public final class Security extends Object
Modifier and Type | Class and Description |
---|---|
static class |
Security.BlindTrustStore
Blindly trusts all certificates.
|
static class |
Security.ExistingKeyStore
Abstract class which represents an existing keystore to use to setup a server instance.
|
static class |
Security.ExistingTrustStore
Represents an existing file based
Security.TrustStore . |
static class |
Security.JceksKeyStore
Represents a JCEKS keystore.
|
static class |
Security.JksKeyStore
Represents a JKS keystore.
|
static class |
Security.JvmTrustStore
Represents the fact that the JVM truststore should be used to trust remote server certificate.
|
static class |
Security.KeyStoreComponent
Represents keystore data which will be used to secure the server instance to setup.
|
static class |
Security.PasswordProvider
Represents a strategy to retrieve an existing password.
|
static class |
Security.Pkcs11KeyStore
Represents a PKCS#11 keystore.
|
static class |
Security.Pkcs12KeyStore
Represents a PKCS#12 keystore.
|
static class |
Security.SelfSignedCertificate
Contains data that will be used to generate a keystore with a self signed certificate.
|
static class |
Security.TrustStore
Represents a truststore to trust remote server certificates.
|
Modifier and Type | Method and Description |
---|---|
static Security.PasswordProvider |
clearTextPassword(String password)
Specifies that the password is the provided clear text
String . |
static Security.PasswordProvider |
fileBasedPassword(Path passwordFilePath)
Specifies that the password is located in the provided file
Path . |
static Security.PasswordProvider |
fileBasedPassword(String passwordFilePath)
Specifies that the password is located in the file path represented in the provided
String . |
static Security.JceksKeyStore |
jceksKeyStore(Path keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.JceksKeyStore |
jceksKeyStore(String keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.TrustStore |
jceksTrustStore(Path trustStorePath,
Security.PasswordProvider passwordProvider)
References a JCEKS file based
Security.TrustStore . |
static Security.TrustStore |
jceksTrustStore(String trustStorePath,
Security.PasswordProvider passwordProvider)
References a JCEKS file based
Security.TrustStore . |
static Security.JksKeyStore |
jksKeyStore(Path keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.JksKeyStore |
jksKeyStore(String keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.TrustStore |
jksTrustStore(Path trustStorePath,
Security.PasswordProvider passwordProvider)
References a JKS file based
Security.TrustStore . |
static Security.TrustStore |
jksTrustStore(String trustStorePath,
Security.PasswordProvider passwordProvider)
References a JKS file based
Security.TrustStore . |
static Security.Pkcs11KeyStore |
pkcs11KeyStore(Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.Pkcs12KeyStore |
pkcs12KeyStore(Path keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.Pkcs12KeyStore |
pkcs12KeyStore(String keyStorePath,
Security.PasswordProvider passwordProvider)
Specifies keystore data to use to secure the server instance to setup.
|
static Security.TrustStore |
pkcs12TrustStore(Path trustStorePath,
Security.PasswordProvider passwordProvider)
References a PKCS#12 file based
Security.TrustStore . |
static Security.TrustStore |
pkcs12TrustStore(String trustStorePath,
Security.PasswordProvider passwordProvider)
References a PKCS#12 file based
Security.TrustStore . |
static Security.SelfSignedCertificate |
selfSignedCertificate()
Specifies that the setup will generate a PKCS#12 keystore which will contains a self signed certificate.
|
static Security.PasswordProvider |
unprotected()
Specifies that the setup component is not protected by a password.
|
static Security.TrustStore |
useBlindTrust()
References a
Security.TrustStore which will blindly trust all certificates. |
static Security.TrustStore |
useJvmTrustStore()
References a
Security.TrustStore which will use the JVM truststore. |
public static Security.PasswordProvider unprotected()
This provider can only be used for Security.KeyStoreComponent
or Security.ExistingTrustStore
.
Security.PasswordProvider
to use when creating a setup componentpublic static Security.PasswordProvider clearTextPassword(String password) throws com.forgerock.opendj.cli.ArgumentException
String
.
The password will be stored in a dedicated file located in the instance
password
- The clear text passwordSecurity.PasswordProvider
to use when creating a setup componentcom.forgerock.opendj.cli.ArgumentException
- If the provided password is emptypublic static Security.PasswordProvider fileBasedPassword(String passwordFilePath) throws com.forgerock.opendj.cli.ArgumentException
String
.
