- com
- pcbsys
- nirvana
- nAdminAPI
- nSSLInterface
This class contains all the configuration required by the Nirvana Realm server to start and control the SSL interface. More...
Public Member Functions | |
| String | getAlias () |
| Returns the certificate name/alias that this interface uses as its primary certificate. More... | |
| boolean | getCertRequired () |
| Returns whether this interface requires SSL client authentication or not. More... | |
| String | getCRLFile () |
| Returns the Certificate revocation list that the server uses. More... | |
| String | getCRLValidationClassName () |
| Any class that extends com.pcbsys.nirvana.server.api.nSSLCertficateValidator can be used by the server to perform CRL management. More... | |
| String[] | getEnabledCiphers () |
| Returns an array of strings which represent the current Ciphers enabled for use by this interface. More... | |
| String | getKeyStore () |
| Returns the name of the keystore file that this interface uses to load the certificate from. More... | |
| String | getPKCS11ConfigFile () |
| String | getPKCS11NSSName () |
| String | getProvider () |
| Get the name of the JSSE provider used by this SSL interface. More... | |
| String | getRandomAlgorithm () |
| Returns the SecureRandom algoritm used for this interface. More... | |
| String | getRandomProvider () |
| Returns the SecureRandom provider used by this interface. More... | |
| String[] | getSupportedCiphers () |
| Returns an array of ciphers this this interface can be configured for use by this interface. More... | |
| String | getTrustStore () |
| Returns the current truststore file that this interface uses to validate the client certificate chain against. More... | |
| nSSLInterface (String adapter, int port) throws nAdminIllegalArgumentException | |
| Creates a new SSL interface bound to the adapter and port supplied. More... | |
| nSSLInterface (String adapter, int port, boolean autostart) throws nAdminIllegalArgumentException | |
| Creates a new SSL interface bound to the adapter and port supplied. More... | |
| void | setAlias (String alias) throws nAdminIllegalArgumentException |
| Sets the certificate name/alias that this interface will use to select its certificate from a keystore with multiple entries. More... | |
| void | setCertRequired (boolean required) |
| Specifies whether this interface requires SSL client authentication or not. More... | |
| void | setCRLFile (String fileName) |
| Sets the Certificate revocation list file name that the interface should use to check the incomming ssl connections. More... | |
| void | setCRLValidationClassName (String className) |
| Any class that extends com.pcbsys.nirvana.server.api.nSSLCertficateValidator can be used by the server to perform CRL management. More... | |
| void | setEnabledCiphers (String[] ciphers) throws nAdminIllegalArgumentException |
| Specifies the names of the ciphers enabled for use by this interface. More... | |
| void | setEnabledCiphers (String[] ciphers, boolean checkSupported) throws nAdminIllegalArgumentException |
| Specifies the names of the ciphers enabled for use by this interface. More... | |
| void | setKeyStore (String keyStore) throws nAdminIllegalArgumentException |
| Sets the keystore file that this interface uses to load the certificate from. More... | |
| void | setKeyStorePassword (String keyStorePassword) throws nAdminIllegalArgumentException |
| Sets the keystore password that this interface will use to access the keystore file specified. More... | |
| void | setPKCS11ConfigFile (String location) |
| void | setPKCS11NSSName (String name) |
| void | setPrivateKeyPassword (String password) throws nAdminIllegalArgumentException |
| Sets the private key password so that the key can be loaded from the key store. More... | |
| void | setProvider (String provider) |
| Sets the name of the JSSE provider to use for the interface. More... | |
| void | setRandomAlgorithm (String alg) |
| Sets the SecureRandom algorithm to use for this interface. More... | |
| void | setRandomProvider (String prov) |
| Sets the SecureRandom provider to use for this interface. More... | |
| void | setTrustStore (String trustStore) throws nAdminIllegalArgumentException |
| Sets the truststore file that this interface uses to validate the client certificate against. More... | |
| void | setTrustStorePassword (String trustStorePassword) throws nAdminIllegalArgumentException |
| Changes the truststore's password that the server uses to access the trust store. More... | |
 Public Member Functions inherited from com.pcbsys.nirvana.nAdminAPI.nSocketInterface | |
| void | enablePolicyServer (boolean flag) |
| Returns true if the policy server is enables. More... | |
| boolean | isPolicyServerEnabled () |
| Returns true if the policy server is enables. More... | |
| nSocketInterface (String adapter, int port) throws nAdminIllegalArgumentException | |
| Creates a new Socket Interface with the supplied values. More... | |
| nSocketInterface (String adapter, int port, boolean autostart) throws nAdminIllegalArgumentException | |
| Creates a new Socket Interface with the supplied values. More... | |
| Public Member Functions inherited from com.pcbsys.nirvana.nAdminAPI.nInterface | |
| boolean | canAdvertise () |
| Will this interface be used by other realms to send client redirects to. More... | |
| String | getAdapaterAlias () |
| Returns the interfaces known alias's. More... | |
| int | getAuthTimeOut () |
| Returns the number of milliseconds that the remote client has to authenticate with the server before the server closes the communications with the client. More... | |
