|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.snmp4j.transport.tls.DefaultTlsTmSecurityCallback
public class DefaultTlsTmSecurityCallback
The DefaultTlsTmSecurityCallback
resolves the
tmSecurityName
for incoming requests through
a mapping table based on the peer certificates,
resolves the local certificate alias through a mapping table
based on the target address and accepts peer certificates
based on a list of trusted peer and issuer certificates.
Constructor Summary | |
---|---|
DefaultTlsTmSecurityCallback()
|
Method Summary | |
---|---|
void |
addAcceptedIssuerDN(java.lang.String issuerDN)
|
void |
addAcceptedSubjectDN(java.lang.String subjectDN)
|
void |
addLocalCertMapping(Address address,
java.lang.String certAlias)
|
void |
addSecurityNameMapping(OctetString fingerprint,
SecurityNameMapping.CertMappingType type,
OctetString data,
OctetString securityName)
|
java.lang.String |
getLocalCertificateAlias(Address targetAddress)
Gets the local certificate alias to be used for the supplied target address. |
OctetString |
getSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)
Gets the tmSecurityName (see RFC 5953) from the certificate chain of the communication peer that needs to be authenticated. |
boolean |
isAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate)
Check if the supplied issuer certificate is accepted as server. |
boolean |
isClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate)
Check if the supplied peer end certificate is accepted as client. |
boolean |
isServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain)
Check if the supplied peer certificate chain is accepted as server. |
boolean |
removeAcceptedIssuerDN(java.lang.String issuerDN)
|
boolean |
removeAcceptedSubjectDN(java.lang.String subjectDN)
|
java.lang.String |
removeLocalCertMapping(Address address)
|
OctetString |
removeSecurityNameMapping(OctetString fingerprint,
SecurityNameMapping.CertMappingType type,
OctetString data)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public DefaultTlsTmSecurityCallback()
Method Detail |
---|
public OctetString getSecurityName(java.security.cert.X509Certificate[] peerCertificateChain)
TlsTmSecurityCallback
getSecurityName
in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
peerCertificateChain
- an array of Certificate
s with the peer's own certificate
first followed by any CA authorities.
public boolean isClientCertificateAccepted(java.security.cert.X509Certificate peerEndCertificate)
TlsTmSecurityCallback
isClientCertificateAccepted
in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
peerEndCertificate
- a client Certificate instance to check acceptance for.
public boolean isServerCertificateAccepted(java.security.cert.X509Certificate[] peerCertificateChain)
TlsTmSecurityCallback
isServerCertificateAccepted
in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
peerCertificateChain
- a server Certificate chain to check acceptance for.
public boolean isAcceptedIssuer(java.security.cert.X509Certificate issuerCertificate)
TlsTmSecurityCallback
isAcceptedIssuer
in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
issuerCertificate
- an issuer Certificate instance to check acceptance for.
public java.lang.String getLocalCertificateAlias(Address targetAddress)
TlsTmSecurityCallback
getLocalCertificateAlias
in interface TlsTmSecurityCallback<java.security.cert.X509Certificate>
targetAddress
- a target address or null if the default local
certificate alias needs to be retrieved.
public void addSecurityNameMapping(OctetString fingerprint, SecurityNameMapping.CertMappingType type, OctetString data, OctetString securityName)
public OctetString removeSecurityNameMapping(OctetString fingerprint, SecurityNameMapping.CertMappingType type, OctetString data)
public void addAcceptedIssuerDN(java.lang.String issuerDN)
public boolean removeAcceptedIssuerDN(java.lang.String issuerDN)
public void addAcceptedSubjectDN(java.lang.String subjectDN)
public boolean removeAcceptedSubjectDN(java.lang.String subjectDN)
public void addLocalCertMapping(Address address, java.lang.String certAlias)
public java.lang.String removeLocalCertMapping(Address address)
|
Copyright 2005-2011 Frank Fock (SNMP4J.org) | |||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |