Classes in this File | Line Coverage | Branch Coverage | Complexity | ||||
TlsDirectTrustStore |
|
| 1.0;1 |
1 | /* | |
2 | * $Id: TlsDirectTrustStore.java 7976 2007-08-21 14:26:13Z dirk.olmes $ | |
3 | * -------------------------------------------------------------------------------------- | |
4 | * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com | |
5 | * | |
6 | * The software in this package is published under the terms of the CPAL v1.0 | |
7 | * license, a copy of which has been included with this distribution in the | |
8 | * LICENSE.txt file. | |
9 | */ | |
10 | ||
11 | package org.mule.umo.security; | |
12 | ||
13 | import javax.net.ssl.TrustManagerFactory; | |
14 | ||
15 | /** | |
16 | * Configure direct trust stores. | |
17 | * TLS/SSL connections are made to trusted systems - the public certificates of trusted systems are stored in | |
18 | * a keystore (called a trust store) and used to verify that the connection made to a remote system "really | |
19 | * is" the expected identity. | |
20 | * | |
21 | * <p>The information specified in this interface may be used to configure a trust store directly, or the | |
22 | * values in the {@link TlsIndirectTrustStore} may be stored as property values and used later, or both. | |
23 | * It may therefore be specific to a single | |
24 | * connector, or global to all connectors made by that protocol, or even (in the case of the SSL transport) | |
25 | * become a global default value. For more information see the documentation for the connector or protocol in | |
26 | * question. The comments in {@link org.mule.umo.security.tls.TlsConfiguration} may also be useful.</p> | |
27 | */ | |
28 | public interface TlsDirectTrustStore extends TlsIndirectTrustStore | |
29 | { | |
30 | ||
31 | /** | |
32 | * @return The type of keystore used to implement the trust store defined in {@link #getTrustStore()} | |
33 | */ | |
34 | String getTrustStoreType(); | |
35 | ||
36 | /** | |
37 | * @param trustStoreType The type of keystore used to implement the trust store defined in | |
38 | * {@link #setTrustStore(String)} | |
39 | */ | |
40 | void setTrustStoreType(String trustStoreType); | |
41 | ||
42 | /** | |
43 | * @return The algorithm used by the trust store. The default comes from { | |
44 | * @link org.mule.umo.security.provider.AutoDiscoverySecurityProviderFactory} | |
45 | */ | |
46 | String getTrustManagerAlgorithm(); | |
47 | ||
48 | /** | |
49 | * @param trustManagerAlgorithm The algorithm used by the trust store. The default comes from { | |
50 | * @link org.mule.umo.security.provider.AutoDiscoverySecurityProviderFactory} | |
51 | */ | |
52 | void setTrustManagerAlgorithm(String trustManagerAlgorithm); | |
53 | ||
54 | /** | |
55 | * @return Either the factory defined by {@link #setTrustManagerFactory(TrustManagerFactory)} or one | |
56 | * constructed from the parameters in this interface ({@link #setTrustStore(String)} etc). | |
57 | */ | |
58 | TrustManagerFactory getTrustManagerFactory(); | |
59 | ||
60 | /** | |
61 | * @param trustManagerFactory The source of trust information if the store is accessed directly | |
62 | * (some connectors generate trust stores indirectly through System properties in which case this | |
63 | * value will be ignored - see {@link TlsConfiguration}). | |
64 | */ | |
65 | void setTrustManagerFactory(TrustManagerFactory trustManagerFactory); | |
66 | ||
67 | /** | |
68 | * If the trust store is undefined and the trust store generated via System properties then the | |
69 | * key store certificates defined via {@link TODO} can be used as a source of trust information. | |
70 | * | |
71 | * @return true if the key store data should <em>not</em> be used when a trust store is otherwise | |
72 | * undefined | |
73 | */ | |
74 | boolean isExplicitTrustStoreOnly(); | |
75 | ||
76 | /** | |
77 | * If the trust store is undefined and the trust store generated via System properties then the | |
78 | * key store certificates defined via {@link TODO} can be used as a source of trust information. | |
79 | * | |
80 | * @param explicitTrustStoreOnly true if the key store data should <em>not<em> be used when a trust | |
81 | * store is otherwise undefined | |
82 | */ | |
83 | void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly); | |
84 | ||
85 | /** | |
86 | * If a server socket is constructed directly (see {@link TlsConfiguration}) then this flag will | |
87 | * control whether client authenticatin is required. This does not apply to client connections. | |
88 | * | |
89 | * @return true if clients must be authenticated | |
90 | */ | |
91 | boolean isRequireClientAuthentication(); | |
92 | ||
93 | /** | |
94 | * If a server socket is constructed directly (see {@link TlsConfiguration}) then this flag will | |
95 | * control whether client authenticatin is required. This does not apply to client connections. | |
96 | * | |
97 | * @param requireClientAuthentication true if clients must be authenticated | |
98 | */ | |
99 | void setRequireClientAuthentication(boolean requireClientAuthentication); | |
100 | ||
101 | } | |
102 | ||
103 |