| int | getBacklog () |
| The number of socket connect requests that the Operating System will queue before sending a reject to the remote client. More... | |
| String | getProtocol () |
| Returns the protocol string used by this interface. More... | |
| int | getRecvBufferSize () |
| Return the socket buffer size in bytes used by this interface when receiving data. More... | |
| int | getSelectThreadSize () |
| Returns the number of select threads used by NIO. More... | |
| int | getSendBufferSize () |
| Return the socket buffer size in bytes used by this interface when sending data. More... | |
| int | getThreadCount () |
| Returns the current Thread Pool size that handles client socket connections. More... | |
| nACL | getViaList () |
| Retrieves the interfaces Via list. More... | |
| boolean | isAllowNIO () |
| Returns whether NIO is enabled on this interface. More... | |
| boolean | isClientConnectionsAllowed () |
| Returns whether this interface can be used by clients to connect. More... | |
| boolean | isInterRealmAllow () |
| Returns whether this interface is allowed to be used in inter realm / cluster communication. More... | |
| void | setAdapterAlias (String alias) |
| Sets the interfaces alias. More... | |
| void | setAdvertise (boolean flag) |
| Change the current advertise status for this interface. More... | |
| void | setAllowClientConnections (boolean clientconnections) |
| Sets whether this interface can accept client connections or not. More... | |
| void | setAllowNIO (boolean allowNIO) |
| Set whether NIO is enabled on the interface. More... | |
| void | setAuthTimeOut (int timeout) throws nAdminIllegalArgumentException |
| Changes the number of milliseconds that the remote client has to authenticate with the server. More... | |
| void | setBacklog (int backlog) throws nAdminIllegalArgumentException |
| Changes the number of connections to queue before the Operating System will send rejects to the remote client. More... | |
| void | setInterRealmAllow (boolean interealmAllow) |
| Sets whether this interface is allowed to be used in inter realm / cluster communication. More... | |
| void | setManager (nInterfaceManager im) |
| Set the Interface Manager. More... | |
| void | setRecvBufferSize (int myRecvBufferSize) |
| Set the socket buffer size in bytes used by this interface when receiving data. More... | |
| void | setSelectThreadSize (int selectThreadSize) |
| Sets the number of select threads used by NIO. More... | |
| void | setSendBufferSize (int mySendBufferSize) |
| Set the socket buffer size in bytes used by this interface when sending data. More... | |
| void | setThreadCount (int count) throws nAdminIllegalArgumentException |
| Changes the thread pool size handling the client connections. More... | |
| void | setViaList (nACL acl) throws nInsufficientPrivilegesException, nNodeException, nBaseAdminException |
| Commits the nACL object passed in with the Realm Server. More... | |
| String | toString () |
| Return a string representation of the interface details. More... | |
| Public Member Functions inherited from com.pcbsys.nirvana.nAdminAPI.nBaseInterface | |
| String | getAdapter () |
| Get the adapter that this interface will use. More... | |
| String | getName () |
| Get the name of this interface. More... | |
| int | getPort () |
| Get the port that this interface will bind to at startup. More... | |
| String | getURL () |
| Get the URL that specifies this interface. More... | |
| void | setAutostart (boolean flag) |
| Change the current Autostart status for this interface. More... | |
| boolean | willAutostart () |
| Will this interface automatically be started when the Realm Server starts. More... | |
This class contains all the configuration required by the Nirvana Realm server to start and control the SSL interface.
| com.pcbsys.nirvana.nAdminAPI.nSSLInterface.nSSLInterface | ( | String | adapter, |
| int | port | ||
| ) | throws nAdminIllegalArgumentException |
Creates a new SSL interface bound to the adapter and port supplied.
| adapter | to bind to |
| port | to bind to |
| nAdminIllegalArgumentException | if the adapter is null or the port is in an invalid range |
| com.pcbsys.nirvana.nAdminAPI.nSSLInterface.nSSLInterface | ( | String | adapter, |
| int | port, | ||
| boolean | autostart | ||
| ) | throws nAdminIllegalArgumentException |
Creates a new SSL interface bound to the adapter and port supplied.
| adapter | to bind to |
| port | to bind to |
| autostart | Shoud it be autostarted |
| nAdminIllegalArgumentException | if the adapter is null or the port is in an invalid range |
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getAlias | ( | ) |
Returns the certificate name/alias that this interface uses as its primary certificate.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| boolean com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getCertRequired | ( | ) |
Returns whether this interface requires SSL client authentication or not.
If this is set to false then this interface allows anonymous connections using SSL. Otherwise the client must have and present a valid certificate chain during the SSL handshake.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getCRLFile | ( | ) |
Returns the Certificate revocation list that the server uses.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getCRLValidationClassName | ( | ) |
Any class that extends com.pcbsys.nirvana.server.api.nSSLCertficateValidator can be used by the server to perform CRL management.
