[jboss-cvs] JBossAS SVN: r90867 - trunk/security/src/main/org/jboss/security/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 6 16:34:57 EDT 2009
Author: mmoyses
Date: 2009-07-06 16:34:57 -0400 (Mon, 06 Jul 2009)
New Revision: 90867
Modified:
trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
Log:
JBAS-7080: add options to set providers and algorithms in the JaasSecurityDomain
Modified: trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================
--- trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2009-07-06 20:30:45 UTC (rev 90866)
+++ trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2009-07-06 20:34:57 UTC (rev 90867)
@@ -157,6 +157,18 @@
private URL trustStoreURL;
private TrustManagerFactory trustMgr;
+
+ private String keyStoreProvider;
+
+ private String trustStoreProvider;
+
+ private String keyMgrFactoryProvider;
+
+ private String trustMgrFactoryProvider;
+
+ private String keyMgrFactoryAlgorithm;
+
+ private String trustMgrFactoryAlgorithm;
/** Specify the SecurityManagement instance */
private ISecurityManagement securityManagement = new JNDIBasedSecurityManagement();
@@ -551,10 +563,136 @@
byte[] decode = decode(encoding);
return decode;
}
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getKeyManagerFactoryProvider
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The security provider of the KeyManagerFactory")
+ public String getKeyManagerFactoryProvider()
+ {
+ return keyMgrFactoryProvider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setKeyManagerFactoryProvider(java.lang.String)
+ */
+ public void setKeyManagerFactoryProvider(String provider)
+ {
+ this.keyMgrFactoryProvider = provider;
+ }
/*
* (non-Javadoc)
*
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getKeyStoreProvider
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The security provider of the KeyStore")
+ public String getKeyStoreProvider()
+ {
+ return keyStoreProvider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setKeyStoreProvider(java.lang.String)
+ */
+ public void setKeyStoreProvider(String provider)
+ {
+ this.keyStoreProvider = provider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getTrustManagerFactoryProvider
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The security provider of the TrustManagerFactory")
+ public String getTrustManagerFactoryProvider()
+ {
+ return trustMgrFactoryProvider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setTrustManagerFactoryProvider(java.lang.String)
+ */
+ public void setTrustManagerFactoryProvider(String provider)
+ {
+ this.trustMgrFactoryProvider = provider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getTrustStoreProvider
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The security provider of the TrustStore")
+ public String getTrustStoreProvider()
+ {
+ return trustStoreProvider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setTrustStoreProvider(java.lang.String)
+ */
+ public void setTrustStoreProvider(String provider)
+ {
+ this.trustStoreProvider = provider;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getKeyManagerFactoryAlgorithm
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The algorithm of the KeyManagerFactory")
+ public String getKeyManagerFactoryAlgorithm()
+ {
+ return keyMgrFactoryAlgorithm;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setKeyManagerFactoryAlgorithm(java.lang.String)
+ */
+ public void setKeyManagerFactoryAlgorithm(String algorithm)
+ {
+ this.keyMgrFactoryAlgorithm = algorithm;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getTrustManagerFactoryAlgorithm
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The algorithm of the TrustManagerFactory")
+ public String getTrustManagerFactoryAlgorithm()
+ {
+ return trustMgrFactoryAlgorithm;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setTrustManagerFactoryAlgorithm(java.lang.String)
+ */
+ public void setTrustManagerFactoryAlgorithm(String algorithm)
+ {
+ this.trustMgrFactoryAlgorithm = algorithm;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
* @see org.jboss.security.plugins.JaasSecurityDomainMBean#reloadKeyAndTrustStore()
*/
@ManagementOperation(description = "Reload the key and trust stores", impact = Impact.WriteOnly)
@@ -642,7 +780,10 @@
{
if (keyStorePassword != null)
{
- keyStore = KeyStore.getInstance(keyStoreType);
+ if (keyStoreProvider != null)
+ keyStore = KeyStore.getInstance(keyStoreType, keyStoreProvider);
+ else
+ keyStore = KeyStore.getInstance(keyStoreType);
InputStream is = null;
