public static SSLSocketFactory getSocketFactory(X509CertificateChain chain) { KeyStore ts = null; KeyStore ks = null; if (chain != null) ks = getKeyStore(chain.getChain(), chain.getPrivateKey()); return getSocketFactory(ks, ts); }
private static Subject initSubjectByPem(String fnPem, boolean nullOnNotFound) { File certKeyFile = loadFile(fnPem, nullOnNotFound); if (nullOnNotFound && certKeyFile == null) return null; return SSLUtil.createSubject(certKeyFile); }
/** * Convenience method that uses a ServletPrincipalExtractor. * * @param request The HTTP Request. * @return a Subject with all available request content * @see #getSubject(PrincipalExtractor) */ public static Subject getSubject(final HttpServletRequest request) { return getSubject(new ServletPrincipalExtractor(request)); }
private AuthMethod getAuthMethod() throws AccessControlException { Subject subject = AuthenticationUtil.getCurrentSubject(); AuthMethod am = AuthenticationUtil.getAuthMethodFromCredentials(subject); if (am == null || am.equals(AuthMethod.ANON)) { throw new AccessControlException("Anonymous access not supported."); } return am; }
/** * Create a subject with the specified certificate chain and private key. * This method constructs an X509CertificateChain and then calls * getSubject(X509CertificateChain). * * @param certs a non-null and non-empty certificate chain * @param key optional private key * @return a Subject */ public static Subject getSubject(X509Certificate[] certs, PrivateKey key) { final X509CertificateChain chain = new X509CertificateChain(certs, key); return getSubject(chain); }
/** * Init a subject from the command line and throw an exception if not * successful. * * @see initSubject(ArgumentMap) * @param argMap * @return */ public static Subject initSubject(ArgumentMap argMap) { return initSubject(argMap, false); }
/** * This method gets the distinguished name from toOwnerString and massages it * for persistence: canonical form and convert to lower case. * * @param subject * @return persistable distinguished name or null if there is no * X500Principal in the subject */ public Object toOwner(Subject subject) { String dn = toOwnerString(subject); if (dn != null) return AuthenticationUtil.canonizeDistinguishedName(dn); return dn; }
private static Subject augmentSubject(Subject s) { final Authenticator auth = getAuthenticator(); if (auth != null) { return auth.getSubject(s); } return s; }
/** * Parse the given text into a DelegationToken object. * * @param text The token string. * @param requestURI The HTTP Request URI * @return DelegationToken instance. Never null. * @throws InvalidDelegationTokenException If the given token cannot be parsed. */ public static DelegationToken parse(String text, String requestURI) throws InvalidDelegationTokenException { return parse(text, requestURI, null); }
protected void augmentSubject(Subject subject) { ACIdentityManager identityManager = new ACIdentityManager(); identityManager.augmentSubject(subject); }
/** * Generate a new cookie value for the set of Principals. * * @param principalSet The HttpPrincipal to generate the value from. * @return string of the value. never null. * @throws IOException Any errors with writing and generation. * @throws InvalidKeyException Signing key is invalid */ public final String generate(final Set<Principal> principalSet, URI scope) throws InvalidKeyException, IOException { return generate(principalSet, scope, getExpirationDate()); }
public static X509CertificateChain findPrivateKeyChain(Set<Object> publicCredentials) { for (Object credential : publicCredentials) { if (credential instanceof X509CertificateChain) { X509CertificateChain chain = (X509CertificateChain) credential; if (chain.getPrivateKey() != null) { return chain; } } } return null; }
/** * For constructed field, return a parser for its content. * * @return A parser for the construct. * @throws IOException */ public DerParser getParser() throws IOException { if (!isConstructed()) throw new IOException("Invalid DER: can't parse primitive entity"); //$NON-NLS-1$ return new DerParser(value); }
@Override public String toString() { return getName(); }
public void verifyScope(URI scope, String requestURI) throws InvalidDelegationTokenException { throw new InvalidDelegationTokenException("default: invalid scope"); } }
/** * Serializes and signs the object into a string of attribute-value pairs. * * @param token the token to format * the returned string * @return String with DelegationToken information * @throws IOException Any IO Errors. * @throws InvalidKeyException If the signature cannot be completed. */ public static String format(DelegationToken token) throws InvalidKeyException, IOException { return format(token, TokenEncoding.BASE64); }
public X509CertificateChain(X500Principal principal, PrivateKey privateKey, String csrString) { this.principal = principal; this.csrString = csrString; this.key = privateKey; this.hashKey = genHashKey(principal); this.chain = null; this.endEntity = null; }
public void setChain(X509Certificate[] chain) { this.chain = chain; genExpiryDate(); }
public HttpPrincipal getUser() { return getPrincipalByClass(HttpPrincipal.class); }
private static Subject initSubjectByCertKey(String fnCert, String fnKey, boolean nullOnNotFound) { File certFile = loadFile(fnCert, nullOnNotFound); File keyFile = loadFile(fnKey, nullOnNotFound); if (nullOnNotFound && certFile == null && keyFile == null) return null; return SSLUtil.createSubject(certFile, keyFile); }