The class name can be supplied per interface and then when a client connects a callout is issued to this class to validate the connection.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String [] com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getEnabledCiphers | ( | ) |
Returns an array of strings which represent the current Ciphers enabled for use by this interface.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getKeyStore | ( | ) |
Returns the name of the keystore file that this interface uses to load the certificate from.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getPKCS11ConfigFile | ( | ) |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getPKCS11NSSName | ( | ) |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getProvider | ( | ) |
Get the name of the JSSE provider used by this SSL interface.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getRandomAlgorithm | ( | ) |
Returns the SecureRandom algoritm used for this interface.
If it is null it uses the system default algorithm.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getRandomProvider | ( | ) |
Returns the SecureRandom provider used by this interface.
If it is null it uses the system default provider.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String [] com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getSupportedCiphers | ( | ) |
Returns an array of ciphers this this interface can be configured for use by this interface.
If the cipher is not in this list then the interface can not support it.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| String com.pcbsys.nirvana.nAdminAPI.nSSLInterface.getTrustStore | ( | ) |
Returns the current truststore file that this interface uses to validate the client certificate chain against.
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setAlias | ( | String | alias | ) | throws nAdminIllegalArgumentException |
Sets the certificate name/alias that this interface will use to select its certificate from a keystore with multiple entries.
| alias | the name/alias to use as a String |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setCertRequired | ( | boolean | required | ) |
Specifies whether this interface requires SSL client authentication or not.
If this is set to false then this interface allows anonymous connections using SSL. Otherwise the client must have and present a valid certificate chain during the SSL handshake.
| required | a boolean specifying if this interface will force client authentication |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setCRLFile | ( | String | fileName | ) |
Sets the Certificate revocation list file name that the interface should use to check the incomming ssl connections.
Is only used when client certificates are required. The file should be in a standard X.509 Certificate Revocation List (CRL)
| fileName | the file name used as the CRL |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setCRLValidationClassName | ( | String | className | ) |
Any class that extends com.pcbsys.nirvana.server.api.nSSLCertficateValidator can be used by the server to perform CRL management.
The class name can be supplied per interface and then when a client connects a callout is issued to this class to validate the connection.
| className | the classname of the certificate validator to use within this interface |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setEnabledCiphers | ( | String[] | ciphers | ) | throws nAdminIllegalArgumentException |
Specifies the names of the ciphers enabled for use by this interface.
| ciphers | a String[] of ciphers enabled for use by this interface |
| nAdminIllegalArgumentException | if an empty or null array is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setEnabledCiphers | ( | String[] | ciphers, |
| boolean | checkSupported | ||
| ) | throws nAdminIllegalArgumentException |
Specifies the names of the ciphers enabled for use by this interface.
| ciphers | a String[] of ciphers enabled for use by this interface |
| checkSupported | a boolean to indicate whether to validate the list against those ciphers supported by the server |
| nAdminIllegalArgumentException | if an empty or null array is specified |
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setKeyStore | ( | String | keyStore | ) | throws nAdminIllegalArgumentException |
Sets the keystore file that this interface uses to load the certificate from.
| keyStore | the new keystore name as a String |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setKeyStorePassword | ( | String | keyStorePassword | ) | throws nAdminIllegalArgumentException |
Sets the keystore password that this interface will use to access the keystore file specified.
| keyStorePassword | the new password as a string |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setPKCS11ConfigFile | ( | String | location | ) |
| config | is the location of the NSS configuration file on the file system |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setPKCS11NSSName | ( | String | name | ) |
| name | is the unique identifier in the NSS configuration file for identification purposes |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setPrivateKeyPassword | ( | String | password | ) | throws nAdminIllegalArgumentException |
Sets the private key password so that the key can be loaded from the key store.
| password | for the private key as a String |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setProvider | ( | String | provider | ) |
Sets the name of the JSSE provider to use for the interface.
| provider | the name of the JSSE provider to use |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setRandomAlgorithm | ( | String | alg | ) |
Sets the SecureRandom algorithm to use for this interface.
| alg | the name of the new SecureRandom algorithm to use |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setRandomProvider | ( | String | prov | ) |
Sets the SecureRandom provider to use for this interface.
| prov | the name of the new SecureRandom provider to use |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setTrustStore | ( | String | trustStore | ) | throws nAdminIllegalArgumentException |
Sets the truststore file that this interface uses to validate the client certificate against.
| trustStore | the new truststore file to use |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.
| void com.pcbsys.nirvana.nAdminAPI.nSSLInterface.setTrustStorePassword | ( | String | trustStorePassword | ) | throws nAdminIllegalArgumentException |
Changes the truststore's password that the server uses to access the trust store.
| trustStorePassword | the new password to use as a String |
| nAdminIllegalArgumentException | if an illegal argument is specified |
Implements com.pcbsys.nirvana.nAdminAPI.nSSLInterfaceAPI.