001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions Copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2006-2008 Sun Microsystems, Inc. 015 * Portions Copyright 2014-2016 ForgeRock AS. 016 */ 017package org.opends.server.api; 018import org.forgerock.i18n.LocalizableMessage; 019 020 021 022import java.util.List; 023import javax.net.ssl.TrustManager; 024 025import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg; 026import org.forgerock.opendj.config.server.ConfigException; 027import org.opends.server.types.DirectoryException; 028import org.opends.server.types.InitializationException; 029 030 031 032/** 033 * This class defines an API that may be used to obtain a set of 034 * {@code javax.net.ssl.TrustManager} objects for use when performing 035 * SSL/StartTLS negotiation. 036 * 037 * @param <T> The type of trust manager provider configuration 038 * handled by this trust manager provider implementation. 039 */ 040@org.opends.server.types.PublicAPI( 041 stability=org.opends.server.types.StabilityLevel.VOLATILE, 042 mayInstantiate=false, 043 mayExtend=true, 044 mayInvoke=true) 045public abstract class TrustManagerProvider<T extends 046 TrustManagerProviderCfg> 047{ 048 /** 049 * Initializes this trust manager provider based on the information 050 * in the provided configuration entry. 051 * 052 * @param configuration The configuration to use for this trust 053 * manager provider. 054 * 055 * @throws ConfigException If an unrecoverable problem arises in 056 * the process of performing the 057 * initialization as a result of the 058 * server configuration. 059 * 060 * @throws InitializationException If a problem occurs during 061 * initialization that is not 062 * related to the server 063 * configuration. 064 */ 065 public abstract void initializeTrustManagerProvider( 066 T configuration) 067 throws ConfigException, InitializationException; 068 069 070 071 /** 072 * Indicates whether the provided configuration is acceptable for 073 * this trust manager provider. It should be possible to call this 074 * method on an uninitialized trust manager provider instance in 075 * order to determine whether the trust manager provider would be 076 * able to use the provided configuration. 077 * <BR><BR> 078 * Note that implementations which use a subclass of the provided 079 * configuration class will likely need to cast the configuration 080 * to the appropriate subclass type. 081 * 082 * @param configuration The trust manager provider 083 * configuration for which to make the 084 * determination. 085 * @param unacceptableReasons A list that may be used to hold the 086 * reasons that the provided 087 * configuration is not acceptable. 088 * 089 * @return {@code true} if the provided configuration is acceptable 090 * for this trust manager provider, or {@code false} if 091 * not. 092 */ 093 public boolean isConfigurationAcceptable( 094 TrustManagerProviderCfg configuration, 095 List<LocalizableMessage> unacceptableReasons) 096 { 097 // This default implementation does not perform any special 098 // validation. It should be overridden by trust manager provider 099 // implementations that wish to perform more detailed validation. 100 return true; 101 } 102 103 104 105 /** 106 * Performs any finalization that may be necessary for this trust 107 * manager provider. 108 */ 109 public abstract void finalizeTrustManagerProvider(); 110 111 112 113 /** 114 * Retrieves a set of {@code TrustManager} objects that may be used 115 * for interactions requiring access to a trust manager. 116 * 117 * @return A set of {@code TrustManager} objects that may be used 118 * for interactions requiring access to a trust manager. 119 * 120 * @throws DirectoryException If a problem occurs while attempting 121 * to obtain the set of trust managers. 122 */ 123 public abstract TrustManager[] getTrustManagers() 124 throws DirectoryException; 125} 126