com.sun.enterprise.admin.util.SecureAdminClientManager
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class SecureAdminClientManager
Encapsulates the implementation of secure admin.
A process that needs to send admin messages to another server and might not
have a user-provided username and password should inject this class and
invoke #initClientAuthentication(char[], boolean) before it
sends a message to the admin listener. The code which actually prepares
the message can then retrieve the initialized information from this
class in constructing the outbound admin message.
The class offers static accessors to the important values so, for example, RemoteAdminCommand (which is not a service and it therefore not subject to injection) can retrieve what it needs to build the outbound admin request.
This allows us to support CLI commands which need to connect to the DAS securely but will have neither a user-provided master password nor a human who we could prompt for the master password.
| Method Summary | |
|---|---|
java.lang.String |
configuredAdminIndicatorValue()
|
static javax.net.ssl.KeyManager[] |
getKeyManagers()
Returns KeyManagers which access the SSL key store for use in performing client cert authentication. |
static void |
initClientAuthentication(char[] commandMasterPassword,
boolean isInteractive,
java.lang.String serverName,
java.lang.String nodeDir,
java.lang.String node,
java.io.File nodeDirRoot)
Prepares the manager so SSL/TLS will provide the correct client cert when connecting to a remote admin port. |
boolean |
isEnabled()
Reports whether the secure admin is enabled, according to the current configuration. |
javax.net.ssl.KeyManager[] |
keyManagers()
|
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Method Detail |
|---|
public static javax.net.ssl.KeyManager[] getKeyManagers()
SSLContext.init .
public static void initClientAuthentication(char[] commandMasterPassword,
boolean isInteractive,
java.lang.String serverName,
java.lang.String nodeDir,
java.lang.String node,
java.io.File nodeDirRoot)
This method opens the keystore, so it will need the master password. The calling command should pass the master password which the user specified in the file specified by the --passwordfile option (if any). Because the user-provided password might be wrong or missing, the caller also indicates whether a human user is present to respond to a prompt for the password. This will not be the case, for example, during an unattended start-up of an instance.
The caller also provides at least one of the server name, the node directory, or the node. These are used to locate where the domain.xml file is that contains security config information we need.
commandMasterPassword - master password provided by the user on the command line; null if noneisInteractive - whether the caller is in a context where a human could be prompted to enter a passwordserverName - name of the server where domain.xml residesnodeDir - directory of the node where domain.xml residesnode - name of the node whose directory contains domain.xmlpublic boolean isEnabled()
public javax.net.ssl.KeyManager[] keyManagers()
public java.lang.String configuredAdminIndicatorValue()
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||