org.jboss.security.plugins
Class JaasSecurityDomain

java.lang.Object
  extended by org.jboss.mx.util.JBossNotificationBroadcasterSupport
      extended by org.jboss.system.ServiceMBeanSupport
          extended by org.jboss.security.plugins.JaasSecurityManager
              extended by org.jboss.security.plugins.JaasSecurityDomain
All Implemented Interfaces:
MBeanRegistration, NotificationBroadcaster, NotificationEmitter, org.jboss.kernel.spi.dependency.KernelControllerContextAware, org.jboss.security.AuthenticationManager, org.jboss.security.BaseSecurityManager, JaasSecurityDomainMBean, org.jboss.security.RealmMapping, org.jboss.security.SecurityDomain, org.jboss.security.SubjectSecurityManager, Service, ServiceMBean

public class JaasSecurityDomain
extends JaasSecurityManager
implements org.jboss.security.SecurityDomain, JaasSecurityDomainMBean

The JaasSecurityDomain is an extension of JaasSecurityManager that addes the notion of a KeyStore, and JSSE KeyManagerFactory and TrustManagerFactory for supporting SSL and other cryptographic use cases. Attributes:

Version:
$Revision: 88376 $
Author:
Scott.Stark@jboss.org, Jason Essington

Field Summary
 
Fields inherited from class org.jboss.system.ServiceMBeanSupport
log, server, SERVICE_CONTROLLER_SIG, serviceName
 
Fields inherited from interface org.jboss.system.ServiceMBean
CREATE_EVENT, CREATED, DESTROY_EVENT, DESTROYED, FAILED, REGISTERED, START_EVENT, STARTED, STARTING, states, STOP_EVENT, STOPPED, STOPPING, UNREGISTERED
 
Constructor Summary
JaasSecurityDomain()
          Creates a default JaasSecurityDomain for with a securityDomain name of 'other'.
JaasSecurityDomain(String securityDomain)
          Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.
JaasSecurityDomain(String securityDomain, CallbackHandler handler)
          Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.
 
Method Summary
 byte[] decode(byte[] secret)
          Decode a secret using the keystore password and PBEwithMD5andDES algo
 byte[] decode64(String secret)
          Decode a secret using the keystore password and PBEwithMD5andDES algo
 byte[] encode(byte[] secret)
          Encode a secret using the keystore password and PBEwithMD5andDES algo
 String encode64(byte[] secret)
          Encode a secret using the keystore password and PBEwithMD5andDES algo
 String getCipherAlgorithm()
           Obtains the cypher algorithm used in then encode and decode operations.
 KeyManagerFactory getKeyManagerFactory()
           
 KeyStore getKeyStore()
           
 String getKeyStoreAlias()
          Get the alias of the KeyStore.
 String getKeyStoreType()
          KeyStore implementation type being used.
 String getKeyStoreURL()
          Get the KeyStore database URL string.
 ObjectName getManagerServiceName()
          The JMX object name string of the security manager service.
 String getName()
           
 String getSecurityDomain()
          Get the name of the security domain associated with this security mgr.
 org.jboss.security.ISecurityManagement getSecurityManagement()
           Obtains a reference to the ISecurityManagement implementation that registered this domain.
 TrustManagerFactory getTrustManagerFactory()
           
 KeyStore getTrustStore()
           
 String getTrustStoreType()
          Get the type of the trust store
 String getTrustStoreURL()
          Get the trust store database URL string.
 void reloadKeyAndTrustStore()
          Reload the key- and truststore
 void setCipherAlgorithm(String cipherAlgorithm)
           Sets the cipher algorithm to be used in the encode and decode operations.
 void setIterationCount(int iterationCount)
          Set the iteration count used with PBE based on the keystore password.
 void setKeyStoreAlias(String alias)
          Set the alias of the KeyStore.
 void setKeyStorePass(String password)
          Set the credential string for the KeyStore.
 void setKeyStoreType(String type)
          Set the type of KeyStore implementation to use.
 void setKeyStoreURL(String storeURL)
          Set the KeyStore database URL string.
 void setManagerServiceName(ObjectName managerServiceName)
          Set the JMX object name string of the security manager service.
 void setSalt(String salt)
          Set the salt used with PBE based on the keystore password.
 void setSecurityManagement(org.jboss.security.ISecurityManagement securityManagement)
           Sets the ISecurityManagement implementation that must be used to register this domain.
 void setTrustStorePass(String password)
          Set the credential string for the trust store.
 void setTrustStoreType(String type)
          Set the type of the trust store
 void setTrustStoreURL(String storeURL)
          Set the trust store database URL string.
protected  void startService()
           
protected  void stopService()
           
 
Methods inherited from class org.jboss.security.plugins.JaasSecurityManager
doesUserHaveRole, flushCache, getActiveSubject, getPrincipal, getTargetPrincipal, getUserRoles, isValid, isValid, setCachePolicy, setDeepCopySubjectOption
 
