provider;
+ }
+
+ public String getTrustStoreProvider()
+ {
+ return trustStoreProvider;
+ }
+
+ public void setTrustStoreProvider(String provider)
+ {
+ this.trustStoreProvider = provider;
+ }
+
+ public String getKeyManagerFactoryAlgorithm()
+ {
+ return keyMgrFactoryAlgorithm;
+ }
+
+ public void setKeyManagerFactoryAlgorithm(String algorithm)
+ {
+ this.keyMgrFactoryAlgorithm = algorithm;
+ }
+
+ public String getTrustManagerFactoryAlgorithm()
+ {
+ return trustMgrFactoryAlgorithm;
+ }
+
+ public void setTrustManagerFactoryAlgorithm(String algorithm)
+ {
+ this.trustMgrFactoryAlgorithm = algorithm;
+ }
+
/**
Reload the key- and truststore
*/
@@ -427,9 +494,12 @@
{
if( keyStorePassword != null )
{
- keyStore = KeyStore.getInstance(keyStoreType);
+ if (keyStoreProvider != null)
+ keyStore = KeyStore.getInstance(keyStoreType, keyStoreProvider);
+ else
+ keyStore = KeyStore.getInstance(keyStoreType);
InputStream is = null;
- if (!"PKCS11".equalsIgnoreCase(keyStoreType) && keyStoreURL != null)
+ if ((!"PKCS11".equalsIgnoreCase(keyStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(keyStoreType)) && keyStoreURL != null)
{
is = keyStoreURL.openStream();
}
@@ -438,8 +508,15 @@
{
throw new IOException("Cannot find key entry with alias " + keyStoreAlias + " in the keyStore");
}
- String algorithm = KeyManagerFactory.getDefaultAlgorithm();
- keyMgr = KeyManagerFactory.getInstance(algorithm);
+ String algorithm = null;
+ if (keyMgrFactoryAlgorithm != null)
+ algorithm = keyMgrFactoryAlgorithm;
+ else
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ if (keyMgrFactoryProvider != null)
+ keyMgr = KeyManagerFactory.getInstance(algorithm, keyMgrFactoryProvider);
+ else
+ keyMgr = KeyManagerFactory.getInstance(algorithm);
keyMgr.init(keyStore, keyStorePassword);
if (keyStoreAlias != null)
{
@@ -452,23 +529,37 @@
}
if( trustStorePassword != null )
{
- trustStore = KeyStore.getInstance(trustStoreType);
+ if (trustStoreProvider != null)
+ trustStore = KeyStore.getInstance(trustStoreType, trustStoreProvider);
+ else
+ trustStore = KeyStore.getInstance(trustStoreType);
InputStream is = null;
- if (!"PKCS11".equalsIgnoreCase(trustStoreType) && trustStoreURL != null)
+ if ((!"PKCS11".equalsIgnoreCase(trustStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(trustStoreType)) && trustStoreURL != null)
{
is = trustStoreURL.openStream();
}
trustStore.load(is, trustStorePassword);
- String algorithm = TrustManagerFactory.getDefaultAlgorithm();
- trustMgr = TrustManagerFactory.getInstance(algorithm);
+ String algorithm = null;
+ if (trustMgrFactoryAlgorithm != null)
+ algorithm = trustMgrFactoryAlgorithm;
+ else
+ algorithm = TrustManagerFactory.getDefaultAlgorithm();
+ if (trustMgrFactoryProvider != null)
+ trustMgr = TrustManagerFactory.getInstance(algorithm, trustStoreProvider);
+ else
+ trustMgr = TrustManagerFactory.getInstance(algorithm);
trustMgr.init(trustStore);
}
else if( keyStore != null )
{
trustStore = keyStore;
- String algorithm = TrustManagerFactory.getDefaultAlgorithm();
+ String algorithm = null;
+ if (trustMgrFactoryAlgorithm != null)
+ algorithm = trustMgrFactoryAlgorithm;
+ else
+ algorithm = TrustManagerFactory.getDefaultAlgorithm();
trustMgr = TrustManagerFactory.getInstance(algorithm);
- trustMgr.init(trustStore);
+ trustMgr.init(trustStore);
}
}
Modified: branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2009-07-06 19:42:28 UTC (rev 90863)
+++ branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2009-07-06 19:45:15 UTC (rev 90864)
@@ -22,7 +22,9 @@
package org.jboss.security.plugins;
import java.io.IOException;
+
import javax.management.ObjectName;
+
import org.jboss.system.ServiceMBean;
@@ -130,4 +132,76 @@
*/
public byte[] decode64(String secret)
throws Exception;
+
+ /**
+ * Returns the KeyStore provider
+ * @return provider of the KeyStore
+ */
+ public String getKeyStoreProvider();
+
+ /**
+ * Sets the KeyStore provider
+ * @param provider provider name of the KeyStore
+ */
+ public void setKeyStoreProvider(String provider);
+
+ /**
+ * Returns the KeyManagerFactory provider
+ * @return provider of the KeyManagerFactory
+ */
+ public String getKeyManagerFactoryProvider();
+
+ /**
+ * Sets the KeyManagerFactory provider
+ * @param provider provider name of the KeyManagerFactory
+ */
+ public void setKeyManagerFactoryProvider(String provider);
+
+ /**
+ * Returns the TrustStore provider
+ * @return provider of the TrustStore
+ */
+ public String getTrustStoreProvider();
+
+ /**
+ * Sets the TrustStore provider
+ * @param provider provider name of the TrustStore
+ */
+ public void setTrustStoreProvider(String provider);
+
+ /**
+ * Returns the TrustManagerFactory provider
+ * @return provider of the TrustManagerFactory
+ */
+ public String getTrustManagerFactoryProvider();
+
+ /**
+ * Sets the TrustManagerFactory provider
+ * @param provider provider name of the TrustManagerFactory
+ */
+ public void setTrustManagerFactoryProvider(String provider);
+
+ /**
+ * Returns the KeyManagerFactory algorithm
+ * @return algorithm of the KeyManagerFactory
+ */
+ public String getKeyManagerFactoryAlgorithm();
+
+ /**
+ * Sets the KeyManagerFactory algorithm
+ * @param algorithm algorithm of the KeyManagerFactory
+ */
+ public void setKeyManagerFactoryAlgorithm(String algorithm);
+
+ /**
+ * Returns the TrustManagerFactory algorithm
+ * @return algorithm of the TrustManagerFactory
+ */
+ public String getTrustManagerFactoryAlgorithm();
+
+ /**
+ * Sets the TrustManagerFactory algorithm
+ * @param algorithm algorithm of the TrustManagerFactory
+ */
+ public void setTrustManagerFactoryAlgorithm(String algorithm);
}
More information about the jboss-cvs-commits
mailing list