/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership. The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/* Configuration source file for SSL Phoenix */

import com.sun.jini.config.KeyStores;
import com.sun.jini.phoenix.*;
import net.jini.constraint.*;
import net.jini.core.constraint.*;
import net.jini.jeri.*;
import net.jini.jeri.ssl.SslServerEndpoint;
import net.jini.security.*;
import javax.security.auth.login.LoginContext;

com.sun.jini.phoenix {

    registryExporter = new RegistrySunExporter();
    private sslPort = 2000; // pick one, cannot be 1098
    private daemonEndpoint = SslServerEndpoint.getInstance(sslPort);
    private integrity = new BasicMethodConstraints(
        new InvocationConstraints(Integrity.YES, null));
    systemExporter =
        new BasicJeriExporter(daemonEndpoint,
                              new SystemAccessProxyTrustILFactory(integrity),
                              false, true,
                              PhoenixConstants.ACTIVATION_SYSTEM_UUID);
    activatorExporter =
        new BasicJeriExporter(daemonEndpoint,
                              new ProxyTrustILFactory(integrity, null),
                              false, true,
                              PhoenixConstants.ACTIVATOR_UUID);
    monitorExporter =
        new BasicJeriExporter(daemonEndpoint,
                              new ProxyTrustILFactory(
                                        integrity,
                                        MonitorPermission.class));
    private groupEndpoint = SslServerEndpoint.getInstance(0);

    private static keystore = 
	KeyStores.getKeyStore("file:prebuiltkeys/truststore", null);

    private mutualAuth =
        new BasicMethodConstraints(new InvocationConstraints(
            new InvocationConstraint[]{
                Integrity.YES,
                ClientAuthentication.YES,
                ServerAuthentication.YES,
                new ServerMinPrincipal(
                    KeyStores.getX500Principal("phoenix", keystore))},
            null));
    instantiatorPreparer = new BasicProxyPreparer(true, mutualAuth, null);
    monitorPreparer = instantiatorPreparer;
    systemPreparer = instantiatorPreparer;
    loginContext = new LoginContext("com.sun.jini.Phoenix");
    persistenceDirectory = "lib${/}phoenix-log";
    groupConfig = new String[] { "config${/}ssl-phoenix-group.config" };

}//end com.sun.jini.phoenix