public class CheckJsseProps extends AbstractPlugin
javax.security.auth.login.Configuration.getConfiguration()
can
be called successfully. The -security
must be included on the
command line for these checks to be done. The checks performed include:
DynamicPolicyProvider
javax.net.ssl.trustStore
is defined
and its value is the name of a readable non-directory file
org.apache.river.discovery.x500.trustStore
is
defined, and if so that its value is the name of a readable non-directory
file
javax.net.ssl.keyStore
is defined, and if
so that its value is the name of a readable non-directory file
java.security.auth.login.config
system property and the
login.config.url.[n]
entries in the security properties, or
the users .java.login.config
file if no other source is
defined). Verify that at least one such entry exists. Verify that all
defined configuration files exists, are readable, and are not
directories. Verify that
javax.security.auth.login.Configuration.getConfiguration()
can be called successfully.
Modifier and Type | Class and Description |
---|---|
static class |
CheckJsseProps.CheckLoginConfigInit
Checks the existence and accessibility of the login configuration.
|
static class |
CheckJsseProps.CheckProviderTask
Checks the policy provider of the group.
|
static class |
CheckJsseProps.GetGroupLoginConfigs
Gets login configuration urls of the group.
|
Modifier and Type | Field and Description |
---|---|
private static boolean |
doChecks
flag indicating whether to run this plugin
|
(package private) EnvCheck |
envCheck
reference to the plugin container
|
(package private) String |
fileAccessTask |
Constructor and Description |
---|
CheckJsseProps() |
Modifier and Type | Method and Description |
---|---|
private String[] |
args(String s1,
String s2)
Return a string array representing the given arguments.
|
private void |
checkDiscoveryStore(SharedActivationGroupDescriptor gd)
Check the validity of the discovery trust store definition for the
command line or group.
|
private boolean |
checkExistance(SharedActivationGroupDescriptor gd,
String propName,
String desc,
String source)
Check the existence of a property definition in the group or
command line.
|
private void |
checkKeyStore(SharedActivationGroupDescriptor gd)
Check the validity of the key store definition for the command line
or group.
|
private void |
checkLoginConfigs(SharedActivationGroupDescriptor gd)
Check the validity of the login configuration for the command line
or group.
|
private void |
checkProvider(SharedActivationGroupDescriptor gd)
Check that the security provider is an instance of
DynamicPolicyProvider . |
private void |
checkTrustStore(SharedActivationGroupDescriptor gd)
Check the validity of the trust store definition for the command line
or group.
|
private static ArrayList |
getLoginConfigs()
Get the names of the login configuration files which will be accessed
when the login configuration is constructed.
|
private String |
getSource(SharedActivationGroupDescriptor gd)
Get the source string identifying the activation group (if
gd is not null ) or the command line
(if gd is null ). |
boolean |
isPluginOption(String opt)
Determine whether
arg is a plugin-specific command-line
option for this plugin and save any necessary state. |
void |
run(EnvCheck envCheck)
Check the security files for the current VM and for the group
VM if there is a
SharedActivationGroupDescriptor . |
getBundle, getString, getString, getString, getString, handleUnexpectedSubtaskReturn, taskName
EnvCheck envCheck
private static boolean doChecks
String fileAccessTask
public boolean isPluginOption(String opt)
Plugin
arg
is a plugin-specific command-line
option for this plugin and save any necessary state. State should
be saved in static fields since plugin instances may not be cached.isPluginOption
in interface Plugin
isPluginOption
in class AbstractPlugin
opt
- the command-line option to examinepublic void run(EnvCheck envCheck)
SharedActivationGroupDescriptor
.envCheck
- a reference to the plugin containerprivate String getSource(SharedActivationGroupDescriptor gd)
gd
is not null
) or the command line
(if gd
is null
).gd
- the group descriptorprivate String[] args(String s1, String s2)
s1
- first array objects2
- second array objectprivate void checkTrustStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkDiscoveryStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkKeyStore(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate void checkLoginConfigs(SharedActivationGroupDescriptor gd)
gd
- the group descriptor, or null
to test the
command lineprivate static ArrayList getLoginConfigs()
java.security.auth.login.config
is defined with a '==', then
it's value is the sole configuration file. Otherwise, search the
security properties for property names of the form
login.config.url.[n]
, starting with n
of one
until there is a break in the sequence. Merge the resulting list with the
value of java.security.auth.login.config
if it was defined
(with a single '='). If the resulting list is not empty, return it;
otherwise, check for the existence of a file named
.java.login.config
in the users home directory. If found,
place this value in the list.private boolean checkExistance(SharedActivationGroupDescriptor gd, String propName, String desc, String source)
gd
- the group descriptor, or null
to check
the command linepropName
- the property name to check fordesc
- phrase describing the propertysource
- the source descriptive texttrue
if the property is definedprivate void checkProvider(SharedActivationGroupDescriptor gd)
DynamicPolicyProvider
. Done for the tool VM and for the
group VM if a SharedActivationGroupDescriptor
exists.Copyright 2007-2013, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.