public class X509Token extends AuthToken
This is an example of using a preshared token that is encrypted using an X509 certificate for authentication purposes. All members of the group have to have the same string value in the JGroups config.
This example uses certificates contained within a specified keystore. Configuration parameters for this example are shown below:
AuthToken| Modifier and Type | Field and Description |
|---|---|
protected java.lang.String |
auth_value |
protected java.lang.String |
cert_alias |
static java.lang.String |
CERT_ALIAS |
static java.lang.String |
CERT_PASSWORD |
protected java.lang.String |
cipher_type |
static java.lang.String |
CIPHER_TYPE |
static java.lang.String |
KEYSTORE_PASSWORD |
protected java.lang.String |
keystore_path |
static java.lang.String |
KEYSTORE_PATH |
protected java.lang.String |
keystore_type |
static java.lang.String |
KEYSTORE_TYPE |
static java.lang.String |
TOKEN_ATTR |
| Constructor and Description |
|---|
X509Token() |
| Modifier and Type | Method and Description |
|---|---|
boolean |
authenticate(AuthToken token,
Message msg)
This method should be implemented to perform the actual authentication of joining members.
|
X509Token |
encryptedToken(byte[] buf)
To be used for testing only
|
java.lang.String |
getName()
Used to return the full package and class name of the implementation.
|
void |
readFrom(java.io.DataInput in)
Read the state of the current object (including superclasses) from instream
Note that the input stream must not be closed
|
void |
setCertificate()
Used during setup to get the certification from the keystore and encrypt the auth_value with
the private key
|
void |
setCertPassword(java.lang.String pwd) |
void |
setKeyStorePassword(java.lang.String pwd) |
int |
size()
The size of the marshalled AuthToken
|
void |
writeTo(java.io.DataOutput out)
Write the entire state of the current object (including superclasses) to outstream.
|
public static final java.lang.String KEYSTORE_TYPE
public static final java.lang.String KEYSTORE_PATH
public static final java.lang.String KEYSTORE_PASSWORD
public static final java.lang.String CERT_ALIAS
public static final java.lang.String CERT_PASSWORD
public static final java.lang.String TOKEN_ATTR
public static final java.lang.String CIPHER_TYPE
protected java.lang.String keystore_type
protected java.lang.String cert_alias
protected java.lang.String keystore_path
protected java.lang.String auth_value
protected java.lang.String cipher_type
public void setCertPassword(java.lang.String pwd)
public void setKeyStorePassword(java.lang.String pwd)
public X509Token encryptedToken(byte[] buf)
public java.lang.String getName()
AuthTokenpublic boolean authenticate(AuthToken token, Message msg)
AuthTokenauthenticate in class AuthTokentoken - the token sent by the joinermsg - the Message object containing the actual JOIN_REQpublic void writeTo(java.io.DataOutput out)
throws java.lang.Exception
Streamablejava.lang.Exceptionpublic void readFrom(java.io.DataInput in)
throws java.lang.Exception
Streamablejava.lang.Exceptionpublic int size()
AuthTokenpublic void setCertificate()
throws java.security.KeyStoreException,
java.io.IOException,
java.security.NoSuchAlgorithmException,
java.security.cert.CertificateException,
javax.crypto.NoSuchPaddingException,
java.security.InvalidKeyException,
javax.crypto.IllegalBlockSizeException,
javax.crypto.BadPaddingException,
java.security.UnrecoverableEntryException
java.security.KeyStoreExceptionjava.io.IOExceptionjava.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjavax.crypto.NoSuchPaddingExceptionjava.security.InvalidKeyExceptionjavax.crypto.IllegalBlockSizeExceptionjavax.crypto.BadPaddingExceptionjava.security.UnrecoverableEntryExceptionCopyright © 1998-2020 Red Hat. All Rights Reserved.