|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.novell.security.sso.Secret
An abstract class that represents a secret in SecretStore. Actual instances
of this class may be created by using the
SecretStore.getSecret(String id)
method.
In the past, to write a secret with collision detection
enabled, it was necessary to first call the create()
method and then the setValue(byte[])
method. This resulted in
two calls over the network per secret.
To be able to write a secret with only one call over the
network, it was necessary to disable collision detection
by calling setValue with the SSInfo.NSSO_CREATE_ID_F
flag. This
was a faster alternative, but it wasn't necessarily the
best because it could result in secrets being overwritten.
As of SecretStore 3.2, the functionality of the create()
method was combined with the setValue(byte[])
method. Secret
ID collision detection is still supported with the new
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag. This combination
allows collision detection to be enabled without the
performance hit of two calls over the network. The methods
isCheckingSecretIDCollision()
and
setCheckingSecretIDCollision(boolean)
have been added to
support this new flag.
This kit deprecated the create()
method as of 3.1 in
order to phase in the new functionality. The
SSInfo.NSSO_CREATE_ID_F
flag is now assumed, so it has been
deprecated also. Both the getAutoCreateIDPolicy()
method and
the setAutoCreateIDPolicy(boolean)
method that automatically
passed in this flag have been deprecated as well. However,
to support SecretStore servers that don't support the 3.2
functionality yet, this kit still calls the create()
method
inside of the setValue(byte[])
method when the
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag is defined. This is done because SecretStore 3.2 hasn't
been released yet. After SecretStore 3.2 is released, this kit
will only support servers at least SecretStore 3.2 in order
to take advantage of the performance improvements.
This class relies upon SSPermission for access control.
SecretStore.getSecret(String id)
,
SSPermission
, Serialized FormMethod Summary | |
void |
create()
Deprecated. As of 3.10, directly call setValue(byte[] value) with
the CheckingSecretIDCollision flag set to true to gain the
same behavior. |
void |
create(int flags)
Deprecated. As of 3.10, directly call setValue(byte[] value) with
the CheckingSecretIDCollision flag set to true to gain the
same behavior. |
void |
delete()
Removes this secret from the SecretStore. |
void |
delete(int flags)
Removes this secret from the SecretStore. |
boolean |
equals(Object obj)
Determines whether this secret equals another object. |
boolean |
exists()
Determines if this secret exists in SecretStore. |
boolean |
exists(int flags)
Determines if this secret exists in SecretStore. |
Date |
getAccessTime()
Returns a Date object representing when this secret was last accessed in SecretStore. |
boolean |
getAutoCreateIDPolicy()
Deprecated. As of version 3.10 |
Date |
getCreateTime()
Returns a Date object representing when this secret was created in SecretStore. |
boolean |
getEnhancedProtectedPolicy()
Deprecated. As of version 3.02, replaced by isEnhancedProtected(). |
Date |
getModifyTime()
Returns a Date object representing when this secret was last modified in SecretStore. |
int |
getStatus()
Returns the secret's status. |
byte[] |
getValue()
Returns the secret value located in this Secret object. |
int |
hashCode()
Returns a hash code value for this object. |
boolean |
isCheckingSecretIDCollision()
Returns a value that specifies if the setValue method is checking for a secret ID collision. |
boolean |
isEnhancedProtected()
Returns a flag that specifies if this secret is enhanced protected. |
boolean |
isEnhancedProtectedWithPassword()
Returns a flag that specifies if this secret is protected with an enhanced protection password. |
void |
read()
Read this Secret from SecretStore. |
void |
read(int flags)
Read this Secret from SecretStore. |
void |
setAutoCreateIDPolicy(boolean policy)
Deprecated. As of version 3.10 |
void |
setCheckingSecretIDCollision(boolean policy)
Sets the checking secret ID collision policy for this secret. |
void |
setEnhancedProtected(boolean policy)
Sets the enhanced protected property of the secret. |
void |
setEnhancedProtectedPolicy(boolean policy)
Deprecated. As of version 3.02, replaced by setEnhancedProtected(boolean policy) . |
void |
setEnhancedProtectionPassword(char[] erPass)
Sets the optional enhanced protection password for this secret. |
void |
setValue(byte[] value)
Set the secret value of this secret in SecretStore. |
void |
setValue(byte[] value,
int flags)
Set the secret value of this secret in SecretStore. |
boolean |
sync(Secret targetSecret)
Synchronizes this object, sourceSecret, with the targetSecret. |
String |
toString()
Returns a string representation of this object. |
void |
unsetEnhancedProtectionPassword()
Unsets the optional enhanced protection password for this secret. |
void |
update(Secret targetSecret)
Updates the targetSecret with this object's secret value. |
void |
update(Secret targetSecret,
int flags)
Updates the targetSecret with this object's secret value. |
Methods inherited from class java.lang.Object |
getClass, notify, notifyAll, wait, wait, wait |
Method Detail |
public final void create() throws SSException
setValue(byte[] value)
with
the CheckingSecretIDCollision flag set to true to gain the
same behavior.
