Class GlobusSSLHelper


  • public final class GlobusSSLHelper
    extends java.lang.Object
    This is a utility class designed to simplify common tasks required for configuring the globus ssl support.
    Since:
    1.0
    Version:
    1.0
    • Constructor Summary

      Constructors 
      Modifier Constructor Description
      private GlobusSSLHelper()  
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.security.KeyStore buildTrustStore​(java.lang.String provider, java.lang.String trustAnchorStoreType, java.lang.String trustAnchorStoreLocation, java.lang.String trustAnchorStorePassword)
      Create a trust store using the supplied details.
      static java.security.KeyStore findCredentialStore​(java.lang.String provider, java.lang.String credentialStoreType, java.lang.String credentialStoreLocation, java.lang.String credentialStorePassword)
      Create a configured CredentialStore using the supplied parameters.
      static java.security.cert.CertStore findCRLStore​(java.lang.String crlPattern)
      Create a store of Certificate Revocation Lists.
      private static java.io.InputStream getStream​(java.lang.String url)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • GlobusSSLHelper

        private GlobusSSLHelper()
    • Method Detail

      • buildTrustStore

        public static java.security.KeyStore buildTrustStore​(java.lang.String provider,
                                                             java.lang.String trustAnchorStoreType,
                                                             java.lang.String trustAnchorStoreLocation,
                                                             java.lang.String trustAnchorStorePassword)
                                                      throws GlobusSSLConfigurationException
        Create a trust store using the supplied details. Java SSL requires the trust store to be supplied as a java.security.KeyStore, so this will create a KeyStore containing all of the Trust Anchors.
        Parameters:
        provider - The Java security provider to use.
        trustAnchorStoreType - The type of key store to be constructed.
        trustAnchorStoreLocation - The location of the trust store file
        trustAnchorStorePassword - The password for the trust store.
        Returns:
        A configured Keystore which holds TrustAnchors. Note that this holds trusted certificates, not keys/credentials
        Throws:
        GlobusSSLConfigurationException - If unable to construct the TrustStore.
      • findCredentialStore

        public static java.security.KeyStore findCredentialStore​(java.lang.String provider,
                                                                 java.lang.String credentialStoreType,
                                                                 java.lang.String credentialStoreLocation,
                                                                 java.lang.String credentialStorePassword)
                                                          throws GlobusSSLConfigurationException
        Create a configured CredentialStore using the supplied parameters. The credential store is a java.security.KeyStore.
        Parameters:
        provider - The Java security provider to use.
        credentialStoreType - The type of key store to be constructed.
        credentialStoreLocation - The location of the credential store file
        credentialStorePassword - The password for the credential store.
        Returns:
        A configured Keystore which holds credentials defined by these parameters.
        Throws:
        GlobusSSLConfigurationException - If unable to construct the Credential Store.
      • getStream

        private static java.io.InputStream getStream​(java.lang.String url)
                                              throws java.net.MalformedURLException,
                                                     java.io.IOException
        Throws:
        java.net.MalformedURLException
        java.io.IOException
      • findCRLStore

        public static java.security.cert.CertStore findCRLStore​(java.lang.String crlPattern)
                                                         throws GlobusSSLConfigurationException
        Create a store of Certificate Revocation Lists. Java requires that this be a java.security.certificates.CertStore. As such, the store can hold both CRL's and non-trusted certs. For the purposes of this method, we assume that only crl's will be loaded. This can only be used with the Globus provided Certificate Store.
        Parameters:
        crlPattern - The pattern which defines the locations of the CRL's
        Returns:
        A configured Java CertStore containing the specified CRL's
        Throws:
        GlobusSSLConfigurationException - if the store cannot be loaded.