org.apache.hadoop.security.ssl
Class FileBasedKeyStoresFactory

java.lang.Object
  extended by org.apache.hadoop.security.ssl.FileBasedKeyStoresFactory
All Implemented Interfaces:
Configurable, KeyStoresFactory

@InterfaceAudience.Private
@InterfaceStability.Evolving
public class FileBasedKeyStoresFactory
extends Object
implements KeyStoresFactory

KeyStoresFactory implementation that reads the certificates from keystore files.

if the trust certificates keystore file changes, the TrustManager is refreshed with the new trust certificate entries (using a ReloadingX509TrustManager trustmanager).


Field Summary
static String DEFAULT_KEYSTORE_TYPE
          Default format of the keystore files.
static int DEFAULT_SSL_TRUSTSTORE_RELOAD_INTERVAL
          Reload interval in milliseconds.
static String SSL_KEYSTORE_LOCATION_TPL_KEY
           
static String SSL_KEYSTORE_PASSWORD_TPL_KEY
           
static String SSL_KEYSTORE_TYPE_TPL_KEY
           
static String SSL_TRUSTSTORE_LOCATION_TPL_KEY
           
static String SSL_TRUSTSTORE_PASSWORD_TPL_KEY
           
static String SSL_TRUSTSTORE_RELOAD_INTERVAL_TPL_KEY
           
static String SSL_TRUSTSTORE_TYPE_TPL_KEY
           
 
Constructor Summary
FileBasedKeyStoresFactory()
           
 
Method Summary
 void destroy()
          Releases any resources being used.
 Configuration getConf()
          Returns the configuration of the factory.
 KeyManager[] getKeyManagers()
          Returns the keymanagers for owned certificates.
 TrustManager[] getTrustManagers()
          Returns the trustmanagers for trusted certificates.
 void init(SSLFactory.Mode mode)
          Initializes the keystores of the factory.
static String resolvePropertyName(SSLFactory.Mode mode, String template)
          Resolves a property name to its client/server version if applicable.
 void setConf(Configuration conf)
          Sets the configuration for the factory.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

SSL_KEYSTORE_LOCATION_TPL_KEY

public static final String SSL_KEYSTORE_LOCATION_TPL_KEY
See Also:
Constant Field Values

SSL_KEYSTORE_PASSWORD_TPL_KEY

public static final String SSL_KEYSTORE_PASSWORD_TPL_KEY
See Also:
Constant Field Values

SSL_KEYSTORE_TYPE_TPL_KEY

public static final String SSL_KEYSTORE_TYPE_TPL_KEY
See Also:
Constant Field Values

SSL_TRUSTSTORE_RELOAD_INTERVAL_TPL_KEY

public static final String SSL_TRUSTSTORE_RELOAD_INTERVAL_TPL_KEY
See Also:
Constant Field Values

SSL_TRUSTSTORE_LOCATION_TPL_KEY

public static final String SSL_TRUSTSTORE_LOCATION_TPL_KEY
See Also:
Constant Field Values

SSL_TRUSTSTORE_PASSWORD_TPL_KEY

public static final String SSL_TRUSTSTORE_PASSWORD_TPL_KEY
See Also:
Constant Field Values

SSL_TRUSTSTORE_TYPE_TPL_KEY

public static final String SSL_TRUSTSTORE_TYPE_TPL_KEY
See Also:
Constant Field Values

DEFAULT_KEYSTORE_TYPE

public static final String DEFAULT_KEYSTORE_TYPE
Default format of the keystore files.

See Also:
Constant Field Values

DEFAULT_SSL_TRUSTSTORE_RELOAD_INTERVAL

public static final int DEFAULT_SSL_TRUSTSTORE_RELOAD_INTERVAL
Reload interval in milliseconds.

See Also:
Constant Field Values
Constructor Detail

FileBasedKeyStoresFactory

public FileBasedKeyStoresFactory()
Method Detail

resolvePropertyName

public static String resolvePropertyName(SSLFactory.Mode mode,
                                         String template)
Resolves a property name to its client/server version if applicable.

NOTE: This method is public for testing purposes.

Parameters:
mode - client/server mode.
template - property name template.
Returns:
the resolved property name.

setConf

public void setConf(Configuration conf)
Sets the configuration for the factory.

Specified by:
setConf in interface Configurable
Parameters:
conf - the configuration for the factory.

getConf

public Configuration getConf()
Returns the configuration of the factory.

Specified by:
getConf in interface Configurable
Returns:
the configuration of the factory.

init

public void init(SSLFactory.Mode mode)
          throws IOException,
                 GeneralSecurityException
Initializes the keystores of the factory.

Specified by:
init in interface KeyStoresFactory
Parameters:
mode - if the keystores are to be used in client or server mode.
Throws:
IOException - thrown if the keystores could not be initialized due to an IO error.
GeneralSecurityException - thrown if the keystores could not be initialized due to a security error.

destroy

public void destroy()
Releases any resources being used.

Specified by:
destroy in interface KeyStoresFactory

getKeyManagers

public KeyManager[] getKeyManagers()
Returns the keymanagers for owned certificates.

Specified by:
getKeyManagers in interface KeyStoresFactory
Returns:
the keymanagers for owned certificates.

getTrustManagers

public TrustManager[] getTrustManagers()
Returns the trustmanagers for trusted certificates.

Specified by:
getTrustManagers in interface KeyStoresFactory
Returns:
the trustmanagers for trusted certificates.


Copyright © 2009 The Apache Software Foundation