Package pl.edu.icm.unity.engine.api
Interface PKIManagement
public interface PKIManagement
Provides access to PKI related stores: credentials, certificates and truststores (validators).
Currently it is read only and implementation is based on FS stored data. In future it will be enhanced to support DB-stored data with possibility to add/remove contents.
Single exception are certificates. It is possible to managed (add/remove) them at runtime, however the current implementation is in memory only, i.e. all changes are lost after restart. Again this will be refactored in future.
- Author:
- K. Benedyczak
-
Method Summary
Modifier and TypeMethodDescriptionvoidAdds a new persisted certificatevoidaddVolatileCertificate(String name, X509Certificate updated) Adds a new volatile certificategetCertificate(String name) eu.emi.security.authn.x509.X509CredentialgetCredential(String name) eu.unicore.security.canl.IAuthnAndTrustConfigurationeu.emi.security.authn.x509.X509CertChainValidatorExtgetValidator(String name) voidvoidremoveCertificate(String toRemove) Removes a given certificatevoidupdateCertificate(NamedCertificate toUpdate) Updates a given certificate
-
Method Details
-
getCredentialNames
- Returns:
- set with available credential names
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getCredential
eu.emi.security.authn.x509.X509Credential getCredential(String name) throws pl.edu.icm.unity.base.exceptions.EngineException - Parameters:
name-- Returns:
- credential by name
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getValidatorNames
- Returns:
- set of available validators
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getValidator
eu.emi.security.authn.x509.X509CertChainValidatorExt getValidator(String name) throws pl.edu.icm.unity.base.exceptions.EngineException - Parameters:
name-- Returns:
- validator by name
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getMainAuthnAndTrust
eu.unicore.security.canl.IAuthnAndTrustConfiguration getMainAuthnAndTrust()- Returns:
- method allows to quickly get
IAuthnAndTrustConfigurationof the main server.
-
getAllCertificateNames
- Returns:
- set with available certificate names
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getCertificate
NamedCertificate getCertificate(String name) throws pl.edu.icm.unity.base.exceptions.EngineException - Parameters:
name-- Returns:
- certificate by name
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
addVolatileCertificate
void addVolatileCertificate(String name, X509Certificate updated) throws pl.edu.icm.unity.base.exceptions.EngineException Adds a new volatile certificate- Parameters:
name-updated-- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getVolatileCertificates
List<NamedCertificate> getVolatileCertificates() throws pl.edu.icm.unity.base.exceptions.EngineException- Returns:
- set with available volatile certificates
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
addPersistedCertificate
void addPersistedCertificate(NamedCertificate toAdd) throws pl.edu.icm.unity.base.exceptions.EngineException Adds a new persisted certificate- Parameters:
toAdd-- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
getPersistedCertificates
List<NamedCertificate> getPersistedCertificates() throws pl.edu.icm.unity.base.exceptions.EngineException- Returns:
- set with available persisted certificates
- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
removeCertificate
Removes a given certificate- Parameters:
toRemove-- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
updateCertificate
void updateCertificate(NamedCertificate toUpdate) throws pl.edu.icm.unity.base.exceptions.EngineException Updates a given certificate- Parameters:
toRemove-- Throws:
pl.edu.icm.unity.base.exceptions.EngineException
-
loadCertificatesFromConfigFile
void loadCertificatesFromConfigFile()
-