Package org.jgroups.auth
Class X509Token
- java.lang.Object
-
- org.jgroups.auth.AuthToken
-
- org.jgroups.auth.X509Token
-
- All Implemented Interfaces:
Streamable
public class X509Token extends AuthToken
This is an example of using a preshared token that is encrypted using an X509 certificate for authentication purposes. All members of the group have to have the same string value in the JGroups config.
This example uses certificates contained within a specified keystore. Configuration parameters for this example are shown below:
- keystore_type = JKS(default)/PKCS12 - see http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA
- keystore_path (required) = the location of the keystore
- keystore_password (required) = the password of the keystore
- cert_alias (required) = the alias of the certification within the keystore
- cert_password = the password of the certification within the keystore
- auth_value (required) = the string to encrypt
- cipher_type = RSA(default)/AES/Blowfish/DES/DESede/PBEWithMD5AndDES/PBEWithHmacSHA1AndDESede/RC2/RC4/RC5 - see http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA
- Author:
- Chris Mills, Bela Ban
- See Also:
AuthToken
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
auth_value
protected java.lang.String
cert_alias
protected java.lang.String
cipher_type
protected java.lang.String
keystore_path
protected java.lang.String
keystore_type
-
Constructor Summary
Constructors Constructor Description X509Token()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description boolean
authenticate(AuthToken token, Message msg)
This method should be implemented to perform the actual authentication of joining members.X509Token
encryptedToken(byte[] buf)
To be used for testing onlyjava.lang.String
getName()
Used to return the full package and class name of the implementation.void
readFrom(java.io.DataInput in)
Read the state of the current object (including superclasses) from instream Note that the input stream must not be closedvoid
setCertificate()
Used during setup to get the certification from the keystore and encrypt the auth_value with the private keyvoid
setCertPassword(java.lang.String pwd)
void
setKeyStorePassword(java.lang.String pwd)
int
size()
The size of the marshalled AuthTokenvoid
writeTo(java.io.DataOutput out)
Write the entire state of the current object (including superclasses) to outstream.
-
-
-
Method Detail
-
setCertPassword
public void setCertPassword(java.lang.String pwd)
-
setKeyStorePassword
public void setKeyStorePassword(java.lang.String pwd)
-
encryptedToken
public X509Token encryptedToken(byte[] buf)
To be used for testing only
-
getName
public java.lang.String getName()
Description copied from class:AuthToken
Used to return the full package and class name of the implementation. This is used by the AUTH protocol to create an instance of the implementation.
-
authenticate
public boolean authenticate(AuthToken token, Message msg)
Description copied from class:AuthToken
This method should be implemented to perform the actual authentication of joining members.- Specified by:
authenticate
in classAuthToken
- Parameters:
token
- the token sent by the joinermsg
- the Message object containing the actual JOIN_REQ- Returns:
- true if authenticaion passed or false if it failed.
-
writeTo
public void writeTo(java.io.DataOutput out) throws java.io.IOException
Description copied from interface:Streamable
Write the entire state of the current object (including superclasses) to outstream. Note that the output stream must not be closed- Throws:
java.io.IOException
-
readFrom
public void readFrom(java.io.DataInput in) throws java.io.IOException
Description copied from interface:Streamable
Read the state of the current object (including superclasses) from instream Note that the input stream must not be closed- Throws:
java.io.IOException
-
size
public int size()
Description copied from class:AuthToken
The size of the marshalled AuthToken
-
setCertificate
public void setCertificate() throws java.security.KeyStoreException, java.io.IOException, java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, javax.crypto.NoSuchPaddingException, java.security.InvalidKeyException, javax.crypto.IllegalBlockSizeException, javax.crypto.BadPaddingException, java.security.UnrecoverableEntryException
Used during setup to get the certification from the keystore and encrypt the auth_value with the private key- Throws:
java.security.KeyStoreException
java.io.IOException
java.security.NoSuchAlgorithmException
java.security.cert.CertificateException
javax.crypto.NoSuchPaddingException
java.security.InvalidKeyException
javax.crypto.IllegalBlockSizeException
javax.crypto.BadPaddingException
java.security.UnrecoverableEntryException
-
-