org.bitrepository.protocol.security

Class BasicSecurityManager

java.lang.Object

org.bitrepository.protocol.security.BasicSecurityManager

All Implemented Interfaces:

SecurityManager

public class BasicSecurityManager
extends Object
implements SecurityManager

Class to handle: - loading of certificates - setup of SSLContext - Authentication of signatures - Signature generation - Authorization of operations

Constructor Summary

Constructors

Constructor and Description
BasicSecurityManager(RepositorySettings repositorySettings, String privateKeyFile, MessageAuthenticator authenticator, MessageSigner signer, OperationAuthorizor authorizer, PermissionStore permissionStore, String componentID) Constructor for the SecurityManager.

Method Summary

Methods

Modifier and Type	Method and Description
void	authenticateMessage(String message, String signature) Method to authenticate a message.
void	authorizeCertificateUse(String certificateUser, String messageData, String signature) Method to authorize the use of a certificate
void	authorizeOperation(String operationType, String messageData, String signature) Method to authorize an operation
String	signMessage(String message) Method to sign a message

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BasicSecurityManager

public BasicSecurityManager(RepositorySettings repositorySettings,
                    String privateKeyFile,
                    MessageAuthenticator authenticator,
                    MessageSigner signer,
                    OperationAuthorizor authorizer,
                    PermissionStore permissionStore,
                    String componentID)

Constructor for the SecurityManager.

Parameters:

repositorySettings - the collection settings to retrieve settings from

privateKeyFile - path to the file containing the components private key and certificate, may be null if not using certificates and encryption.

authenticator - MessageAuthenticator for authenticating messages

signer - MessageSigner for signing messages.

authorizer - OperationAuthorizer to authorize operations

permissionStore - the PermissionStore to hold certificates and adjoining permissions

Method Detail

authenticateMessage

public void authenticateMessage(String message,
                       String signature)
                         throws MessageAuthenticationException

Method to authenticate a message.

Specified by:

authenticateMessage in interface SecurityManager

Parameters:

message - the message that needs to be authenticated.

signature - the signature belonging to the message.

Throws:

MessageAuthenticationException - in case of failure.

signMessage

public String signMessage(String message)
                   throws MessageSigningException

Method to sign a message

Specified by:

signMessage in interface SecurityManager

Parameters:

message - the message to sign

Returns:

the signature for the message, or null if authentication is disabled.

Throws:

MessageSigningException - if signing of the message fails.

authorizeCertificateUse

public void authorizeCertificateUse(String certificateUser,
                           String messageData,
                           String signature)
                             throws CertificateUseException

Method to authorize the use of a certificate

Specified by:

authorizeCertificateUse in interface SecurityManager

Parameters:

certificateUser - the user who signed the message

messageData - the data of the message request.

signature - the signature belonging to the message request.

Throws:

CertificateUseException - in case the certificate use could not be authorized.

authorizeOperation

public void authorizeOperation(String operationType,
                      String messageData,
                      String signature)
                        throws OperationAuthorizationException

Method to authorize an operation

Specified by:

authorizeOperation in interface SecurityManager

Parameters:

operationType - the type of operation that is to be authorized.

messageData - the data of the message request.

signature - the signature belonging to the message request.

Throws:

OperationAuthorizationException - in case of failure.