Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  /*
   *  Licensed to the Apache Software Foundation (ASF) under one or more
   *  contributor license agreements.  See the NOTICE file distributed with
   *  this work for additional information regarding copyright ownership.
   *  The ASF licenses this file to You under the Apache License, Version 2.0
   *  (the "License"); you may not use this file except in compliance with
   *  the License.  You may obtain a copy of the License at
   *
   *      http://www.apache.org/licenses/LICENSE-2.0
  *
  *  Unless required by applicable law or agreed to in writing, software
  *  distributed under the License is distributed on an "AS IS" BASIS,
  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  */
 
 package org.apache.tomcat.util.net.jsse;
 
 
X509KeyManager which allows selection of a specific keypair and certificate chain (identified by their keystore alias name) to be used by the server to authenticate itself to SSL clients.

Author(s):
Jan Luehe
 
 public final class JSSEKeyManager extends X509ExtendedKeyManager {
 
     private X509KeyManager delegate;
     private String serverKeyAlias;

    
Constructor.

Parameters:
mgr The X509KeyManager used as a delegate
serverKeyAlias The alias name of the server's keypair and supporting certificate chain
 
     public JSSEKeyManager(X509KeyManager mgrString serverKeyAlias) {
         super();
         this. = mgr;
         this. = serverKeyAlias;
     }

    
Choose an alias to authenticate the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:
keyType The key algorithm type name(s), ordered with the most-preferred key type first
issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
socket The socket to be used for this connection. This parameter can be null, in which case this method will return the most generic alias to use
Returns:
The alias name for the desired key, or null if there are no matches
 
     @Override
     public String chooseClientAlias(String[] keyTypePrincipal[] issuers,
                                     Socket socket) {
         return .chooseClientAlias(keyTypeissuerssocket);
     }

    
Returns this key manager's server key alias that was provided in the constructor.

Parameters:
keyType Ignored
issuers Ignored
socket Ignored
Returns:
Alias name for the desired key
 
     @Override
     public String chooseServerAlias(String keyTypePrincipal[] issuers,
                                     Socket socket) {
         return ;
     }

    
Returns the certificate chain associated with the given alias.

Parameters:
alias The alias name
Returns:
Certificate chain (ordered with the user's certificate first and the root certificate authority last), or null if the alias can't be found
    @Override
    public X509Certificate[] getCertificateChain(String alias) {
        return .getCertificateChain(alias); 
    }

    
Get the matching aliases for authenticating the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:
keyType The key algorithm type name
issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
Returns:
Array of the matching alias names, or null if there were no matches
    @Override
    public String[] getClientAliases(String keyTypePrincipal[] issuers) {
        return .getClientAliases(keyTypeissuers);
    }

    
Get the matching aliases for authenticating the server side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:
keyType The key algorithm type name
issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
Returns:
Array of the matching alias names, or null if there were no matches
    @Override
    public String[] getServerAliases(String keyTypePrincipal[] issuers) {
        return .getServerAliases(keyTypeissuers);
    }

    
Returns the key associated with the given alias.

Parameters:
alias The alias name
Returns:
The requested key, or null if the alias can't be found
    @Override
    public PrivateKey getPrivateKey(String alias) {
        return .getPrivateKey(alias);
    }

    
Choose an alias to authenticate the client side of a secure socket, given the public key type and the list of certificate issuer authorities recognized by the peer (if any).

Parameters:
keyType The key algorithm type name(s), ordered with the most-preferred key type first
issuers The list of acceptable CA issuer subject names, or null if it does not matter which issuers are used
engine Ignored
Returns:
The alias name for the desired key, or null if there are no matches
    @Override
    public String chooseEngineClientAlias(String[] keyTypePrincipal[] issuers,
            SSLEngine engine) {
        return .chooseClientAlias(keyTypeissuersnull);
    }

    
Returns this key manager's server key alias that was provided in the constructor.

Parameters:
keyType Ignored
issuers Ignored
engine Ignored
Returns:
Alias name for the desired key
    @Override
    public String chooseEngineServerAlias(String keyTypePrincipal[] issuers,
            SSLEngine engine) {
        return ;
    }
New to GrepCode? Check out our FAQ X