| Interface | Description |
|---|---|
| KeyAuthorizationKeyProvider.KeyACLs |
Interface that needs to be implemented by a client of the
KeyAuthorizationKeyProvider. |
| Class | Description |
|---|---|
| EagerKeyGeneratorKeyProviderCryptoExtension |
A
KeyProviderCryptoExtension that pre-generates and caches encrypted
keys. |
| KeyAuthorizationKeyProvider |
A
KeyProvider proxy that checks whether the current user derived via
UserGroupInformation, is authorized to perform the following
type of operations on a Key :
MANAGEMENT operations : createKey, rollNewVersion, deleteKey
GENERATE_EEK operations : generateEncryptedKey, warmUpEncryptedKeys
DECRYPT_EEK operation : decryptEncryptedKey
READ operations : getKeyVersion, getKeyVersions, getMetadata,
getKeysMetadata, getCurrentKey
The read operations (getCurrentKeyVersion / getMetadata) etc are not checked. |
| KMS |
Class providing the REST bindings, via Jersey, for the KMS.
|
| KMSACLs |
Provides access to the
AccessControlLists used by KMS,
hot-reloading them if the kms-acls.xml file where the ACLs
are defined has been updated. |
| KMSAudit |
Provides convenience methods for audit logging consistently the different
types of events.
|
| KMSAuthenticationFilter |
Authentication filter that takes the configuration from the KMS configuration
file.
|
| KMSConfiguration |
Utility class to load KMS configuration files.
|
| KMSExceptionsProvider |
Jersey provider that converts KMS exceptions into detailed HTTP errors.
|
| KMSJMXServlet | |
| KMSJSONReader | |
| KMSJSONWriter |
Jersey provider that converts
Maps and Lists
to their JSON representation. |
| KMSMDCFilter |
Servlet filter that captures context of the HTTP request to be use in the
scope of KMS calls on the server side.
|
| KMSServerJSONUtils |
JSON utility methods for the KMS.
|
| KMSWebApp |
| Enum | Description |
|---|---|
| KeyAuthorizationKeyProvider.KeyOpType | |
| KMS.KMSOp | |
| KMSACLs.Type | |
| KMSAudit.OpStatus |
Copyright © 2018 CERN. All Rights Reserved.