SecurityService (Openwings API Documentation (v1.1))

Overview

Package

Class

Tree

Deprecated

Index

Help

Openwings API Documentation (v1.1)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.openwings.security
Interface SecurityService

public interface SecurityService

This interface describes a service that manages users, roles and trust relationsips with other platforms or contexts.

The security service applies to a single platform, and only one security service should be provided on a platform.

Method Summary
`void`	`addRelationship(java.lang.String platformName, java.security.cert.Certificate[] certificateChain)` This method is used to establish a trust relationship between two platforms.
`void`	`addRole(java.lang.String roleName)` This method adds the specified role to the system.
`void`	`addSignerCertificate(java.security.cert.Certificate[] certificates)` This method is used to import signer certificates into the system.
`void`	`addUser(java.lang.String userName, java.lang.String[] roles, java.lang.String password)` This method adds a user to the system.
`void`	`addUserToRole(java.lang.String userName, java.lang.String roleName)` This method assigns a role to a user.
`void`	`deleteRelationship(java.lang.String platformName)` This method is used to remove a trust relationship between two platforms.
`void`	`deleteRole(java.lang.String roleName)` This method deletes the specified role from the system.
`void`	`deleteUser(java.lang.String userName)` This method removes the user from the system.
`void`	`deleteUserFromRole(java.lang.String userName, java.lang.String roleName)` This method removes the assignment of the role to the user.
`java.security.cert.Certificate`	`getCertificate(java.lang.String alias)` This method is used to obtain the certificate associated with a particular user/role.
`java.security.cert.Certificate[]`	`getCertificateChain(java.lang.String alias)` This method is used to obtain the certificate chain associated with a particular user/role.
`UniqueID`	`getContext()` This method is used to tell what context a platform is a member of.
`java.net.InetAddress`	`getHost()` This method returns the host on which this `SecurityService` is running.
`java.security.Principal[]`	`getRoles(java.lang.String userName)` This method returns the list of `OpenwingsRoles` (`Principals`) assigned to a user name.
`java.security.Principal[]`	`getRoles(javax.security.auth.Subject subject)` This method returns the list of `OpenwingsRoles` (`Principals`) assigned to a subject.
`java.security.SignedObject`	`getSignedObject(java.io.Serializable obj)` This method is used to sign an object with the Openwings private key
`java.lang.String[]`	`getSystemRoles()` This method returns the list of roles currently present in the system.
`java.lang.Object`	`getUnsignedObject(java.security.SignedObject sObj)` This method is used to retrieve the contents of an object signed by the Openwings private key
`java.lang.String[]`	`getUsers()` This method returns the list of users currently present in the system.
`java.security.PublicKey`	`getVerificationKey()` This method returns the `SecurityService` public key corresponding to the private key used to sign objects.
`boolean`	`hasCertificate(java.lang.String alias)` This method is used to determine if a user/role has a certificate in the keystore.
`boolean`	`hasTrustedCertificate(java.lang.String alias)` This method is used to determine if a user/role has a trusted certificate in the keystore.
`boolean`	`isSigner(java.security.cert.Certificate[] certificates)` This method is used to determine whether the signer of an application is a signer known but not necessarily trusted by the system.
`boolean`	`isTrustedSigner(java.security.cert.Certificate[] certificates)` This method is used to determine whether the signer of an application is a signer trusted by the system.
`void`	`modifyUser(java.lang.String userName, java.lang.String[] roles, java.lang.String password, java.lang.String oldPassword)` This method modifies a user in the system.
`void`	`modifyUserPassword(java.lang.String userName, java.lang.String password, java.lang.String oldPassword)` This method modifies a user's password in the system.
`void`	`modifyUserRoles(java.lang.String userName, java.lang.String[] roles)` This method modifies a user's roles in the system.
`void`	`removeSignerCertificate(java.security.cert.Certificate[] certificates)` This method is used to remove signer certificates from the system.
`void`	`setContext(UniqueID myContextID)` This method is used to tell the platform what context it is a member of.
`boolean`	`validateLogin(java.lang.String userName, java.lang.String password)` This method is used to validate the user login.

Method Detail

getHost

public java.net.InetAddress getHost()
                             throws java.rmi.RemoteException

This method returns the host on which this SecurityService is running.