if ((!"PKCS11".equalsIgnoreCase(keyStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(keyStoreType)) && keyStoreURL != null)
{
@@ -653,8 +794,15 @@
{
throw new IOException("Cannot find key entry with alias " + keyStoreAlias + " in the keyStore");
}
- String algorithm = KeyManagerFactory.getDefaultAlgorithm();
- keyMgr = KeyManagerFactory.getInstance(algorithm);
+ String algorithm = null;
+ if (keyMgrFactoryAlgorithm != null)
+ algorithm = keyMgrFactoryAlgorithm;
+ else
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ if (keyMgrFactoryProvider != null)
+ keyMgr = KeyManagerFactory.getInstance(algorithm, keyMgrFactoryProvider);
+ else
+ keyMgr = KeyManagerFactory.getInstance(algorithm);
keyMgr.init(keyStore, keyStorePassword);
if (keyStoreAlias != null)
{
@@ -667,21 +815,35 @@
}
if (trustStorePassword != null)
{
- trustStore = KeyStore.getInstance(trustStoreType);
+ if (trustStoreProvider != null)
+ trustStore = KeyStore.getInstance(trustStoreType, trustStoreProvider);
+ else
+ trustStore = KeyStore.getInstance(trustStoreType);
InputStream is = null;
if ((!"PKCS11".equalsIgnoreCase(trustStoreType) || !"PKCS11IMPLKS".equalsIgnoreCase(trustStoreType)) && trustStoreURL != null)
{
is = trustStoreURL.openStream();
}
trustStore.load(is, trustStorePassword);
- String algorithm = TrustManagerFactory.getDefaultAlgorithm();
- trustMgr = TrustManagerFactory.getInstance(algorithm);
+ String algorithm = null;
+ if (trustMgrFactoryAlgorithm != null)
+ algorithm = trustMgrFactoryAlgorithm;
+ else
+ algorithm = TrustManagerFactory.getDefaultAlgorithm();
+ if (trustMgrFactoryProvider != null)
+ trustMgr = TrustManagerFactory.getInstance(algorithm, trustStoreProvider);
+ else
+ trustMgr = TrustManagerFactory.getInstance(algorithm);
trustMgr.init(trustStore);
}
else if (keyStore != null)
{
trustStore = keyStore;
- String algorithm = TrustManagerFactory.getDefaultAlgorithm();
+ String algorithm = null;
+ if (trustMgrFactoryAlgorithm != null)
+ algorithm = trustMgrFactoryAlgorithm;
+ else
+ algorithm = TrustManagerFactory.getDefaultAlgorithm();
trustMgr = TrustManagerFactory.getInstance(algorithm);
trustMgr.init(trustStore);
}
Modified: trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
===================================================================
--- trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2009-07-06 20:30:45 UTC (rev 90866)
+++ trunk/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2009-07-06 20:34:57 UTC (rev 90867)
@@ -22,7 +22,9 @@
package org.jboss.security.plugins;
import java.io.IOException;
+
import javax.management.ObjectName;
+
import org.jboss.system.ServiceMBean;
@@ -129,4 +131,76 @@
*/
public byte[] decode64(String secret)
throws Exception;
+
+ /**
+ * Returns the KeyStore provider
+ * @return provider of the KeyStore
+ */
+ public String getKeyStoreProvider();
+
+ /**
+ * Sets the KeyStore provider
+ * @param provider provider name of the KeyStore
+ */
+ public void setKeyStoreProvider(String provider);
+
+ /**
+ * Returns the KeyManagerFactory provider
+ * @return provider of the KeyManagerFactory
+ */
+ public String getKeyManagerFactoryProvider();
+
+ /**
+ * Sets the KeyManagerFactory provider
+ * @param provider provider name of the KeyManagerFactory
+ */
+ public void setKeyManagerFactoryProvider(String provider);
+
+ /**
+ * Returns the TrustStore provider
+ * @return provider of the TrustStore
+ */
+ public String getTrustStoreProvider();
+
+ /**
+ * Sets the TrustStore provider
+ * @param provider provider name of the TrustStore
+ */
+ public void setTrustStoreProvider(String provider);
+
+ /**
+ * Returns the TrustManagerFactory provider
+ * @return provider of the TrustManagerFactory
+ */
+ public String getTrustManagerFactoryProvider();
+
+ /**
+ * Sets the TrustManagerFactory provider
+ * @param provider provider name of the TrustManagerFactory
+ */
+ public void setTrustManagerFactoryProvider(String provider);
+
+ /**
+ * Returns the KeyManagerFactory algorithm
+ * @return algorithm of the KeyManagerFactory
+ */
+ public String getKeyManagerFactoryAlgorithm();
+
+ /**
+ * Sets the KeyManagerFactory algorithm
+ * @param algorithm algorithm of the KeyManagerFactory
+ */
+ public void setKeyManagerFactoryAlgorithm(String algorithm);
+
+ /**
+ * Returns the TrustManagerFactory algorithm
+ * @return algorithm of the TrustManagerFactory
+ */
+ public String getTrustManagerFactoryAlgorithm();
+
+ /**
+ * Sets the TrustManagerFactory algorithm
+ * @param algorithm algorithm of the TrustManagerFactory
+ */
+ public void setTrustManagerFactoryAlgorithm(String algorithm);
}
More information about the jboss-cvs-commits
mailing list