public class X500Server extends BaseProvider implements DelayedMulticastRequestDecoder, MulticastAnnouncementEncoder
| Modifier and Type | Field and Description |
|---|---|
protected String |
keyAlgorithm
The key algorithm name (for example, "DSA").
|
protected String |
keyAlgorithmOID
The key algorithm OID.
|
protected int |
maxSignatureLength
The maximum length of generated signatures, in bytes.
|
protected String |
signatureAlgorithm
The signature algorithm (for example, "SHA1withDSA").
|
formatName| Modifier | Constructor and Description |
|---|---|
protected |
X500Server(String formatName,
String signatureAlgorithm,
int maxSignatureLength,
String keyAlgorithm,
String keyAlgorithmOID)
Creates an instance with the given attributes.
|
| Modifier and Type | Method and Description |
|---|---|
MulticastRequest |
decodeMulticastRequest(ByteBuffer buf,
InvocationConstraints constraints,
ClientSubjectChecker checker) |
MulticastRequest |
decodeMulticastRequest(ByteBuffer buf,
InvocationConstraints constraints,
ClientSubjectChecker checker,
boolean delayConstraintCheck) |
void |
encodeMulticastAnnouncement(MulticastAnnouncement announcement,
DatagramBufferFactory bufs,
InvocationConstraints constraints) |
protected Certificate |
getCertificate(X500Principal principal)
Returns certificate corresponding to the given principal, or null if no
matching certificate can be found.
|
getFormatNameclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitgetFormatNameprotected final String signatureAlgorithm
protected final int maxSignatureLength
protected final String keyAlgorithm
protected final String keyAlgorithmOID
public MulticastRequest decodeMulticastRequest(ByteBuffer buf, InvocationConstraints constraints, ClientSubjectChecker checker, boolean delayConstraintCheck) throws IOException
decodeMulticastRequest in interface DelayedMulticastRequestDecoderIOExceptionpublic void encodeMulticastAnnouncement(MulticastAnnouncement announcement, DatagramBufferFactory bufs, InvocationConstraints constraints) throws IOException
encodeMulticastAnnouncement in interface MulticastAnnouncementEncoderIOExceptionpublic MulticastRequest decodeMulticastRequest(ByteBuffer buf, InvocationConstraints constraints, ClientSubjectChecker checker) throws IOException
decodeMulticastRequest in interface MulticastRequestDecoderIOExceptionprotected Certificate getCertificate(X500Principal principal) throws IOException, GeneralSecurityException
The default implementation of this method does the following: the first time this method is called on this instance, a keystore containing trust anchors for the certificate to return is loaded. The location of the file to load the keystore from can be specified (in order of precedence) by the org.apache.river.discovery.x500.trustStore and javax.net.ssl.trustStore system properties; if no location is specified, then the cacerts file in the lib/security subdirectory of the JDK installation directory is used. If specified, the location is treated as a URL. If no protocol is specified in the URL or it is an unknown protocol, then, the location is treated as a file name. Depending on which system property is used to specify the keystore location, the org.apache.river.discovery.x500.trustStoreType and org.apache.river.discovery.x500.trustStorePassword or javax.net.ssl.trustStoreType and javax.net.ssl.trustStorePassword system properties can be used to specify the type of the keystore and the password to use when loading it. If no keystore type is specified, then the type returned by KeyStore.getDefaultType() is used; if no password is specified, then no password is used when loading the keystore. Additionally, if the org.apache.river.discovery.x500.ldapCertStores system property is set, its value is interpreted as a comma-separated list of "host[:port]" elements which are used to obtain references to LDAP-based CertStore instances.
For each call, the default implementation of this method creates a PKIX CertPathBuilder and calls its build method, passing as the argument a PKIXBuilderParameters instance initialized with the aforementioned keystore, CertStores (if any), and a CertSelector based on the provided X.500 principal and the key algorithm OID for this instance. If the build operation succeeds, the resulting certificate is returned.
IOExceptionGeneralSecurityExceptionCopyright © 2016–2018. All rights reserved.