Package org.apache.tomcat.util.net.jsse

Class JSSEKeyManager

java.lang.Object

javax.net.ssl.X509ExtendedKeyManager

org.apache.tomcat.util.net.jsse.JSSEKeyManager

All Implemented Interfaces:

KeyManager, X509KeyManager

public final class JSSEKeyManager
extends X509ExtendedKeyManager

X509KeyManager which allows selection of a specific key pair and certificate chain (identified by their keystore alias name) to be used by the server to authenticate itself to SSL clients.

Author:

Jan Luehe

Constructor Summary

Constructors

Constructor	Description
JSSEKeyManager(X509KeyManager mgr, String serverKeyAlias)	Constructor.

Method Summary

Modifier and Type	Method	Description
String	chooseClientAlias(String[] keyType, Principal[] issuers, Socket socket)
String	chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine engine)
String	chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine engine)	Returns the server key alias that was provided in the constructor or the result from X509ExtendedKeyManager.chooseEngineServerAlias(String, Principal[], SSLEngine) for the delegate if no alias is specified.
String	chooseServerAlias(String keyType, Principal[] issuers, Socket socket)	Returns the server key alias that was provided in the constructor or the result from X509KeyManager.chooseServerAlias(String, Principal[], Socket) for the delegate if no alias is specified.
X509Certificate[]	getCertificateChain(String alias)
String[]	getClientAliases(String keyType, Principal[] issuers)
PrivateKey	getPrivateKey(String alias)
String[]	getServerAliases(String keyType, Principal[] issuers)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

JSSEKeyManager

public JSSEKeyManager(X509KeyManager mgr,
 String serverKeyAlias)

Constructor.

Parameters:

mgr - The X509KeyManager used as a delegate

serverKeyAlias - The alias name of the server's key pair and supporting certificate chain

Method Details

chooseServerAlias

public String chooseServerAlias(String keyType,
 Principal[] issuers,
 Socket socket)

Returns the server key alias that was provided in the constructor or the result from X509KeyManager.chooseServerAlias(String, Principal[], Socket) for the delegate if no alias is specified.

chooseEngineServerAlias

public String chooseEngineServerAlias(String keyType,
 Principal[] issuers,
 SSLEngine engine)

Returns the server key alias that was provided in the constructor or the result from X509ExtendedKeyManager.chooseEngineServerAlias(String, Principal[], SSLEngine) for the delegate if no alias is specified.

Overrides:

chooseEngineServerAlias in class X509ExtendedKeyManager

chooseClientAlias

public String chooseClientAlias(String[] keyType,
 Principal[] issuers,
 Socket socket)

getCertificateChain

public X509Certificate[] getCertificateChain(String alias)

getClientAliases

public String[] getClientAliases(String keyType,
 Principal[] issuers)

getServerAliases

public String[] getServerAliases(String keyType,
 Principal[] issuers)

getPrivateKey

public PrivateKey getPrivateKey(String alias)

chooseEngineClientAlias

public String chooseEngineClientAlias(String[] keyType,
 Principal[] issuers,
 SSLEngine engine)

Overrides:

chooseEngineClientAlias in class X509ExtendedKeyManager