Returns:: host
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

addUser

public void addUser(java.lang.String userName,
                    java.lang.String[] roles,
                    java.lang.String password)
             throws java.rmi.RemoteException

This method adds a user to the system.

Parameters:: userName - the user's name; roles - list of roles to which the user is assigned.; password - the user's password
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

modifyUser

public void modifyUser(java.lang.String userName,
                       java.lang.String[] roles,
                       java.lang.String password,
                       java.lang.String oldPassword)
                throws java.rmi.RemoteException

This method modifies a user in the system.

Parameters:: userName - the user's name; roles - list of roles to which the user is assigned.; password - the user's new password; oldPassword - the user's old password
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

modifyUserPassword

public void modifyUserPassword(java.lang.String userName,
                               java.lang.String password,
                               java.lang.String oldPassword)
                        throws java.rmi.RemoteException

This method modifies a user's password in the system.

Parameters:: userName - the user's name; password - the user's new password; oldPassword - the user's old password
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

modifyUserRoles

public void modifyUserRoles(java.lang.String userName,
                            java.lang.String[] roles)
                     throws java.rmi.RemoteException

This method modifies a user's roles in the system.

Parameters:: userName - the user's name; roles - list of roles to which the user is assigned.
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

deleteUser

public void deleteUser(java.lang.String userName)
                throws java.rmi.RemoteException

This method removes the user from the system.

Parameters:: userName - the user's name
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

addUserToRole

public void addUserToRole(java.lang.String userName,
                          java.lang.String roleName)
                   throws java.rmi.RemoteException

This method assigns a role to a user.

Parameters:: userName - the user's name; roleName - the role name
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

deleteUserFromRole

public void deleteUserFromRole(java.lang.String userName,
                               java.lang.String roleName)
                        throws java.rmi.RemoteException

This method removes the assignment of the role to the user.

Parameters:: userName - the user's name; roleName - the role name
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getRoles

public java.security.Principal[] getRoles(javax.security.auth.Subject subject)
                                   throws java.rmi.RemoteException

This method returns the list of OpenwingsRoles (Principals) assigned to a subject.

Parameters:: subject - Subject representing the user.
Returns:: array of roles (principals) assigned to the subject.
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getRoles

public java.security.Principal[] getRoles(java.lang.String userName)
                                   throws java.rmi.RemoteException

This method returns the list of OpenwingsRoles (Principals) assigned to a user name.

Parameters:: userName - the user's name
Returns:: array of roles (principals) assigned to the user.
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getSystemRoles

public java.lang.String[] getSystemRoles()
                                  throws java.rmi.RemoteException

This method returns the list of roles currently present in the system.

Returns:: array of role names
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getUsers

public java.lang.String[] getUsers()
                            throws java.rmi.RemoteException

This method returns the list of users currently present in the system.

Returns:: array of user names
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

addRole

public void addRole(java.lang.String roleName)
             throws java.rmi.RemoteException

This method adds the specified role to the system.

Parameters:: roleName - the role name
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

deleteRole

public void deleteRole(java.lang.String roleName)
                throws java.rmi.RemoteException

This method deletes the specified role from the system.

Parameters:: roleName - the role name
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

setContext

public void setContext(UniqueID myContextID)
                throws java.rmi.RemoteException

This method is used to tell the platform what context it is a member of.

Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getContext

public UniqueID getContext()
                    throws java.rmi.RemoteException

This method is used to tell what context a platform is a member of.

Returns:: unique identifier for the context
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

hasCertificate

public boolean hasCertificate(java.lang.String alias)
                       throws java.rmi.RemoteException

This method is used to determine if a user/role has a certificate in the keystore.

Parameters:: alias - the name of a user or role on this platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getCertificate

public java.security.cert.Certificate getCertificate(java.lang.String alias)
                                              throws java.rmi.RemoteException

This method is used to obtain the certificate associated with a particular user/role.

Parameters:: alias - the name of a user or role on this platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getCertificateChain

public java.security.cert.Certificate[] getCertificateChain(java.lang.String alias)
                                                     throws java.rmi.RemoteException

This method is used to obtain the certificate chain associated with a particular user/role.

