org.eclipse.ohf.ihe.common.atna
Class SecurityDomain

java.lang.Object
  org.eclipse.ohf.ihe.common.atna.SecurityDomain

public class SecurityDomain
extends java.lang.Object

Contains Keystore and Truststore instances for use by secure socket and https connections, as well as protocol, debug, and cipher suite choices for secure connections.

SecurityDomain objects are managed via the ConfigurationManager

Since:

OHF 0.1.0

Author:

Glenn Deen glenn@almaden.ibm.com

Field Summary

static java.lang.String	DEFAULT_HTTPS_CIPHERSUITES Default CIPHER SUITE which will be used unless overriddent: "TLS_RSA_WITH_NULL_SHA,TLS_RSA_WITH_AES_128_CBC_SHA"
static java.lang.String	DEFAULT_HTTPS_PROTOCOLS Default https.protocols value unless specified otherwise: "TLSv1"
static java.lang.String	DEFAULT_SECURITY_DOMAIN Name of the default security domain
static java.lang.String	HTTPS_CIPHERSUITES
static java.lang.String	HTTPS_PROTOCOLS
static java.lang.String	JAVAX_NET_DEBUG
static java.lang.String	JAVAX_NET_SSL_KEYSTORE
static java.lang.String	JAVAX_NET_SSL_KEYSTORE_PASSWORD
static java.lang.String	JAVAX_NET_SSL_TRUSTSTORE
static java.lang.String	JAVAX_NET_SSL_TRUSTSTORE_PASSWORD
static java.lang.String	TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA
static java.lang.String	TLS_RSA_WITH_NULL_SHA TLS_RSA_WITH_NULL_SHA

Constructor Summary

SecurityDomain(java.lang.String name, java.util.Properties properties)
Properites file requires the following properties to be set
Key Store:
javax.net.ssl.keyStore=XXX
javax.net.ssl.keyStorePassword=XXX (if not present, defaults to "")

optional:
Trust Store:
javax.net.ssl.trustStore=XXX If this is not present, then no truststore is initialized
javax.net.ssl.trustStorePassword=XXX - if not present, defaults to "" http.ciphersuites=XXX list of suites to use.

Method Summary

java.lang.String[]	getCipherSuites()
javax.net.ssl.KeyManagerFactory	getKeyManagerFactory()
java.security.KeyStore	getKeyStore()
java.lang.String	getName() Returns the name of the security domain
javax.net.ssl.TrustManagerFactory	getTrustManagerFactory()
java.security.KeyStore	getTrustStore()
void	restoreSystemEnvironment() Restores the System environmnet to what it was before Also see setDomainEnvironment()
void	setDomainEnvironment() Sets the System environment to support the Security Domain's settings.
void	setProperties(java.util.Properties properties)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

JAVAX_NET_DEBUG

public static final java.lang.String JAVAX_NET_DEBUG

See Also:

Constant Field Values

JAVAX_NET_SSL_TRUSTSTORE

public static final java.lang.String JAVAX_NET_SSL_TRUSTSTORE

See Also:

Constant Field Values

JAVAX_NET_SSL_KEYSTORE

public static final java.lang.String JAVAX_NET_SSL_KEYSTORE

See Also:

Constant Field Values

JAVAX_NET_SSL_TRUSTSTORE_PASSWORD

public static final java.lang.String JAVAX_NET_SSL_TRUSTSTORE_PASSWORD

See Also:

Constant Field Values

JAVAX_NET_SSL_KEYSTORE_PASSWORD

public static final java.lang.String JAVAX_NET_SSL_KEYSTORE_PASSWORD

See Also:

Constant Field Values

HTTPS_CIPHERSUITES

public static final java.lang.String HTTPS_CIPHERSUITES

See Also:

Constant Field Values

HTTPS_PROTOCOLS

public static final java.lang.String HTTPS_PROTOCOLS

See Also:

Constant Field Values

TLS_RSA_WITH_AES_128_CBC_SHA

public static java.lang.String TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_RSA_WITH_NULL_SHA

public static java.lang.String TLS_RSA_WITH_NULL_SHA

TLS_RSA_WITH_NULL_SHA

DEFAULT_HTTPS_CIPHERSUITES

public static java.lang.String DEFAULT_HTTPS_CIPHERSUITES

Default CIPHER SUITE which will be used unless overriddent: "TLS_RSA_WITH_NULL_SHA,TLS_RSA_WITH_AES_128_CBC_SHA"

DEFAULT_HTTPS_PROTOCOLS

public static java.lang.String DEFAULT_HTTPS_PROTOCOLS

Default https.protocols value unless specified otherwise: "TLSv1"

DEFAULT_SECURITY_DOMAIN

public static java.lang.String DEFAULT_SECURITY_DOMAIN

Name of the default security domain

Constructor Detail

SecurityDomain

public SecurityDomain(java.lang.String name,
                      java.util.Properties properties)
               throws SecurityDomainException

Properites file requires the following properties to be set
Key Store:
javax.net.ssl.keyStore=XXX
javax.net.ssl.keyStorePassword=XXX (if not present, defaults to "")

optional:
Trust Store:
javax.net.ssl.trustStore=XXX If this is not present, then no truststore is initialized
javax.net.ssl.trustStorePassword=XXX - if not present, defaults to "" http.ciphersuites=XXX list of suites to use. IHE recommends TLS_RSA_WITH_NULL_SHA and TLS_RSA_WITH_AES_CBC_SHA
http.protocols=XXX comma seperarate list of protocols to use. IHE recommends TLSv1
Debugging options:
javax.net.debug

Parameters:

name - name of the name

properties -

Throws:

SecurityDomainException

Method Detail

setProperties

public void setProperties(java.util.Properties properties)
                   throws SecurityDomainException

Throws:

SecurityDomainException

setDomainEnvironment

public void setDomainEnvironment()

Sets the System environment to support the Security Domain's settings. This is used for protocols which only read their crypto settings via environment variables.
Also see restoreSystemEnvironment()

restoreSystemEnvironment

public void restoreSystemEnvironment()

Restores the System environmnet to what it was before
Also see setDomainEnvironment()

getKeyStore

public java.security.KeyStore getKeyStore()

getTrustStore

public java.security.KeyStore getTrustStore()

getKeyManagerFactory

public javax.net.ssl.KeyManagerFactory getKeyManagerFactory()

getTrustManagerFactory

public javax.net.ssl.TrustManagerFactory getTrustManagerFactory()

getName

public java.lang.String getName()

Returns the name of the security domain

Returns:

getCipherSuites

public java.lang.String[] getCipherSuites()