org.apache.hadoop.security.ssl
Class ReloadingX509TrustManager

java.lang.Object
  extended by org.apache.hadoop.security.ssl.ReloadingX509TrustManager
All Implemented Interfaces:
Runnable, TrustManager, X509TrustManager

@InterfaceAudience.Private
@InterfaceStability.Evolving
public final class ReloadingX509TrustManager
extends Object
implements X509TrustManager, Runnable

A TrustManager implementation that reloads its configuration when the truststore file on disk changes.


Constructor Summary
ReloadingX509TrustManager(String type, String location, String password, long reloadInterval)
          Creates a reloadable trustmanager.
 
Method Summary
 void checkClientTrusted(X509Certificate[] chain, String authType)
           
 void checkServerTrusted(X509Certificate[] chain, String authType)
           
 void destroy()
          Stops the reloader thread.
 X509Certificate[] getAcceptedIssuers()
           
 long getReloadInterval()
          Returns the reload check interval.
 void init()
          Starts the reloader thread.
 void run()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

ReloadingX509TrustManager

public ReloadingX509TrustManager(String type,
                                 String location,
                                 String password,
                                 long reloadInterval)
                          throws IOException,
                                 GeneralSecurityException
Creates a reloadable trustmanager. The trustmanager reloads itself if the underlying trustore file has changed.

Parameters:
type - type of truststore file, typically 'jks'.
location - local path to the truststore file.
password - password of the truststore file.
reloadInterval - interval to check if the truststore file has changed, in milliseconds.
Throws:
IOException - thrown if the truststore could not be initialized due to an IO error.
GeneralSecurityException - thrown if the truststore could not be initialized due to a security error.
Method Detail

init

public void init()
Starts the reloader thread.


destroy

public void destroy()
Stops the reloader thread.


getReloadInterval

public long getReloadInterval()
Returns the reload check interval.

Returns:
the reload check interval, in milliseconds.

checkClientTrusted

public void checkClientTrusted(X509Certificate[] chain,
                               String authType)
                        throws CertificateException
Specified by:
checkClientTrusted in interface X509TrustManager
Throws:
CertificateException

checkServerTrusted

public void checkServerTrusted(X509Certificate[] chain,
                               String authType)
                        throws CertificateException
Specified by:
checkServerTrusted in interface X509TrustManager
Throws:
CertificateException

getAcceptedIssuers

public X509Certificate[] getAcceptedIssuers()
Specified by:
getAcceptedIssuers in interface X509TrustManager

run

public void run()
Specified by:
run in interface Runnable


Copyright © 2009 The Apache Software Foundation