[jboss-cvs] JBossAS SVN: r109371 - in trunk/security/src/main/java/org/jboss/security: ssl and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Nov 18 14:15:20 EST 2010
Author: mmoyses
Date: 2010-11-18 14:15:20 -0500 (Thu, 18 Nov 2010)
New Revision: 109371
Modified:
trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomain.java
trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomainMBean.java
trunk/security/src/main/java/org/jboss/security/plugins/SecurityKeyManager.java
trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java
Log:
JBAS-8650: adding clientAlias and serverAlias options to configure preferred aliases in an eventual SSL connection
Modified: trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomain.java 2010-11-18 18:59:37 UTC (rev 109370)
+++ trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomain.java 2010-11-18 19:15:20 UTC (rev 109371)
@@ -176,6 +176,8 @@
private String keyStoreProviderArgument;
private String trustStoreProviderArgument;
+
+ private String clientAlias;
/** Specify the SecurityManagement instance */
private ISecurityManagement securityManagement = SecurityConstantsBridge.getSecurityManagement();
@@ -753,10 +755,51 @@
{
this.trustStoreProviderArgument = argument;
}
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getClientAlias
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The preferred client alias to be used in an eventual SSL connection")
+ public String getClientAlias()
+ {
+ return clientAlias;
+ }
/*
* (non-Javadoc)
*
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setClientAlias(java.lang.String)
+ */
+ public void setClientAlias(String clientAlias)
+ {
+ this.clientAlias = clientAlias;
+ }
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#getServerAlias
+ */
+ @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "The preferred server alias to be used in an eventual SSL connection")
+ public String getServerAlias()
+ {
+ return keyStoreAlias;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see org.jboss.security.plugins.JaasSecurityDomainMBean#setServerAlias(java.lang.String)
+ */
+ public void setServerAlias(String serverAlias)
+ {
+ this.keyStoreAlias = serverAlias;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
* @see org.jboss.security.plugins.JaasSecurityDomainMBean#reloadKeyAndTrustStore()
*/
@ManagementOperation(description = "Reload the key and trust stores", impact = Impact.WriteOnly)
@@ -886,7 +929,7 @@
KeyManager[] keyManagers = keyMgr.getKeyManagers();
for (int i = 0; i < keyManagers.length; i++)
{
- keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias);
+ keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, clientAlias);
}
}
}
Modified: trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomainMBean.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2010-11-18 18:59:37 UTC (rev 109370)
+++ trunk/security/src/main/java/org/jboss/security/plugins/JaasSecurityDomainMBean.java 2010-11-18 19:15:20 UTC (rev 109371)
@@ -227,4 +227,30 @@
* @param argument for the TrustStore provider
*/
public void setTrustStoreProviderArgument(String argument);
+
+ /**
+ * Gets the preferred client alias to be used in an eventual SSL connection
+ * @return client alias name
+ */
+ public String getClientAlias();
+
+ /**
+ * Sets the preferred client alias to be used in an eventual SSL connection
+ * @param clientAlias client alias name
+ */
+ public void setClientAlias(String clientAlias);
+
+ /**
+ * Gets the preferred server alias to be used in an eventual SSL connection
+ * @deprecated use getKeyStoreAlias() instead
+ * @return client alias name
+ */
+ public String getServerAlias();
+
+ /**
+ * Sets the preferred server alias to be used in an eventual SSL connection
+ * @deprecated use setKeyStoreAlias(String) instead
+ * @param clientAlias client alias name
+ */
+ public void setServerAlias(String serverAlias);
}
Modified: trunk/security/src/main/java/org/jboss/security/plugins/SecurityKeyManager.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/plugins/SecurityKeyManager.java 2010-11-18 18:59:37 UTC (rev 109370)
+++ trunk/security/src/main/java/org/jboss/security/plugins/SecurityKeyManager.java 2010-11-18 19:15:20 UTC (rev 109371)
@@ -38,12 +38,15 @@
{
private X509KeyManager delegate;
- private String keyAlias;
+ private String serverAlias;
- public SecurityKeyManager(X509KeyManager keyManager, String alias)
+ private String clientAlias;
+
+ public SecurityKeyManager(X509KeyManager keyManager, String serverAlias, String clientAlias)
{
this.delegate = keyManager;
- this.keyAlias = alias;
+ this.serverAlias = serverAlias;
+ this.clientAlias = clientAlias;
}
/**
@@ -51,7 +54,9 @@
*/
public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
{
- return keyAlias;
+ if (clientAlias != null)
+ return clientAlias;
+ return delegate.chooseClientAlias(keyType, issuers, socket);
}
/**
@@ -59,7 +64,9 @@
*/
public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
{
- return keyAlias;
+ if (serverAlias != null)
+ return serverAlias;
+ return delegate.chooseServerAlias(keyType, issuers, socket);
}
/**
Modified: trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java
===================================================================
--- trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java 2010-11-18 18:59:37 UTC (rev 109370)
+++ trunk/security/src/main/java/org/jboss/security/ssl/JBossSSLConfiguration.java 2010-11-18 19:15:20 UTC (rev 109371)
@@ -324,7 +324,7 @@
{
for (int i = 0; i < keyManagers.length; i++)
{
- keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias);
+ keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, null);
}
}
return keyManagers;
More information about the jboss-cvs-commits
mailing list