001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions Copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2006-2008 Sun Microsystems, Inc.
015 * Portions Copyright 2014-2016 ForgeRock AS.
016 */
017package org.opends.server.api;
018import org.forgerock.i18n.LocalizableMessage;
019
020
021
022import java.util.List;
023import javax.net.ssl.TrustManager;
024
025import org.forgerock.opendj.server.config.server.TrustManagerProviderCfg;
026import org.forgerock.opendj.config.server.ConfigException;
027import org.opends.server.types.DirectoryException;
028import org.opends.server.types.InitializationException;
029
030
031
032/**
033 * This class defines an API that may be used to obtain a set of
034 * {@code javax.net.ssl.TrustManager} objects for use when performing
035 * SSL/StartTLS negotiation.
036 *
037 * @param  <T>  The type of trust manager provider configuration
038 *              handled by this trust manager provider implementation.
039 */
040@org.opends.server.types.PublicAPI(
041     stability=org.opends.server.types.StabilityLevel.VOLATILE,
042     mayInstantiate=false,
043     mayExtend=true,
044     mayInvoke=true)
045public abstract class TrustManagerProvider<T extends
046        TrustManagerProviderCfg>
047{
048  /**
049   * Initializes this trust manager provider based on the information
050   * in the provided configuration entry.
051   *
052   * @param  configuration  The configuration to use for this trust
053   *                        manager provider.
054   *
055   * @throws  ConfigException  If an unrecoverable problem arises in
056   *                           the process of performing the
057   *                           initialization as a result of the
058   *                           server configuration.
059   *
060   * @throws  InitializationException  If a problem occurs during
061   *                                   initialization that is not
062   *                                   related to the server
063   *                                   configuration.
064   */
065  public abstract void initializeTrustManagerProvider(
066                            T configuration)
067         throws ConfigException, InitializationException;
068
069
070
071  /**
072   * Indicates whether the provided configuration is acceptable for
073   * this trust manager provider.  It should be possible to call this
074   * method on an uninitialized trust manager provider instance in
075   * order to determine whether the trust manager provider would be
076   * able to use the provided configuration.
077   * <BR><BR>
078   * Note that implementations which use a subclass of the provided
079   * configuration class will likely need to cast the configuration
080   * to the appropriate subclass type.
081   *
082   * @param  configuration        The trust manager provider
083   *                              configuration for which to make the
084   *                              determination.
085   * @param  unacceptableReasons  A list that may be used to hold the
086   *                              reasons that the provided
087   *                              configuration is not acceptable.
088   *
089   * @return  {@code true} if the provided configuration is acceptable
090   *          for this trust manager provider, or {@code false} if
091   *          not.
092   */
093  public boolean isConfigurationAcceptable(
094                      TrustManagerProviderCfg configuration,
095                      List<LocalizableMessage> unacceptableReasons)
096  {
097    // This default implementation does not perform any special
098    // validation.  It should be overridden by trust manager provider
099    // implementations that wish to perform more detailed validation.
100    return true;
101  }
102
103
104
105  /**
106   * Performs any finalization that may be necessary for this trust
107   * manager provider.
108   */
109  public abstract void finalizeTrustManagerProvider();
110
111
112
113  /**
114   * Retrieves a set of {@code TrustManager} objects that may be used
115   * for interactions requiring access to a trust manager.
116   *
117   * @return  A set of {@code TrustManager} objects that may be used
118   *          for interactions requiring access to a trust manager.
119   *
120   * @throws  DirectoryException  If a problem occurs while attempting
121   *                              to obtain the set of trust managers.
122   */
123  public abstract TrustManager[] getTrustManagers()
124         throws DirectoryException;
125}
126