| java.lang.Object
 org.apache.tomcat.util.net.jsse.JSSEKeyManager
| JSSEKeyManager | | final public class JSSEKeyManager implements X509KeyManager(Code) | | X509KeyManager which allows selection of a specific keypair and certificate
chain (identified by their keystore alias name) to be used by the server to
authenticate itself to SSL clients.
author:
Jan Luehe |
| Method Summary | |
| public String | chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
Choose an alias to authenticate the client side of a secure socket,
given the public key type and the list of certificate issuer authorities
recognized by the peer (if any).
Parameters:
keyType - The key algorithm type name(s), ordered with themost-preferred key type first
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used
Parameters:
socket - The socket to be used for this connection. | | public String | chooseServerAlias(String keyType, Principal[] issuers, Socket socket)
Returns this key manager's server key alias that was provided in the
constructor.
Parameters:
keyType - The key algorithm type name (ignored)
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used (ignored)
Parameters:
socket - The socket to be used for this connection. | | public X509Certificate[] | getCertificateChain(String alias)
Returns the certificate chain associated with the given alias. | | public String[] | getClientAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the client side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any). | | public PrivateKey | getPrivateKey(String alias)
Returns the key associated with the given alias. | | public String[] | getServerAliases(String keyType, Principal[] issuers)
Get the matching aliases for authenticating the server side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any). |
| JSSEKeyManager | | public JSSEKeyManager(X509KeyManager mgr, String serverKeyAlias)(Code) | | Constructor.
Parameters:
mgr - The X509KeyManager used as a delegate
Parameters:
serverKeyAlias - The alias name of the server's keypair andsupporting certificate chain |
| chooseClientAlias | | public String chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)(Code) | | Choose an alias to authenticate the client side of a secure socket,
given the public key type and the list of certificate issuer authorities
recognized by the peer (if any).
Parameters:
keyType - The key algorithm type name(s), ordered with themost-preferred key type first
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used
Parameters:
socket - The socket to be used for this connection. This parametercan be null, in which case this method will return the most genericalias to use The alias name for the desired key, or null if there are nomatches |
| chooseServerAlias | | public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket)(Code) | | Returns this key manager's server key alias that was provided in the
constructor.
Parameters:
keyType - The key algorithm type name (ignored)
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used (ignored)
Parameters:
socket - The socket to be used for this connection. This parametercan be null, in which case this method will return the most genericalias to use (ignored) Alias name for the desired key |
| getCertificateChain | | public X509Certificate[] getCertificateChain(String alias)(Code) | | Returns the certificate chain associated with the given alias.
Parameters:
alias - The alias name Certificate chain (ordered with the user's certificate firstand the root certificate authority last), or null if the alias can't befound |
| getClientAliases | | public String[] getClientAliases(String keyType, Principal[] issuers)(Code) | | Get the matching aliases for authenticating the client side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
Parameters:
keyType - The key algorithm type name
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used Array of the matching alias names, or null if there were nomatches |
| getPrivateKey | | public PrivateKey getPrivateKey(String alias)(Code) | | Returns the key associated with the given alias.
Parameters:
alias - The alias name The requested key, or null if the alias can't be found |
| getServerAliases | | public String[] getServerAliases(String keyType, Principal[] issuers)(Code) | | Get the matching aliases for authenticating the server side of a secure
socket, given the public key type and the list of certificate issuer
authorities recognized by the peer (if any).
Parameters:
keyType - The key algorithm type name
Parameters:
issuers - The list of acceptable CA issuer subject names, or nullif it does not matter which issuers are used Array of the matching alias names, or null if there were nomatches |
|
|