|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--com.novell.security.sso.SecretStore
An abstract class that represents a SecretStore. Actual instances are created
using the getInstance(Hashtable env) method. Information may be passed
to implementations in the form of environment properties. Information may be
obtained from implementations in the form of properties by calling the
getEnvironmentProperty(String key). This design was used so
that there would only be one interface to SecretStore independent of which
protocol is used underneath.
Below is listed the known properties and their descriptions. Additional
properties may be defined by implementations that may or may not be part of
this list. See the implementation documentation for details.
Key | Property Class Type | Description |
---|---|---|
"com.novell.sso.callerdn" | java.lang.String | A property that specifies distinguised name of the caller, or in other words, the object that is making the request. Some implementations may require this to be set. Some implementations may set this for you either after construction of a SecretStore or after a call to getServiceInfo() has been made. The exact behavior is dependent on the implementation. |
"com.novell.sso.handle" | Dependent on implementation | An environment property that specifies a handle. The exact definition is left up to the implementation. Some implementations may require that this property be provided. See implementation documentation for details. |
"com.novell.sso.secretstore" | java.lang.String | An environment property that specifies the class name of the SecretStore implementation to use. This property is always required. |
"com.novell.sso.serverdn" | java.lang.String | An environment property that specifies the distinguised name of the SecretStore server. This is set either after construction of a SecretStore or after a call to getServiceInfo() has been made. The exact behavior is dependent on the implementation. |
"com.novell.sso.targetdn" | java.lang.String | An environment property that specifies the distinguised name of the object for which SecretStore operations will be made. This is set either after construction of a SecretStore or after a call to getServiceInfo() has been made. The exact behavior is dependent on the implementation. |
"com.novell.sso.tree" | java.lang.String | An environment property that specifies the tree name on which the SecretStore server resides. Some implementations may require that this property be provided. See implementation documentation for details. |
SSPermission
for access control.
getEnvironmentProperty(String key)
,
getInstance(Hashtable env)
,
SSPermission
, Serialized FormField Summary | |
static String |
CALLER_DN
A property that specifies the distinguished name of the user that is requesting SecretStore operations. |
static String |
HANDLE
An environment property that specifies a handle. |
static String |
SECRET_STORE
An environment property that specifies the class name of the SecretStore implementation that will be loaded and used. |
static String |
SERVER_DN
A property that specifies the distinguished name of the server that is being used for SecretStore operations. |
static String |
TARGET_DN
An environment property that specifies the distinguished name of the object for which SecretStore operations will be made. |
static String |
TREE
An environment property that specifies the tree in which the SecretStore server resides. |
static String |
USER_DN
Deprecated. This has been replaced by TARGET_DN because
the target object can be of any class. |
Method Summary | |
void |
commitMasterPasswordChange()
Commits the master password change in SecretStore. |
void |
commitMasterPasswordChange(int flags)
Commits the master password change in SecretStore. |
void |
commitMasterPasswordChange(int flags,
char[] passhint)
Commits the master password change in SecretStore. |
StringTokenizer |
enumerateSecrets()
Enumerates the secrets in SecretStore by returning a StringTokenizer containing the secret identifiers in SecretStore separated by *. |
StringTokenizer |
enumerateSecrets(int flags,
String filter)
Enumerates the secrets in SecretStore by returning a StringTokenizer containing the secret identifiers in SecretStore separated by *. |
StringTokenizer |
enumerateSecrets(int flags,
String filter,
int maxLen)
Enumerates the secrets in SecretStore by returning a StringTokenizer containing the secret identifiers in SecretStore separated by *. |
boolean |
equals(Object obj)
|
byte |
getClientCryptoStrength()
Returns the client's crypto strength. |
int |
getClientVersion()
Returns the client's SecretStore version. |
int |
getEnumBuffLen()
Returns the enumeration buffer length. |
Object |
getEnvironmentProperty(String key)
