Source code

001/*
002 * CDDL HEADER START
003 *
004 * The contents of this file are subject to the terms of the
005 * Common Development and Distribution License, Version 1.0 only
006 * (the "License").  You may not use this file except in compliance
007 * with the License.
008 *
009 * You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
010 * or http://forgerock.org/license/CDDLv1.0.html.
011 * See the License for the specific language governing permissions
012 * and limitations under the License.
013 *
014 * When distributing Covered Code, include this CDDL HEADER in each
015 * file and include the License file at legal-notices/CDDLv1_0.txt.
016 * If applicable, add the following below this CDDL HEADER, with the
017 * fields enclosed by brackets "[]" replaced with your own identifying
018 * information:
019 *      Portions Copyright [yyyy] [name of copyright owner]
020 *
021 * CDDL HEADER END
022 *
023 *
024 *      Copyright 2006-2008 Sun Microsystems, Inc.
025 *      Portions Copyright 2014 ForgeRock AS
026 */
027package org.opends.server.api;
028import org.forgerock.i18n.LocalizableMessage;
029
030
031
032import java.util.List;
033import javax.net.ssl.TrustManager;
034
035import org.opends.server.admin.std.server.TrustManagerProviderCfg;
036import org.forgerock.opendj.config.server.ConfigException;
037import org.opends.server.types.DirectoryException;
038import org.opends.server.types.InitializationException;
039
040
041
042/**
043 * This class defines an API that may be used to obtain a set of
044 * {@code javax.net.ssl.TrustManager} objects for use when performing
045 * SSL/StartTLS negotiation.
046 *
047 * @param  <T>  The type of trust manager provider configuration
048 *              handled by this trust manager provider implementation.
049 */
050@org.opends.server.types.PublicAPI(
051     stability=org.opends.server.types.StabilityLevel.VOLATILE,
052     mayInstantiate=false,
053     mayExtend=true,
054     mayInvoke=true)
055public abstract class TrustManagerProvider<T extends
056        TrustManagerProviderCfg>
057{
058  /**
059   * Initializes this trust manager provider based on the information
060   * in the provided configuration entry.
061   *
062   * @param  configuration  The configuration to use for this trust
063   *                        manager provider.
064   *
065   * @throws  ConfigException  If an unrecoverable problem arises in
066   *                           the process of performing the
067   *                           initialization as a result of the
068   *                           server configuration.
069   *
070   * @throws  InitializationException  If a problem occurs during
071   *                                   initialization that is not
072   *                                   related to the server
073   *                                   configuration.
074   */
075  public abstract void initializeTrustManagerProvider(
076                            T configuration)
077         throws ConfigException, InitializationException;
078
079
080
081  /**
082   * Indicates whether the provided configuration is acceptable for
083   * this trust manager provider.  It should be possible to call this
084   * method on an uninitialized trust manager provider instance in
085   * order to determine whether the trust manager provider would be
086   * able to use the provided configuration.
087   * <BR><BR>
088   * Note that implementations which use a subclass of the provided
089   * configuration class will likely need to cast the configuration
090   * to the appropriate subclass type.
091   *
092   * @param  configuration        The trust manager provider
093   *                              configuration for which to make the
094   *                              determination.
095   * @param  unacceptableReasons  A list that may be used to hold the
096   *                              reasons that the provided
097   *                              configuration is not acceptable.
098   *
099   * @return  {@code true} if the provided configuration is acceptable
100   *          for this trust manager provider, or {@code false} if
101   *          not.
102   */
103  public boolean isConfigurationAcceptable(
104                      TrustManagerProviderCfg configuration,
105                      List<LocalizableMessage> unacceptableReasons)
106  {
107    // This default implementation does not perform any special
108    // validation.  It should be overridden by trust manager provider
109    // implementations that wish to perform more detailed validation.
110    return true;
111  }
112
113
114
115  /**
116   * Performs any finalization that may be necessary for this trust
117   * manager provider.
118   */
119  public abstract void finalizeTrustManagerProvider();
120
121
122
123  /**
124   * Retrieves a set of {@code TrustManager} objects that may be used
125   * for interactions requiring access to a trust manager.
126   *
127   * @return  A set of {@code TrustManager} objects that may be used
128   *          for interactions requiring access to a trust manager.
129   *
130   * @throws  DirectoryException  If a problem occurs while attempting
131   *                              to obtain the set of trust managers.
132   */
133  public abstract TrustManager[] getTrustManagers()
134         throws DirectoryException;
135}
136