[jboss-cvs] JBossAS SVN: r106615 - trunk/security/src/main/java/org/jboss/security/ssl.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jul 12 17:23:14 EDT 2010
Author: mmoyses
Date: 2010-07-12 17:23:14 -0400 (Mon, 12 Jul 2010)
New Revision: 106615
Modified:
trunk/security/src/main/java/org/jboss/security/ssl/JBossProvider.java
trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java
trunk/security/src/main/java/org/jboss/security/ssl/KeyManagerFactoryImpl.java
trunk/security/src/main/java/org/jboss/security/ssl/TrustManagerFactoryImpl.java
Log:
JBAS-8144: adding javadoc
Modified: trunk/security/src/main/java/org/jboss/security/ssl/JBossProvider.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/ssl/JBossProvider.java 2010-07-12 20:58:05 UTC (rev 106614)
+++ trunk/security/src/main/java/org/jboss/security/ssl/JBossProvider.java 2010-07-12 21:23:14 UTC (rev 106615)
@@ -26,6 +26,13 @@
import java.security.Provider;
import java.security.Security;
+/**
+ * A <code>Provider</code> that overrides the default <code>KeyManagerFactory</code> and
+ * <code>TrustManagerFactory</code> implementations.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
public class JBossProvider extends Provider
{
private static final long serialVersionUID = -6211291745955454828L;
Modified: trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java 2010-07-12 20:58:05 UTC (rev 106614)
+++ trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java 2010-07-12 21:23:14 UTC (rev 106615)
@@ -51,6 +51,13 @@
import org.jboss.security.Util;
import org.jboss.security.plugins.SecurityKeyManager;
+/**
+ * A MC bean that installs a <code>Provider</code> so we can override the default
+ * implementations for <code>KeyManagerFactory</code> and <code>TrustManagerFactory</code>.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
public class JBossSSLConfiguration
{
private Provider provider;
@@ -203,6 +210,12 @@
this.trustStoreProviderArgument = trustStoreProviderArgument;
}
+ /**
+ * Callback method that initializes the keystore and truststore
+ * and adds <code>JBossProvider</code> as the first in the list.
+ *
+ * @throws Exception if an error happens during initialization
+ */
public void start() throws Exception
{
// add provider as the first
@@ -272,12 +285,23 @@
}
}
+ /**
+ * Removes <code>JBossProvider</code> from the <code>Provider</code>s list.
+ */
public void stop()
{
if (provider != null)
removeProvider(provider);
}
+ /**
+ * Overrides the keystore using the configuration set in the bean.
+ *
+ * @param delegate <code>KeyManagerFactory</code>implementation
+ * @throws KeyStoreException
+ * @throws UnrecoverableKeyException
+ * @throws NoSuchAlgorithmException
+ */
public void initializeKeyManagerFactory(KeyManagerFactory delegate) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException
{
if (keyStore == null)
@@ -287,6 +311,12 @@
delegate.init(keyStore, keyStorePass);
}
+ /**
+ * Overrides the <code>KeyManager>s if an alias in provided in the configuration.
+ *
+ * @param delegate <code>KeyManagerFactory</code> implementation
+ * @return
+ */
public KeyManager[] getKeyManagers(KeyManagerFactory delegate)
{
KeyManager[] keyManagers = delegate.getKeyManagers();
@@ -300,6 +330,13 @@
return keyManagers;
}
+ /**
+ * Overrides the truststore using the configuration set in the bean.
+ *
+ * @param delegate <code>TrustManagerFactory</code> implementation
+ * @param ks truststore
+ * @throws KeyStoreException
+ */
public void initializeTrustManagerFactory(TrustManagerFactory delegate, KeyStore ks) throws KeyStoreException
{
if (trustStore == null)
@@ -316,6 +353,13 @@
}
}
+ /**
+ * Overrides the truststore using the configuration set in the bean.
+ *
+ * @param delegate <code>TrustManagerFactory</code> implementation
+ * @param spec <code>ManagerFactoryParameters</code> parameters
+ * @throws InvalidAlgorithmParameterException
+ */
public void initializeTrustManagerFactory(TrustManagerFactory delegate, ManagerFactoryParameters spec) throws InvalidAlgorithmParameterException
{
if (trustStore == null)
@@ -356,6 +400,9 @@
}
}
+ /**
+ * Loads a key/trust store
+ */
private URL validateStoreURL(String storeURL) throws IOException
{
URL url = null;
Modified: trunk/security/src/main/java/org/jboss/security/ssl/KeyManagerFactoryImpl.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/ssl/KeyManagerFactoryImpl.java 2010-07-12 20:58:05 UTC (rev 106614)
+++ trunk/security/src/main/java/org/jboss/security/ssl/KeyManagerFactoryImpl.java 2010-07-12 21:23:14 UTC (rev 106615)
@@ -34,6 +34,13 @@
import org.jboss.logging.Logger;
+/**
+ * <code>KeyManagerFactory</code> implementation that uses the keystore configuration
+ * provided by JBossSSLConfiguration
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
abstract class KeyManagerFactoryImpl extends KeyManagerFactorySpi
{
protected KeyManagerFactory delegate;
@@ -49,23 +56,35 @@
defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
}
+ /**
+ * Overrides the keystore configuration
+ */
protected KeyManager[] engineGetKeyManagers()
{
return sslConfiguration.getKeyManagers(delegate);
}
+ /**
+ * Overrides the keystore configuration
+ */
protected void engineInit(KeyStore ks, char[] password) throws KeyStoreException, NoSuchAlgorithmException,
UnrecoverableKeyException
{
sslConfiguration.initializeKeyManagerFactory(delegate);
}
+ /**
+ * Delegates to the default <code>KeyManagerFactory</code>
+ */
protected void engineInit(ManagerFactoryParameters spec) throws InvalidAlgorithmParameterException
{
// Not used by the underlying implementations. Throws an exception
delegate.init(spec);
}
+ /**
+ * Implementation for Sun, JRockit and OpenJDK
+ */
public static class SunX509 extends KeyManagerFactoryImpl
{
public SunX509()
@@ -82,6 +101,9 @@
}
}
+ /**
+ * Implementation for IBM
+ */
public static class IbmX509 extends KeyManagerFactoryImpl
{
public IbmX509()
Modified: trunk/security/src/main/java/org/jboss/security/ssl/TrustManagerFactoryImpl.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/ssl/TrustManagerFactoryImpl.java 2010-07-12 20:58:05 UTC (rev 106614)
+++ trunk/security/src/main/java/org/jboss/security/ssl/TrustManagerFactoryImpl.java 2010-07-12 21:23:14 UTC (rev 106615)
@@ -32,6 +32,13 @@
import org.jboss.logging.Logger;
+/**
+ * <code>TrustManagerFactory</code> implementation that uses the truststore configuration
+ * provided by the JBossSSLConfiguration.
+ *
+ * @author <a href="mmoyses at redhat.com">Marcus Moyses</a>
+ * @version $Revision: 1 $
+ */
abstract class TrustManagerFactoryImpl extends TrustManagerFactorySpi
{
protected String defaultAlgorithm;
@@ -47,21 +54,33 @@
defaultAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
}
+ /**
+ * Delegates to the default <code>TrustManagerFactory</code>
+ */
protected TrustManager[] engineGetTrustManagers()
{
return delegate.getTrustManagers();
}
+ /**
+ * Overrides the truststore configuration
+ */
protected void engineInit(KeyStore ks) throws KeyStoreException
{
sslConfiguration.initializeTrustManagerFactory(delegate, ks);
}
+ /**
+ * Overrides the truststore configuration
+ */
protected void engineInit(ManagerFactoryParameters spec) throws InvalidAlgorithmParameterException
{
sslConfiguration.initializeTrustManagerFactory(delegate, spec);
}
+ /**
+ * Implementation for Sun, JRockit and OpenJDK
+ */
public static class SunPKIX extends TrustManagerFactoryImpl
{
public SunPKIX()
@@ -78,6 +97,9 @@
}
}
+ /**
+ * Implementation for IBM
+ */
public static class IbmPKIX extends TrustManagerFactoryImpl
{
public IbmPKIX()
More information about the jboss-cvs-commits
mailing list