Used to obtain information about environment properties and to provide a standard way for implementations to pass back information. |
char[] |
getHint()
Returns the SecretStore's hint for the master password. |
static SecretStore |
getInstance(Hashtable env)
Returns a SecretStore instance based on the Hastable environment that is passed in. |
String |
getLastAdminUnlockDn()
Returns the distinguished name of the last SecretStore administrator that unlocked the SecretStore. |
Date |
getLastAdminUnlockTime()
Returns the timestamp for the last time the SecretStore administrator unlocked the SecretStore. |
int |
getNumLockedSecrets()
Returns the number of locked secrets in SecretStore. |
int |
getNumSecrets()
Returns the number of secrets in SecretStore. |
Secret |
getSecret(String id)
Returns a Secret with the specified id. |
Secret |
getSecret(String id,
boolean useMasterPassword)
Returns a Secret object with the specified id. |
Secret[] |
getSecrets(int flags,
String filter,
int maxLen,
boolean useMasterPassword)
Returns a Secret object with the specified id. |
byte |
getServerCryptoStrength()
Returns the server's crypto strength. |
int |
getServerVersion()
Returns the server's SecretStore version. |
void |
getServiceInfo()
Obtains SecretStore Service Information. |
void |
getServiceInfo(int flags)
Obtains SecretStore Service Information. |
int |
getStatus()
Returns the status flags for SecretStore. |
int |
hashCode()
|
void |
removeSecretStore()
Removes this object's SecretStore. |
void |
removeSecretStore(int flags)
Removes this object's SecretStore. |
void |
setMasterPassword(char[] masterPword)
Sets the master password for this SecretStore. |
int |
sync(SecretStore targetStore)
Synchronizes this object, sourceStore, with the targetStore. |
int |
sync(SecretStore targetStore,
int flags,
String filter,
int maxLen)
Synchronizes this object, sourceStore, with the targetStore. |
String |
toString()
Returns a string representation of this object. |
void |
unlockSecretStore()
Unlocks this object's SecretStore by using the Master Password. |
void |
unlockSecretStore(int flags)
Unlocks this object's SecretStore using the Master Password. |
void |
unlockSecretStore(int flags,
char[] ndsPassword)
Unlocks this object's SecretStore. |
void |
unsetMasterPassword()
Unsets the master password. |
void |
update(SecretStore targetStore)
Updates targetStore with secrets from the SecretStore represented by this SecretStore object. |
void |
update(SecretStore targetStore,
int flags,
String filter,
int maxLen)
Updates targetStore with secrets from the SecretStore represented by this SecretStore object. |
Methods inherited from class java.lang.Object |
getClass, notify, notifyAll, wait, wait, wait |
Field Detail |
public static final String CALLER_DN
public static final String HANDLE
public static final String SECRET_STORE
public static final String SERVER_DN
public static final String TREE
public static final String TARGET_DN
public static final String USER_DN
TARGET_DN
because
the target object can be of any class.
Method Detail |
public static final SecretStore getInstance(Hashtable env) throws ClassNotFoundException, IllegalArgumentException, SSException
SECRET_STORE
determines which implementation
of SecretStore will loaded and used. Actual SecretStore implementations
may require additional information in the form of environment properties.
Any additional properties are passed in via the env parameter.
//Authenticating LdapContext initial = new InitialLdapContext(jndiEnv, null); //Getting LdapContext LdapContext ctx = (LdapContext)initial.lookup("cn=test,o=novell"); //Forming the environment properties Hashtable env = new Hashtable(); env.put(SecretStore.SECRET_STORE, "com.novell.security.sso.ldap.jndi.JNDISecretStore"); env.put(SecretStore.USER_DN, "cn=test,o=novell"); env.put(SecretStore.HANDLE, ctx); SecretStore store; //Creating the SecretStore try { store = SecretStore.getInstance(env); } catch(ClassNotFoundException e) { System.out.println(e.getMessage()); e.printStackTrace(); }
env
- The Hashtable containing the environment properties.ClassNotFoundException
- If the class specified by the SECRET_STORE
property was not able to be loaded.IllegalArgumentException
- If the class specified by the
SECRET_STORE
property does not properly inherit from this class.SSException
- If a SSException occurred.public final byte getClientCryptoStrength() throws SSException
SSInfo.NSSS_CRYPTO_DOMESTIC_ENGINE
SSInfo.NSSS_CRYPTO_EXPORT_ENGINE
SSInfo.NSSS_CRYPTO_UNDETERMINED_ENGINE
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final int getClientVersion() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final int getEnumBuffLen() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final Object getEnvironmentProperty(String key)
getServiceInfo()
has not been made yet.