setValue(byte[], int)
method has been combined into one method,
the setValue(byte[], int)
method. To set the value while checking
for secret ID collisions, pass in the
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag to the
setValue(byte[], int)
call.
setCheckingSecretIDCollision(boolean)
with a value of true.SSException
- If a SSException occurred.setValue(byte[])
,
setCheckingSecretIDCollision(boolean)
public final void create(int flags) throws SSException
setValue(byte[] value)
with
the CheckingSecretIDCollision flag set to true to gain the
same behavior.
setValue(byte[], int)
method has been combined into one method,
the setValue(byte[], int)
method. To set the value while checking
for secret ID collisions, pass in the
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag to the
setValue(byte[], int)
call.
setCheckingSecretIDCollision(boolean)
with a value of true.SSException
- If a SSException occurred.setValue(byte[])
,
setCheckingSecretIDCollision(boolean)
public final void delete() throws SSException
delete(int flags)
with a flags value of 0.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies write access
to this secret.delete(int flags)
,
SSPermission
public final void delete(int flags) throws SSException
flags
- Possible flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies write access
to this secret.delete()
,
SSPermission
public boolean equals(Object obj)
equals
in class Object
obj
- The object with which to compare this secret.public boolean exists() throws SSException
exists(int flags)
with a flags value of 0.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.SSPermission
public boolean exists(int flags) throws SSException
read(int flags)
method for information about the possible flags
that may be passed in.flags
- Possible flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.SSPermission
public Date getAccessTime() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.getCreateTime()
,
getModifyTime()
,
SSPermission
public boolean getAutoCreateIDPolicy()
setValue(byte[])
method, so this flag
is no longer needed.isCheckingSecretIDCollision()
public Date getCreateTime() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.getAccessTime()
,
getModifyTime()
,
SSPermission
public boolean getEnhancedProtectedPolicy() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.isEnhancedProtected()
,
setEnhancedProtected(boolean policy)
public Date getModifyTime() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.getAccessTime()
,
getCreateTime()
,
SSPermission
public int getStatus() throws SSException
int stat = secret.getStatus(); if ( (stat & SSInfo.NSSS_SECRET_NOT_INITIALIZED_F) == SSInfo.NSSS_SECRET_NOT_INITIALIZED_F) { System.out.println("Secret identifier found, but no secret value exists"); } else if ( (stat & SSInfo.NSSS_SECRET_LOCKED_F) == SSInfo.NSSS_SECRET_LOCKED_F) { System.out.println("This secret has been locked!"); }
SSInfo.NSSS_SECRET_LOCKED_F
SSInfo.NSSS_SECRET_NOT_INITIALIZED_F
SSInfo.NSSS_ENHANCED_PROTECT_INFO_F
SSInfo.NSSS_STORE_NOT_SYNCED_F
SSInfo.NSSS_EP_PWORD_PRESENT_F
SSInfo.NSSS_ADMIN_LAST_MOD_F
SSInfo.NSSS_MP_NOT_ALLOWED_F
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.SSPermission
public byte[] getValue() throws SSException
read()
method explicitly.
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.read(int flags)
,
setValue(byte[] value)
,
SSPermission
public int hashCode()
hashCode
in class Object
public boolean isCheckingSecretIDCollision()
setValue(byte[])
method is checking for secret ID
collisions and false if not.public boolean isEnhancedProtected() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.setEnhancedProtected(boolean policy)
public boolean isEnhancedProtectedWithPassword() throws SSException
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.setEnhancedProtectionPassword(char[] erPass)
public final void read() throws SSException
read(int flags)
with a flags value of 0.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.getValue()
,
SSPermission
public final void read(int flags) throws SSException
SecretStore.getSecret(String id, boolean useMasterPassword)
and
true* was passed in for useMasterPassword, then the flag
SSInfo.NSSS_EP_MASTER_PWORD_USED_F
will automatically be set.