The server configuration will refers to the provided file path
passwordFilePath
- Path of the passwordSecurity.PasswordProvider
to use when creating a setup componentcom.forgerock.opendj.cli.ArgumentException
- If the provided file does not exists or cannot be readpublic static Security.PasswordProvider fileBasedPassword(Path passwordFilePath) throws com.forgerock.opendj.cli.ArgumentException
Path
.
The server configuration will refers to the provided file path
passwordFilePath
- Path of the passwordSecurity.PasswordProvider
to use when creating a setup componentcom.forgerock.opendj.cli.ArgumentException
- If the provided file does not exists or cannot be readpublic static Security.JksKeyStore jksKeyStore(String keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.jksKeyStore("/path/to/keystore", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.JksKeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.JksKeyStore jksKeyStore(Path keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.jksKeyStore("/path/to/keystore", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.JksKeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.JceksKeyStore jceksKeyStore(String keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.jceksKeyStore("/path/to/keystore", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.JceksKeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.JceksKeyStore jceksKeyStore(Path keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.jceksKeyStore("/path/to/keystore", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.JceksKeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.Pkcs12KeyStore pkcs12KeyStore(String keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.pkcs12KeyStore("/path/to/opendj", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.Pkcs12KeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.Pkcs12KeyStore pkcs12KeyStore(Path keyStorePath, Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.pkcs12KeyStore("/path/to/opendj", Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
The unprotected()
provider is not allowed to be used with this method.
keyStorePath
- The keystore pathpasswordProvider
- The strategy to use to provide the keystore passwordSecurity.Pkcs12KeyStore
object to use in Setup#secureWith(KeyStoreComponent)
IllegalArgumentException
- If the unprotected()
password provider is used with this methodpublic static Security.Pkcs11KeyStore pkcs11KeyStore(Security.PasswordProvider passwordProvider)
If the keystore contains multiple aliases, aliases which should be used by the server must be listed as follow: Security.pkcs11KeyStore(Security.clearTextStorePassword("somesecretphrase")) .addCertificateAliases("example-com", "foo-com");
passwordProvider
- The strategy to use to provide the keystore passwordSecurity.Pkcs11KeyStore
object to use in Setup#secureWith(KeyStoreComponent)
public static Security.SelfSignedCertificate selfSignedCertificate()
Security.SelfSignedCertificate
object to use in Setup#secureWith(KeyStoreComponent)
public static Security.TrustStore jksTrustStore(String trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- JKS truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a JKS file.com.forgerock.opendj.cli.ArgumentException
- If the file based JKS truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore jksTrustStore(Path trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- JKS truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a JKS file.com.forgerock.opendj.cli.ArgumentException
- If the file based JKS truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore jceksTrustStore(String trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- JCEKS truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a JCEKS file.com.forgerock.opendj.cli.ArgumentException
- If the file based JCEKS truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore jceksTrustStore(Path trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- JCEKS truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a JCEKS file.com.forgerock.opendj.cli.ArgumentException
- If the file based JCEKS truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore pkcs12TrustStore(String trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- PKCS#12 truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a PKCS#12.com.forgerock.opendj.cli.ArgumentException
- If the file based PKCS#12 truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore pkcs12TrustStore(Path trustStorePath, Security.PasswordProvider passwordProvider) throws com.forgerock.opendj.cli.ArgumentException
Security.TrustStore
.trustStorePath
- PKCS#12 truststore file pathpasswordProvider
- The strategy to use to provide the truststore passwordSecurity.TrustStore
which represents a PKCS#12 file.com.forgerock.opendj.cli.ArgumentException
- If the file based PKCS#12 truststore cannot be loadedProxyServerSetup.ServiceDiscoveryMechanism#trustStore(TrustStore)
,
ReplicationServerSetup#replicationTopology(String, int, TrustStore)
public static Security.TrustStore useJvmTrustStore()
Security.TrustStore
which will use the JVM truststore.Security.TrustStore
which will use the JVM truststore.public static Security.TrustStore useBlindTrust()
Security.TrustStore
which will blindly trust all certificates.Security.TrustStore
which will blindly trust all certificates.Copyright © 2010–2017 ForgeRock AS. All rights reserved.