This method will not result in a call to getServiceInfo()
.key
- The key.public final char[] getHint() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.commitMasterPasswordChange(int flags, char[] passhint)
,
SSPermission
public final String getLastAdminUnlockDn() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.public final Date getLastAdminUnlockTime() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.public final void setMasterPassword(char[] masterPword)
commitMasterPasswordChange()
.
masterPword
- The new master password for this SecretStore.unsetMasterPassword()
,
commitMasterPasswordChange(int flags, char[] passhint)
public final int getNumLockedSecrets() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final int getNumSecrets() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final Secret getSecret(String id)
getSecret(String id, boolean useMasterPassword)
with a value of
false for the useMasterPassword parameter.id
- The secret identifier.getSecret(String id, boolean useMasterPassword)
public Secret getSecret(String id, boolean useMasterPassword)
id
- The secret identifier.useMasterPassword
- Value that determines whether or not to use
the master password for this SecretStore as the enhanced protection
password for the generated secret.IllegalArgumentException
- if the identifier is null, empty, or
contains a '*' character.public Secret[] getSecrets(int flags, String filter, int maxLen, boolean useMasterPassword) throws SSException
flags
- The flags.filter
- The filter.maxLen
- The max length.useMasterPassword
- Value that determines whether or not to use
the master password for this SecretStore as the enhanced protection
password for the generated secret.SSException
- If a SSException occurred.getSecret(String id)
public final byte getServerCryptoStrength() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.
SSInfo.NSSS_CRYPTO_DOMESTIC_ENGINE
SSInfo.NSSS_CRYPTO_EXPORT_ENGINE
SSInfo.NSSS_CRYPTO_UNDETERMINED_ENGINE
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final int getServerVersion() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final void getServiceInfo() throws SSException
getServiceInfo(int flags)
with a flags value of 0.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.getServiceInfo(int flags)
,
SSPermission
public final void getServiceInfo(int flags) throws SSException
SSInfo.NSSS_REPAIR_THE_STORE_F
flags
- The flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.getServiceInfo()
,
SSPermission
public final int getStatus() throws SSException
getServiceInfo()
if this SecretStore instance has not been initialized yet.
Compare the value that is returned by this method with the flags that are associated
with a SecretStore's status. Do this by using a statement like:int stat = store.getStatus(); if ( (stat & SSInfo.NSSS_EP_MASTER_PWORD_PRESENT_F) == SSInfo.NSSS_EP_MASTER_PWORD_PRESENT_F) { System.out.println("There is a master password on the SecretStore"); } else if ( (stat & SSInfo.NSSS_MP_NOT_ALLOWED_F) == SSInfo.NSSS_MP_NOT_ALLOWED_F) { System.out.println("Master Password has been disabled by the Administrator"); }
SSInfo.NSSS_ADMIN_UNLOCKED_F
SSInfo.NSSS_EP_MASTER_PWORD_PRESENT_F
SSInfo.NSSS_MP_NOT_ALLOWED_F
SSInfo.NSSS_STORE_NOT_SYNCED_F
SSInfo.NSSS_SECRET_LOCKED_F
SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.SSPermission
public final void commitMasterPasswordChange() throws SSException
commitMasterPasswordChange(int flags, char[] passhint)
with a
flags value of 0 and an empty character array for passhint.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.setMasterPassword(char[] masterPword)
,
unsetMasterPassword()
,
SSPermission
public final void commitMasterPasswordChange(int flags) throws SSException
commitMasterPasswordChange(int flags, char[] passhint)
with an
empty character array for passhint.
flags
- The flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.setMasterPassword(char[] masterPword)
,
unsetMasterPassword()
,
SSPermission
public final void commitMasterPasswordChange(int flags, char[] passhint) throws SSException
flags
- The flags for this operationpasshint
- The hint associated with the master password.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.setMasterPassword(char[] masterPword)
,
unsetMasterPassword()
,
SSPermission
public final StringTokenizer enumerateSecrets() throws SSException
enumerateSecrets(int flags, String filter, int maxLen)
by using the
maximum possible value for maxLen: SSInfo.NSSS_JUMBO_ENUM_BUF_LEN
. This
method also does not use a filter (passes an empty string).SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.enumerateSecrets(int flags, String filter, int maxLen)
,
getSecrets(int flags, String filter, int maxLen, boolean useMasterPassword)
,
SSPermission
public final StringTokenizer enumerateSecrets(int flags, String filter) throws SSException
enumerateSecrets(int flags, String filter, int maxLen)
by using the
maximum possible value for maxLen: SSInfo.NSSS_JUMBO_ENUM_BUF_LEN
.
