Package org.wildfly.security.keystore

Class LdapKeyStore.Builder

    • Field Detail

      • DEFAULT_SEARCH_TIME_LIMIT

        private static final int DEFAULT_SEARCH_TIME_LIMIT
        See Also:
        Constant Field Values

      • dirContextSupplier

        private org.wildfly.common.function.ExceptionSupplier<DirContext,​NamingException> dirContextSupplier

      • searchPath

        private String searchPath

      • searchScope

        private int searchScope

      • searchTimeLimit

        private int searchTimeLimit

      • filterAlias

        private String filterAlias

      • filterCertificate

        private String filterCertificate

      • filterIterate

        private String filterIterate

      • createPath

        private LdapName createPath

      • createRdn

        private String createRdn

      • createAttributes

        private Attributes createAttributes

      • aliasAttribute

        private String aliasAttribute

      • certificateAttribute

        private String certificateAttribute

      • certificateType

        private String certificateType

      • certificateChainAttribute

        private String certificateChainAttribute

      • certificateChainEncoding

        private String certificateChainEncoding

      • keyAttribute

        private String keyAttribute

      • keyType

        private String keyType

    • Constructor Detail

      • Builder

        private Builder()

    • Method Detail

      • build

        public LdapKeyStore build()
        Build a LDAP keystore.
        Returns:
        the LDAP keystore

      • setDirContextSupplier

        public LdapKeyStore.Builder setDirContextSupplier​(org.wildfly.common.function.ExceptionSupplier<DirContext,​NamingException> dirContextSupplier)
        Set the DirContext supplier, which will be used to obtain DirContext to perform operation over KeyStore.
        Parameters:
        dirContextSupplier -
        Returns:
        this builder

      • setSearchPath

        public LdapKeyStore.Builder setSearchPath​(String searchPath)
        Set the name of the context (DN, distinguish name) to be used when executing queries.
        Parameters:
        searchPath - the name of the context to search
        Returns:
        this builder

      • setSearchScope

        public LdapKeyStore.Builder setSearchScope​(int searchScope)
        Set if queries are searching the entire subtree (true) or only one level search is used (false). Default value: SUBTREE_SCOPE
        Returns:
        this builder

      • setSearchRecursive

        public LdapKeyStore.Builder setSearchRecursive​(boolean recursive)
        Set if queries are searching the entire subtree (true) or only one level search is used (false). Default value: true
        Returns:
        this builder

      • setSearchTimeLimit

        public LdapKeyStore.Builder setSearchTimeLimit​(int searchTimeLimit)
        Set the time limit of LDAP search in milliseconds.
        Parameters:
        searchTimeLimit - the limit in milliseconds. Defaults to 10000 milliseconds.
        Returns:
        this builder

      • setFilterAlias

        public LdapKeyStore.Builder setFilterAlias​(String filterAlias)
        Set the LDAP filter used to search keystore item by alias. If not specified "(alias-attribute={0})" is used.
        Parameters:
        filterAlias - the LDAP filter, substring "{0}" will by replaced by searched alias
        Returns:
        this builder

      • setFilterCertificate

        public LdapKeyStore.Builder setFilterCertificate​(String filterCertificate)
        Set the LDAP filter used to search keystore item by certificate. If not specified "(certificate-attribute={0})" is used.
        Parameters:
        filterCertificate - the LDAP filter, substring "{0}" will by replaced by encoded searched certificate
        Returns:
        this builder

      • setFilterIterate

        public LdapKeyStore.Builder setFilterIterate​(String filterIterate)
        Set the LDAP filter used to search all keystore items. If not specified "(alias-attribute=*)" is used.
        Parameters:
        filterIterate - the LDAP filter
        Returns:
        this builder

      • setCreatePath

        public LdapKeyStore.Builder setCreatePath​(LdapName createPath)
        Set the name of the context (DN, distinguish name), where will be LDAP entries of new keystore items created.
        Parameters:
        createPath - the name of the context, where to create
        Returns:
        this builder

      • setCreateRdn

        public LdapKeyStore.Builder setCreateRdn​(String createRdn)
        Set the name of the attribute in LDAP, that will be used as RDN - last part of path of new entries. This attribute can be different from aliasAttribute, but its value will be alias too for newly created entries.
        Parameters:
        createRdn - the name of attribute which will be used as RDN
        Returns:
        this builder

      • setCreateAttributes

        public LdapKeyStore.Builder setCreateAttributes​(Attributes createAttributes)
        Set the attributes of newly created LDAP entries and their values.
        Parameters:
        createAttributes - the attributes and their initial values
        Returns:
        this builder

      • setAliasAttribute

        public LdapKeyStore.Builder setAliasAttribute​(String aliasAttribute)
        Set the name of the attribute in LDAP that holds the alias of keystore item.
        Parameters:
        aliasAttribute - the name of attribute that holds the alias
        Returns:
        this builder

      • setCertificateAttribute

        public LdapKeyStore.Builder setCertificateAttribute​(String certificateAttribute)
        Set the name of the attribute in LDAP that holds the encoded certificate.
        Parameters:
        certificateAttribute - the name of attribute that holds the encoded certificate
        Returns:
        this builder

      • setCertificateType

        public LdapKeyStore.Builder setCertificateType​(String certificateType)
        Set the type of certificate, which is stored in certificateAttribute and certificateChainAttribute. This type is used for decoding certificate and certificate chain from LDAP attribute value.
        Parameters:
        certificateType - the name of attribute that holds the encoded certificate
        Returns:
        this builder
        See Also:
        CertificateFactory.getInstance(String)

      • setCertificateChainAttribute

        public LdapKeyStore.Builder setCertificateChainAttribute​(String certificateChainAttribute)
        Set the name of the attribute in LDAP that holds the encoded certificate chain.
        Parameters:
        certificateChainAttribute - the name of attribute that holds the encoded certificate chain
        Returns:
        this builder

      • setCertificateChainEncoding

        public LdapKeyStore.Builder setCertificateChainEncoding​(String certificateChainEncoding)
        Set the encoding of certificate chain, which is stored in certificateChainAttribute. This encoding is used for encoding certificate chain into the LDAP attribute value.
        Parameters:
        certificateChainEncoding - the name of the encoding to use
        Returns:
        this builder
        See Also:
        CertPath.getEncoded(String)

      • setKeyAttribute

        public LdapKeyStore.Builder setKeyAttribute​(String keyAttribute)
        Set the name of the attribute in LDAP that holds the private key. Private key is stored encased in KeyStore, encrypted by password of keystore item.
        Parameters:
        keyAttribute - the name of attribute that holds the private key
        Returns:
        this builder

      • setKeyType

        public LdapKeyStore.Builder setKeyType​(String keyType)
        Set type of keystores, into which is encased every private key before storing into keyAttribute.
        Parameters:
        keyType - the type of keystore
        Returns:
        this builder
        See Also:
        KeyStore.getInstance(String)