Methods inherited from class org.jboss.system.ServiceMBeanSupport
create, createService, destroy, destroyService, getDeploymentInfo, getLog, getNextNotificationSequenceNumber, getObjectName, getServer, getServiceName, getState, getStateString, jbossInternalCreate, jbossInternalDescription, jbossInternalDestroy, jbossInternalLifecycle, jbossInternalStart, jbossInternalStop, pojoChange, pojoCreate, pojoDestroy, pojoStart, pojoStop, postDeregister, postRegister, preDeregister, preRegister, setKernelControllerContext, start, stop, unsetKernelControllerContext
 
Methods inherited from class org.jboss.mx.util.JBossNotificationBroadcasterSupport
addNotificationListener, getNotificationInfo, handleNotification, nextNotificationSequenceNumber, removeNotificationListener, removeNotificationListener, sendNotification
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.jboss.security.AuthenticationManager
getActiveSubject, getTargetPrincipal, isValid, isValid
 
Methods inherited from interface org.jboss.security.RealmMapping
doesUserHaveRole, getPrincipal, getUserRoles
 
Methods inherited from interface org.jboss.system.ServiceMBean
getState, getStateString, jbossInternalLifecycle
 
Methods inherited from interface org.jboss.system.Service
create, destroy, start, stop
 

Constructor Detail

JaasSecurityDomain

public JaasSecurityDomain()
Creates a default JaasSecurityDomain for with a securityDomain name of 'other'.


JaasSecurityDomain

public JaasSecurityDomain(String securityDomain)
Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.

Parameters:
securityDomain - , the name of the security domain

JaasSecurityDomain

public JaasSecurityDomain(String securityDomain,
                          CallbackHandler handler)
Creates a JaasSecurityDomain for with a securityDomain name of that given by the 'securityDomain' argument.

Parameters:
securityDomain - , the name of the security domain
handler - , the CallbackHandler to use to obtain login module info
Method Detail

getSecurityDomain

public String getSecurityDomain()
Description copied from class: JaasSecurityManager
Get the name of the security domain associated with this security mgr.

Specified by:
getSecurityDomain in interface org.jboss.security.BaseSecurityManager
Overrides:
getSecurityDomain in class JaasSecurityManager
Returns:
Name of the security manager security domain.

getKeyStoreType

public String getKeyStoreType()
Description copied from interface: JaasSecurityDomainMBean
KeyStore implementation type being used.

Specified by:
getKeyStoreType in interface JaasSecurityDomainMBean
Returns:
the KeyStore implementation type being used.

setKeyStoreType

public void setKeyStoreType(String type)
Description copied from interface: JaasSecurityDomainMBean
Set the type of KeyStore implementation to use. This is passed to the KeyStore.getInstance() factory method.

Specified by:
setKeyStoreType in interface JaasSecurityDomainMBean

getKeyStoreURL

public String getKeyStoreURL()
Description copied from interface: JaasSecurityDomainMBean
Get the KeyStore database URL string.

Specified by:
getKeyStoreURL in interface JaasSecurityDomainMBean

setKeyStoreURL

public void setKeyStoreURL(String storeURL)
                    throws IOException
Description copied from interface: JaasSecurityDomainMBean
Set the KeyStore database URL string. This is used to obtain an InputStream to initialize the KeyStore.

Specified by:
setKeyStoreURL in interface JaasSecurityDomainMBean
Throws:
IOException

setKeyStorePass

public void setKeyStorePass(String password)
                     throws Exception
Description copied from interface: JaasSecurityDomainMBean
Set the credential string for the KeyStore.

Specified by:
setKeyStorePass in interface JaasSecurityDomainMBean
Throws:
Exception

getKeyStoreAlias

public String getKeyStoreAlias()
Description copied from interface: JaasSecurityDomainMBean
Get the alias of the KeyStore.

Specified by:
getKeyStoreAlias in interface JaasSecurityDomainMBean

setKeyStoreAlias

public void setKeyStoreAlias(String alias)
Description copied from interface: JaasSecurityDomainMBean
Set the alias of the KeyStore.

Specified by:
setKeyStoreAlias in interface JaasSecurityDomainMBean

getTrustStoreType

public String getTrustStoreType()
Description copied from interface: JaasSecurityDomainMBean
Get the type of the trust store

Specified by:
getTrustStoreType in interface JaasSecurityDomainMBean
Returns:
the type of the trust store

setTrustStoreType

public void setTrustStoreType(String type)
Description copied from interface: JaasSecurityDomainMBean
Set the type of the trust store

Specified by:
setTrustStoreType in interface JaasSecurityDomainMBean
Parameters:
type - - the trust store implementation type

getTrustStoreURL

public String getTrustStoreURL()
Description copied from interface: JaasSecurityDomainMBean
Get the trust store database URL string.

Specified by:
getTrustStoreURL in interface JaasSecurityDomainMBean

setTrustStoreURL

public void setTrustStoreURL(String storeURL)
                      throws IOException
Description copied from interface: JaasSecurityDomainMBean
Set the trust store database URL string. This is used to obtain an InputStream to initialize the trust store.

Specified by:
setTrustStoreURL in interface JaasSecurityDomainMBean
Throws:
IOException

setTrustStorePass

public void setTrustStorePass(String password)
                       throws Exception
Description copied from interface: JaasSecurityDomainMBean
Set the credential string for the trust store.