If the enhanced protection password was set using the call
setEnhancedProtectionPassword(char[] erPass)
, then the flag
SSInfo.NSSS_EP_PASSWORD_USED_F
will automatically be set.
SSInfo.NSSS_REPAIR_THE_STORE_F
SSInfo.NSSS_EP_PASSWORD_USED_F
SSInfo.NSSS_EP_MASTER_PWORD_USED_F
flags
- Possible flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to this secret.getValue()
,
SSPermission
public void setAutoCreateIDPolicy(boolean policy)
setValue(byte[])
method, so this flag
is no longer needed.policy
- the auto create id policy.setCheckingSecretIDCollision(boolean)
public void setCheckingSecretIDCollision(boolean policy)
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag
to be automatically be passed in on the setValue(byte[])
call. Setting
this to false will cause the flag to not be passed in automatically.policy
- the checking secretID collision policy.public void setEnhancedProtected(boolean policy)
SSInfo.NSSS_ENHANCED_PROTECTION_F
flag to be
automatically passed in. Setting this to false will cause the
SSInfo.NSSS_ENHANCED_PROTECTION_F
,
SSInfo.NSSS_EP_PASSWORD_USED_F
, and
SSInfo.NSSS_EP_MASTER_PWORD_USED_F
flags to not be passed in
automatically.
policy
- The policy that determines if this secret is enhanced protected.setValue(byte[] value)
,
isEnhancedProtected()
public void setEnhancedProtectedPolicy(boolean policy)
setEnhancedProtected(boolean policy)
.
policy
- The policy that determines if this secret is enhanced
protected.setValue(byte[] value)
,
isEnhancedProtected()
public void setEnhancedProtectionPassword(char[] erPass)
SSInfo.NSSS_ENHANCED_PROTECTION_F
and SSInfo.NSSS_EP_PASSWORD_USED_F
) are automatically set for the
caller when read is called. Although it is not necessary for the
caller to also set these flags manually, it will not produce any
undesirable results.
setEnhancedProtected(boolean policy)
with a value of true. This will make this secret enhanced protected, but
without an enhanced protection password.
erPass
- Specifies the enhanced protection password.setValue(byte[])
,
setEnhancedProtected(boolean)
public void setValue(byte[] value) throws SSException
setValue(byte[] value, int flags)
with a flags value of 0.value
- A byte array representing the secret value.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies write access
to this secret.setValue(byte[] value, int flags)
,
SSPermission
public void setValue(byte[] value, int flags) throws SSException
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
flag will result in
name collision being disabled. In other words, this may cause an existing
secret being overwritten by this secret. Enable name collision by
passing in this flag.
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
|
SSInfo.NSSS_ENHANCED_PROTECTION_F
)SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
SSInfo.NSSS_ENHANCED_PROTECTION_F
SSInfo.NSSS_EP_PASSWORD_USED_F
SSInfo.NSSS_EP_MASTER_PWORD_USED_F
value
- A byte array representing the secret value.flags
- Optional flags that can be passed in to modify behavior.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies write access
to this secret.setValue(byte[] value)
,
SSPermission
public boolean sync(Secret targetSecret) throws SSException
targetSecret
- The secret that will be synchronized with.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to this secret.SSPermission
public String toString()
toString
in class Object
public void unsetEnhancedProtectionPassword()
setEnhancedProtectionPassword(char[] erPass)
public void update(Secret targetSecret) throws SSException
targetSecret
- The target Secret.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to this secret.SSPermission
public void update(Secret targetSecret, int flags) throws SSException
SSInfo.NSSS_CHK_SID_FOR_COLLISION_F
SSInfo.NSSS_ENHANCED_PROTECTION_F
SSInfo.NSSS_EP_PASSWORD_USED_F
SSInfo.NSSS_EP_MASTER_PWORD_USED_F
targetSecret
- The target Secret.flags
- The flags for this operation that are passed to the setValue
method.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to this secret.SSPermission
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |