X509Token

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jgroups.auth
Class X509Token

java.lang.Object
  org.jgroups.auth.AuthToken
      org.jgroups.auth.X509Token

All Implemented Interfaces:: Streamable

public class X509Token
extends AuthToken
extends AuthToken

This is an example of using a preshared token that is encrypted using an X509 certificate for authentication purposes. All members of the group have to have the same string value in the JGroups config.

This example uses certificates contained within a specified keystore. Configuration parameters for this example are shown below:

keystore_type = JKS(default)/PKCS12 - see http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html#AppA
keystore_path (required) = the location of the keystore
keystore_password (required) = the password of the keystore
cert_alias (required) = the alias of the certification within the keystore
cert_password = the password of the certification within the keystore
auth_value (required) = the string to encrypt
cipher_type = RSA(default)/AES/Blowfish/DES/DESede/PBEWithMD5AndDES/PBEWithHmacSHA1AndDESede/RC2/RC4/RC5 - see http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html#AppA

Author:: Chris Mills
See Also:: AuthToken

Field Summary
`static java.lang.String`	`CERT_ALIAS`
`static java.lang.String`	`CERT_PASSWORD`
`static java.lang.String`	`CIPHER_TYPE`
`static java.lang.String`	`KEYSTORE_PASSWORD`
`static java.lang.String`	`KEYSTORE_PATH`
`static java.lang.String`	`KEYSTORE_TYPE`
`static java.lang.String`	`TOKEN_ATTR`

Fields inherited from class org.jgroups.auth.AuthToken
`auth, log`

Constructor Summary
`X509Token()`

Method Summary
`boolean`	`authenticate(AuthToken token, Message msg)` This method should be implemented to perform the actual authentication of joining members.
`X509Token`	`encryptedToken(byte[] buf)` To be used for testing only
`java.lang.String`	`getName()` Used to return the full package and class name of the implementation.
`void`	`readFrom(java.io.DataInput in)` Read the state of the current object (including superclasses) from instream Note that the input stream must not be closed
`void`	`setCertificate()` Used during setup to get the certification from the keystore and encrypt the auth_value with the private key
`void`	`setCertPassword(java.lang.String pwd)`
`void`	`setKeyStorePassword(java.lang.String pwd)`
`int`	`size()` The size of the marshalled AuthToken
`void`	`writeTo(java.io.DataOutput out)` Write the entire state of the current object (including superclasses) to outstream.

Methods inherited from class org.jgroups.auth.AuthToken
`init, setAuth`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

KEYSTORE_TYPE

public static final java.lang.String KEYSTORE_TYPE

See Also:: Constant Field Values

KEYSTORE_PATH

public static final java.lang.String KEYSTORE_PATH

See Also:: Constant Field Values

KEYSTORE_PASSWORD

public static final java.lang.String KEYSTORE_PASSWORD

See Also:: Constant Field Values

CERT_ALIAS

public static final java.lang.String CERT_ALIAS

See Also:: Constant Field Values

CERT_PASSWORD

public static final java.lang.String CERT_PASSWORD

See Also:: Constant Field Values

TOKEN_ATTR

public static final java.lang.String TOKEN_ATTR

See Also:: Constant Field Values

CIPHER_TYPE

public static final java.lang.String CIPHER_TYPE

See Also:: Constant Field Values

Constructor Detail

X509Token

public X509Token()

Method Detail

setCertPassword

public void setCertPassword(java.lang.String pwd)

setKeyStorePassword

public void setKeyStorePassword(java.lang.String pwd)

encryptedToken

public X509Token encryptedToken(byte[] buf)

To be used for testing only

getName

public java.lang.String getName()

Description copied from class: AuthToken

Used to return the full package and class name of the implementation. This is used by the AUTH protocol to create an instance of the implementation.

Specified by:: getName in class AuthToken

Returns:: a java.lang.String object of the package and class name

authenticate

public boolean authenticate(AuthToken token,
                            Message msg)

Description copied from class: AuthToken

This method should be implemented to perform the actual authentication of joining members.

Specified by:: authenticate in class AuthToken

Parameters:: token - the token sent by the joiner; msg - the Message object containing the actual JOIN_REQ
Returns:: true if authenticaion passed or false if it failed.

writeTo

public void writeTo(java.io.DataOutput out)
             throws java.lang.Exception

Description copied from interface: Streamable

Write the entire state of the current object (including superclasses) to outstream. Note that the output stream must not be closed

Throws:: java.lang.Exception

readFrom

public void readFrom(java.io.DataInput in)
              throws java.lang.Exception

Description copied from interface: Streamable

Read the state of the current object (including superclasses) from instream Note that the input stream must not be closed

Throws:: java.lang.Exception

size

public int size()

Description copied from class: AuthToken

The size of the marshalled AuthToken

Specified by:: size in class AuthToken

setCertificate

public void setCertificate()
                    throws java.security.KeyStoreException,
                           java.io.IOException,
                           java.security.NoSuchAlgorithmException,
                           java.security.cert.CertificateException,
                           javax.crypto.NoSuchPaddingException,
                           java.security.InvalidKeyException,
                           javax.crypto.IllegalBlockSizeException,
                           javax.crypto.BadPaddingException,
                           java.security.UnrecoverableEntryException

Used during setup to get the certification from the keystore and encrypt the auth_value with the private key

Throws:: java.security.KeyStoreException; java.io.IOException; java.security.NoSuchAlgorithmException; java.security.cert.CertificateException; javax.crypto.NoSuchPaddingException; java.security.InvalidKeyException; javax.crypto.IllegalBlockSizeException; javax.crypto.BadPaddingException; java.security.UnrecoverableEntryException

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jgroups.auth Class X509Token

KEYSTORE_TYPE

KEYSTORE_PATH

KEYSTORE_PASSWORD

CERT_ALIAS

CERT_PASSWORD

TOKEN_ATTR

CIPHER_TYPE

X509Token

setCertPassword

setKeyStorePassword

encryptedToken

getName

authenticate

writeTo

readFrom

size

setCertificate

org.jgroups.auth
Class X509Token