Package org.wildfly.security.auth.realm
Class KeyStoreBackedSecurityRealm
- java.lang.Object
-
- org.wildfly.security.auth.realm.KeyStoreBackedSecurityRealm
-
- All Implemented Interfaces:
SecurityRealm
public class KeyStoreBackedSecurityRealm extends Object implements SecurityRealm
AKeyStore
backedSecurityRealm
implementation.- Author:
- David M. Lloyd, Darran Lofthouse
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private class
KeyStoreBackedSecurityRealm.KeyStoreRealmIdentity
-
Field Summary
Fields Modifier and Type Field Description private KeyStore
keyStore
private Supplier<Provider[]>
providers
-
Fields inherited from interface org.wildfly.security.auth.server.SecurityRealm
EMPTY_REALM
-
-
Constructor Summary
Constructors Constructor Description KeyStoreBackedSecurityRealm(KeyStore keyStore)
Construct a new instance.KeyStoreBackedSecurityRealm(KeyStore keyStore, Supplier<Provider[]> providers)
Construct a new instance.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SupportLevel
getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec)
Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.private KeyStore.Entry
getEntry(String name)
SupportLevel
getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName)
Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.RealmIdentity
getRealmIdentity(Principal principal)
Get a handle for to the identity for the given principal in the context of this security realm.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.wildfly.security.auth.server.SecurityRealm
getCredentialAcquireSupport, getRealmIdentity, getRealmIdentity, handleRealmEvent
-
-
-
-
Constructor Detail
-
KeyStoreBackedSecurityRealm
public KeyStoreBackedSecurityRealm(KeyStore keyStore)
Construct a new instance.- Parameters:
keyStore
- the keystore to use to back this realm
-
-
Method Detail
-
getRealmIdentity
public RealmIdentity getRealmIdentity(Principal principal) throws RealmUnavailableException
Description copied from interface:SecurityRealm
Get a handle for to the identity for the given principal in the context of this security realm. Any validation / name mapping is an implementation detail for the realm. The identity may or may not exist. The returned handle must be cleaned up by a call toRealmIdentity.dispose()
.- Specified by:
getRealmIdentity
in interfaceSecurityRealm
- Parameters:
principal
- the principal which identifies the identity within the realm (must not benull
)- Returns:
- the
RealmIdentity
for the provided principal (notnull
) - Throws:
RealmUnavailableException
-
getCredentialAcquireSupport
public SupportLevel getCredentialAcquireSupport(Class<? extends Credential> credentialType, String algorithmName, AlgorithmParameterSpec parameterSpec) throws RealmUnavailableException
Description copied from interface:SecurityRealm
Determine whether a credential of the given type and algorithm is definitely obtainable, possibly obtainable (for] some identities), or definitely not obtainable.- Specified by:
getCredentialAcquireSupport
in interfaceSecurityRealm
- Parameters:
credentialType
- the exact credential type (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the credential type does not support algorithm namesparameterSpec
- the algorithm parameters to match, ornull
if any parameters are acceptable or the credential type does not support algorithm parameters- Returns:
- the level of support for this credential
- Throws:
RealmUnavailableException
- if the realm is not able to handle requests for any reason
-
getEvidenceVerifySupport
public SupportLevel getEvidenceVerifySupport(Class<? extends Evidence> evidenceType, String algorithmName) throws RealmUnavailableException
Description copied from interface:SecurityRealm
Determine whether a given type of evidence is definitely verifiable, possibly verifiable (for some identities), or definitely not verifiable.- Specified by:
getEvidenceVerifySupport
in interfaceSecurityRealm
- Parameters:
evidenceType
- the type of evidence to be verified (must not benull
)algorithmName
- the algorithm name, ornull
if any algorithm is acceptable or the evidence type does not support algorithm names- Returns:
- the level of support for this evidence type
- Throws:
RealmUnavailableException
- if the realm is not able to handle requests for any reason
-
getEntry
private KeyStore.Entry getEntry(String name)
-
-