public class DefaultVOMSTrustStore extends java.lang.Object implements VOMSTrustStore
DefaultUpdatingVOMSTrustStore
.Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CERTIFICATE_FILENAME_SUFFIX
The filename suffix used to match certificates in the VOMS local trust
directories
|
static java.lang.String |
DEFAULT_VOMS_DIR
The default directory where local VOMS trust information is rooted:
"/etc/grid-security/vomsdir"
|
private VOMSTrustStoreStatusListener |
listener
The trust store status listener that will be notified of changes in this
trust store
|
protected java.lang.Object |
listenerLock
A lock to guard the setting of the status listener
|
private java.util.Map<java.lang.String,java.security.cert.X509Certificate> |
localAACertificatesByHash
Map of local parsed AA certificates keyed by certificate subject hash
|
private java.util.Map<java.lang.String,java.util.Set<LSCInfo>> |
localLSCInfo
The set of local parsed LSC information keyed by VO
|
private java.util.List<java.lang.String> |
localTrustedDirs
The list of local trusted directories that is searched for trust
information (certs or LSC files)
|
static java.lang.String |
LSC_FILENAME_SUFFIX
The filename suffix used to match LSC files in the VOMS local trust
directories
|
protected java.util.concurrent.locks.Lock |
read
A reference to the read lock
|
protected java.util.concurrent.locks.ReadWriteLock |
rwLock
The read/write lock that implements thread safety for this store
|
protected java.util.concurrent.locks.Lock |
write
A reference to the write lock
|
Constructor and Description |
---|
DefaultVOMSTrustStore()
Default constructor.
|
DefaultVOMSTrustStore(java.util.List<java.lang.String> localTrustDirs) |
DefaultVOMSTrustStore(java.util.List<java.lang.String> localTrustDirs,
VOMSTrustStoreStatusListener listener) |
DefaultVOMSTrustStore(VOMSTrustStoreStatusListener listener) |
Modifier and Type | Method and Description |
---|---|
protected static java.util.List<java.lang.String> |
buildDefaultTrustedDirs()
Builds a list of trusted directories containing only
DEFAULT_VOMS_DIR . |
private void |
certificateFileSanityChecks(java.io.File certFile)
Performs basic sanity checks performed on a file supposed to hold a VOMS AA
certificate.
|
private void |
cleanupStores() |
private void |
directorySanityChecks(java.io.File directory)
Performs basic sanity checks on a directory that is supposed to contain
VOMS AA certificates and LSC files.
|
java.security.cert.X509Certificate |
getAACertificateBySubject(javax.security.auth.x500.X500Principal aaCertSubject)
Returns the VOMS Attribute Authority certificate held in this
VOMSTrustStore whose subject matches the subject passed as
argument. |
java.util.Map<java.lang.String,java.util.Set<LSCInfo>> |
getAllLSCInfo()
Returns all the LSC information held in this
VOMSTrustStore . |
java.util.List<java.security.cert.X509Certificate> |
getLocalAACertificates()
Returns the list of VOMS Attribute Authority certificates held in this
VOMSTrustStore . |
java.util.List<java.lang.String> |
getLocalTrustedDirectories()
Returns the locally trusted directories where VOMS trust information (being
VOMS server certificates or LSC files) are searched for.
|
LSCInfo |
getLSC(java.lang.String voName,
java.lang.String hostname)
Returns the LSC information held in this
VOMSTrustStore for the vo
and hostname passed as arguments. |
private java.lang.String |
getOpensslCAHash(javax.security.auth.x500.X500Principal principal) |
private void |
loadCertificateFromFile(java.io.File file)
Loads a VOMS AA certificate from a given file and stores this certificate
in the local map of trusted VOMS AA certificate.
|
private void |
loadCertificatesFromDirectory(java.io.File directory)
Loads all the certificates in the local directory.
|
private void |
loadLSCFromDirectory(java.io.File directory) |
void |
loadTrustInformation()
Loads trust information from the sources configured for this trust store.
|
void |
setStatusListener(VOMSTrustStoreStatusListener statusListener)
Sets a
VOMSTrustStoreStatusListener that is notified of events
related to this VOMS trust store |
public static final java.lang.String DEFAULT_VOMS_DIR
public static final java.lang.String CERTIFICATE_FILENAME_SUFFIX
public static final java.lang.String LSC_FILENAME_SUFFIX
private final java.util.List<java.lang.String> localTrustedDirs
private java.util.Map<java.lang.String,java.security.cert.X509Certificate> localAACertificatesByHash
private java.util.Map<java.lang.String,java.util.Set<LSCInfo>> localLSCInfo
private VOMSTrustStoreStatusListener listener
protected final java.util.concurrent.locks.ReadWriteLock rwLock
protected final java.util.concurrent.locks.Lock read
protected final java.util.concurrent.locks.Lock write
protected final java.lang.Object listenerLock
public DefaultVOMSTrustStore(java.util.List<java.lang.String> localTrustDirs, VOMSTrustStoreStatusListener listener)
localTrustDirs
- a non-null list of local trust directorieslistener
- the VOMSTrustStoreStatusListener
to use for this trust
storejava.lang.IllegalArgumentException
- when the list passed as argument is nullpublic DefaultVOMSTrustStore(VOMSTrustStoreStatusListener listener)
public DefaultVOMSTrustStore(java.util.List<java.lang.String> localTrustDirs)
public DefaultVOMSTrustStore()
protected static java.util.List<java.lang.String> buildDefaultTrustedDirs()
DEFAULT_VOMS_DIR
.DEFAULT_VOMS_DIR
public java.util.List<java.lang.String> getLocalTrustedDirectories()
VOMSTrustStore
getLocalTrustedDirectories
in interface VOMSTrustStore
List
of local pathspublic java.util.List<java.security.cert.X509Certificate> getLocalAACertificates()
VOMSTrustStore
VOMSTrustStore
.getLocalAACertificates
in interface VOMSTrustStore
VOMSTrustStore
, an empty list if no certificate was
found.public LSCInfo getLSC(java.lang.String voName, java.lang.String hostname)
VOMSTrustStore
VOMSTrustStore
for the vo
and hostname passed as arguments.getLSC
in interface VOMSTrustStore
voName
- the name of the VO for which the LSC applieshostname
- the name of the host for which the LSC appliesLSCInfo
object, or null if no LSC matching the arguments
was foundprivate void loadCertificatesFromDirectory(java.io.File directory)
#CERTIFICATE_FILENAME_PATTERN
are
considered.directory
- private void loadCertificateFromFile(java.io.File file)
file
- private void loadLSCFromDirectory(java.io.File directory)
directory
- private void certificateFileSanityChecks(java.io.File certFile)
certFile
- private void directorySanityChecks(java.io.File directory)
directory
- private void cleanupStores()
public void loadTrustInformation()
VOMSTrustStore
loadTrustInformation
in interface VOMSTrustStore
private java.lang.String getOpensslCAHash(javax.security.auth.x500.X500Principal principal)
public java.security.cert.X509Certificate getAACertificateBySubject(javax.security.auth.x500.X500Principal aaCertSubject)
VOMSTrustStore
VOMSTrustStore
whose subject matches the subject passed as
argument.getAACertificateBySubject
in interface VOMSTrustStore
aaCertSubject
- a certificate subjectX509Certificate
that matches the subject passed
as argument or null if no matching certificate is found in this
storepublic java.util.Map<java.lang.String,java.util.Set<LSCInfo>> getAllLSCInfo()
VOMSTrustStore
VOMSTrustStore
. The
returned Map
is keyed by VO name.getAllLSCInfo
in interface VOMSTrustStore
LSCInfo
objectspublic void setStatusListener(VOMSTrustStoreStatusListener statusListener)
VOMSTrustStore
VOMSTrustStoreStatusListener
that is notified of events
related to this VOMS trust storesetStatusListener
in interface VOMSTrustStore
statusListener
- the status listener that will be notified