Specified by:
setTrustStorePass in interface JaasSecurityDomainMBean
Throws:
Exception

setSalt

public void setSalt(String salt)
Description copied from interface: JaasSecurityDomainMBean
Set the salt used with PBE based on the keystore password.

Specified by:
setSalt in interface JaasSecurityDomainMBean
Parameters:
salt - - an 8 char randomization string

setIterationCount

public void setIterationCount(int iterationCount)
Description copied from interface: JaasSecurityDomainMBean
Set the iteration count used with PBE based on the keystore password.

Specified by:
setIterationCount in interface JaasSecurityDomainMBean
Parameters:
iterationCount - - an iteration count randomization value

getCipherAlgorithm

public String getCipherAlgorithm()

Obtains the cypher algorithm used in then encode and decode operations.

Returns:
a String representing the name of the cipher algorithm.

setCipherAlgorithm

public void setCipherAlgorithm(String cipherAlgorithm)

Sets the cipher algorithm to be used in the encode and decode operations.

Parameters:
cipherAlgorithm - a String representing the name of the cipher algorithm.

getManagerServiceName

public ObjectName getManagerServiceName()
The JMX object name string of the security manager service.

Specified by:
getManagerServiceName in interface JaasSecurityDomainMBean
Returns:
The JMX object name string of the security manager service.

setManagerServiceName

public void setManagerServiceName(ObjectName managerServiceName)
Set the JMX object name string of the security manager service.

Specified by:
setManagerServiceName in interface JaasSecurityDomainMBean

getSecurityManagement

public org.jboss.security.ISecurityManagement getSecurityManagement()

Obtains a reference to the ISecurityManagement implementation that registered this domain.

Returns:
a reference to the ISecurityManagement bean.

setSecurityManagement

public void setSecurityManagement(org.jboss.security.ISecurityManagement securityManagement)

Sets the ISecurityManagement implementation that must be used to register this domain.

Parameters:
securityManagement - a reference to the ISecurityManagement be to be used.

getName

public String getName()
Specified by:
getName in interface ServiceMBean
Overrides:
getName in class ServiceMBeanSupport

getKeyStore

public KeyStore getKeyStore()
                     throws SecurityException
Specified by:
getKeyStore in interface org.jboss.security.SecurityDomain
Throws:
SecurityException

getKeyManagerFactory

public KeyManagerFactory getKeyManagerFactory()
                                       throws SecurityException
Specified by:
getKeyManagerFactory in interface org.jboss.security.SecurityDomain
Throws:
SecurityException

getTrustStore

public KeyStore getTrustStore()
                       throws SecurityException
Specified by:
getTrustStore in interface org.jboss.security.SecurityDomain
Throws:
SecurityException

getTrustManagerFactory

public TrustManagerFactory getTrustManagerFactory()
                                           throws SecurityException
Specified by:
getTrustManagerFactory in interface org.jboss.security.SecurityDomain
Throws:
SecurityException

encode

public byte[] encode(byte[] secret)
              throws Exception
Description copied from interface: JaasSecurityDomainMBean
Encode a secret using the keystore password and PBEwithMD5andDES algo

Specified by:
encode in interface JaasSecurityDomainMBean
Parameters:
secret - - the byte sequence to encrypt
Returns:
the encrypted byte sequence
Throws:
Exception

decode

public byte[] decode(byte[] secret)
              throws Exception
Description copied from interface: JaasSecurityDomainMBean
Decode a secret using the keystore password and PBEwithMD5andDES algo

Specified by:
decode in interface JaasSecurityDomainMBean
Parameters:
secret - - the byte sequence to decrypt
Returns:
the decrypted byte sequence
Throws:
Exception

encode64

public String encode64(byte[] secret)
                throws Exception
Description copied from interface: JaasSecurityDomainMBean
Encode a secret using the keystore password and PBEwithMD5andDES algo

Specified by:
encode64 in interface JaasSecurityDomainMBean
Parameters:
secret - - the byte sequence to encrypt as a base64 string using the Util.tob64() function
Returns:
the encrypted byte sequence
Throws:
Exception

decode64

public byte[] decode64(String secret)
                throws Exception
Description copied from interface: JaasSecurityDomainMBean
Decode a secret using the keystore password and PBEwithMD5andDES algo

Specified by:
decode64 in interface JaasSecurityDomainMBean
Parameters:
secret - - the Util.tob64 string represention to decrypt
Returns:
the decrypted byte sequence
Throws:
Exception

reloadKeyAndTrustStore

public void reloadKeyAndTrustStore()
                            throws Exception
Description copied from interface: JaasSecurityDomainMBean
Reload the key- and truststore

Specified by:
reloadKeyAndTrustStore in interface JaasSecurityDomainMBean
Throws:
Exception

startService

protected void startService()
                     throws Exception
Overrides:
startService in class ServiceMBeanSupport
Throws:
Exception

stopService

protected void stopService()
Overrides:
stopService in class ServiceMBeanSupport


Copyright © 2009 JBoss, a division of Red Hat, Inc.. All Rights Reserved.