Parameters:: alias - the name of a user or role on this platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

hasTrustedCertificate

public boolean hasTrustedCertificate(java.lang.String alias)
                              throws java.rmi.RemoteException

This method is used to determine if a user/role has a trusted certificate in the keystore.

Parameters:: alias - the name of a user or role on this platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

addRelationship

public void addRelationship(java.lang.String platformName,
                            java.security.cert.Certificate[] certificateChain)
                     throws java.rmi.RemoteException

This method is used to establish a trust relationship between two platforms. The method should be called on each platform.

Parameters:: platformName - name of the platform to trust; certificateChain - certificate chain associated with this platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

deleteRelationship

public void deleteRelationship(java.lang.String platformName)
                        throws java.rmi.RemoteException

This method is used to remove a trust relationship between two platforms. The method should be called on each platform.

Parameters:: platformName - name of the previously trusted platform
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

isTrustedSigner

public boolean isTrustedSigner(java.security.cert.Certificate[] certificates)
                        throws java.rmi.RemoteException

This method is used to determine whether the signer of an application is a signer trusted by the system.

Parameters:: certificates - signer certificate chain
Returns:: boolean
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

isSigner

public boolean isSigner(java.security.cert.Certificate[] certificates)
                 throws java.rmi.RemoteException

This method is used to determine whether the signer of an application is a signer known but not necessarily trusted by the system.

Parameters:: certificates - signer certificate chain
Returns:: boolean
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

addSignerCertificate

public void addSignerCertificate(java.security.cert.Certificate[] certificates)
                          throws java.rmi.RemoteException,
                                 java.security.GeneralSecurityException

This method is used to import signer certificates into the system.

Parameters:: certificates - signer certificate chain
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.; java.security.GeneralSecurityException - if there is an error adding the certificate.

removeSignerCertificate

public void removeSignerCertificate(java.security.cert.Certificate[] certificates)
                             throws java.rmi.RemoteException,
                                    java.security.GeneralSecurityException

This method is used to remove signer certificates from the system.

Parameters:: certificates - signer certificate chain
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.; java.security.GeneralSecurityException

validateLogin

public boolean validateLogin(java.lang.String userName,
                             java.lang.String password)
                      throws java.rmi.RemoteException

This method is used to validate the user login.

Parameters:: userName - username string; password - password string
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.

getSignedObject

public java.security.SignedObject getSignedObject(java.io.Serializable obj)
                                           throws java.rmi.RemoteException,
                                                  java.security.GeneralSecurityException

This method is used to sign an object with the Openwings private key

Throws:: java.rmi.RemoteException - if there is an error communicating with the service.; java.security.GeneralSecurityException - if there is an error signing the object

getUnsignedObject

public java.lang.Object getUnsignedObject(java.security.SignedObject sObj)
                                   throws java.rmi.RemoteException,
                                          java.security.GeneralSecurityException

This method is used to retrieve the contents of an object signed by the Openwings private key

Throws:: java.rmi.RemoteException - if there is an error communicating with the service.; java.security.GeneralSecurityException - if there is an error retrieving the object

getVerificationKey

public java.security.PublicKey getVerificationKey()
                                           throws java.rmi.RemoteException,
                                                  java.lang.SecurityException

This method returns the SecurityService public key corresponding to the private key used to sign objects. This may be used to verify signed objects returned from the service.

Returns:: the SecurityService public key
Throws:: java.rmi.RemoteException - if there is an error communicating with the service.; java.lang.SecurityException - if key access is disallowed

Overview

Package

Class

Tree

Deprecated

Index

Help

Openwings API Documentation (v1.1)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

net.openwings.security Interface SecurityService

getHost

addUser

modifyUser

modifyUserPassword

modifyUserRoles

deleteUser

addUserToRole

deleteUserFromRole

getRoles

getRoles

getSystemRoles

getUsers

addRole

deleteRole

setContext

getContext

hasCertificate

getCertificate

getCertificateChain

hasTrustedCertificate

addRelationship

deleteRelationship

isTrustedSigner

isSigner

addSignerCertificate

removeSignerCertificate

validateLogin

getSignedObject

getUnsignedObject

getVerificationKey

net.openwings.security
Interface SecurityService