flags
- Possible flags for this operation.filter
- A string that filters the secret identifiers that are returned.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.enumerateSecrets(int flags, String filter, int maxLen)
,
getSecrets(int flags, String filter, int maxLen, boolean useMasterPassword)
,
SSPermission
public final StringTokenizer enumerateSecrets(int flags, String filter, int maxLen) throws SSException
flags
- Possible flags for this operation.filter
- A string that filters the secret identifiers that are returned.maxLen
- The maximum buffer that will be returned in the StringTokenizer.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read access
to SecretStore.enumerateSecrets(int flags, String filter)
,
getSecrets(int flags, String filter, int maxLen, boolean useMasterPassword)
,
SSPermission
public final void removeSecretStore() throws SSException
removeSecretStore(int flags)
with a flags value of 0.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.removeSecretStore(int flags)
,
SSPermission
public final void removeSecretStore(int flags) throws SSException
flags
- The flags for this operation.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.removeSecretStore()
,
SSPermission
public final int sync(SecretStore targetStore) throws SSException
sync(SecretStore targetStore, int flags, String filter,
int maxLen)
with the defaults - 0 for flags, empty string for filter, and
SSInfo.NSSS_JUMBO_ENUM_BUF_LEN
for maxLen.targetStore
- The SecretStore that will be synchronized with.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to SecretStore.enumerateSecrets(int flags, String filter, int maxLen)
,
sync(SecretStore targetStore, int flags, String filter, int maxLen)
,
Secret.sync(Secret secret)
,
SSPermission
public int sync(SecretStore targetStore, int flags, String filter, int maxLen) throws SSException
targetStore
- The SecretStore that will be synchronized with.flags
- The flags for the getSecrets method.filter
- The filter for the getSecrets method.maxLen
- The maxLen for the getSecrets method.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to SecretStore.SSException
- If a SSException occurred.enumerateSecrets(int flags, String filter, int maxLen)
,
sync(SecretStore targetStore)
,
Secret.sync(Secret secret)
,
SSPermission
public String toString()
toString
in class Object
public final void unlockSecretStore() throws IllegalArgumentException, SSException
unlockSecretStore(int flags)
with a flags value
of 0.IllegalArgumentException
- If the Master Password was not set.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.unlockSecretStore(int flags)
,
unlockSecretStore(int flags, char[] ndsPassword)
,
SSPermission
public final void unlockSecretStore(int flags) throws IllegalArgumentException, SSException
flags
- The flags for this operation.IllegalArgumentException
- If the Master Password was not set.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.unlockSecretStore()
,
unlockSecretStore(int flags, char[] ndsPassword)
,
SSPermission
public final void unlockSecretStore(int flags, char[] ndsPassword) throws SSException
SSInfo.NSSS_REMOVE_LOCK_FROM_STORE_F
in flags parameter will
result in all locked secrets in SecretStore being deleted. This allows the
SecretStore to be unlocked without having to know the Master Password or the
previous NDS password. The drawback is that any locked secrets are deleted and
cannot be recovered.
SSInfo.NSSS_REMOVE_LOCK_FROM_STORE_F
flags
- The flags for this operation.ndsPassword
- The previous eDirectory password.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies admin access
to SecretStore.unlockSecretStore()
,
unlockSecretStore(int flags)
,
SSPermission
public final void unsetMasterPassword()
commitMasterPasswordChange(int flags, char[] passhint)
.setMasterPassword(char[] masterPword)
,
commitMasterPasswordChange(int flags, char[] passhint)
public final void update(SecretStore targetStore) throws SSException
SSInfo.NSSS_JUMBO_ENUM_BUF_LEN
for maxLen.targetStore
- The SecretStore that will be updated.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to SecretStore.enumerateSecrets(int flags, String filter, int maxLen)
,
update(SecretStore targetStore, int flags, String filter, int maxLen)
,
Secret.update(Secret secret)
,
SSPermission
public void update(SecretStore targetStore, int flags, String filter, int maxLen) throws SSException
targetStore
- The SecretStore that will be updated.flags
- The flags for the getSecrets method.filter
- The filter for the getSecrets method.maxLen
- The maxLen for the getSecrets method.SSException
- If a SSException occurred.SecurityException
- If a security manager exists and its
SecurityManager.checkPermission method denies read/write access
to SecretStore.enumerateSecrets(int flags, String filter, int maxLen)
,
update(SecretStore targetStore)
,
Secret.update(Secret secret)
,
SSPermission
public boolean equals(Object obj)
equals
in class Object
public int hashCode()
hashCode
in class Object
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |