com.unboundid.ldap.sdk.unboundidds

Class TopologyRegistryTrustManagerProperties

java.lang.Object

com.unboundid.ldap.sdk.unboundidds.TopologyRegistryTrustManagerProperties

All Implemented Interfaces:

java.io.Serializable

@Mutable
 @ThreadSafety(level=NOT_THREADSAFE)
public final class TopologyRegistryTrustManagerProperties
extends java.lang.Object
implements java.io.Serializable

This class defines a number of configuration properties that may be used by the TopologyRegistryTrustManager.

NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
TopologyRegistryTrustManagerProperties(java.io.File configurationFile) Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.
TopologyRegistryTrustManagerProperties(java.lang.String configurationFilePath) Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.

Method Summary

Modifier and Type	Method and Description
long	getCacheDurationMillis() Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.
java.io.File	getConfigurationFile() Retrieves the server configuration file from which the topology registry certificates will be read.
boolean	ignoreIssuerCertificateValidityWindow() Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.
boolean	ignorePeerCertificateValidityWindow() Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
boolean	requirePeerCertificateInTopologyRegistry() Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
void	setCacheDuration(long cacheDurationValue, java.util.concurrent.TimeUnit cacheDurationTimeUnit) Specifies the maximum length of time that cached topology registry information should be considered valid.
void	setConfigurationFile(java.io.File configurationFile) Specifies the server configuration file from which the topology registry certificates will be read.
void	setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow) Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.
void	setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow) Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
void	setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry) Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
java.lang.String	toString() Retrieves a string representation of the topology registry trust manager properties.
void	toString(java.lang.StringBuilder buffer) Appends a string representation of the topology registry trust manager properties to the given buffer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

TopologyRegistryTrustManagerProperties

public TopologyRegistryTrustManagerProperties(@NotNull
                                              java.lang.String configurationFilePath)

Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:

• cacheDurationMillis -- 300,000 (five minutes)
• requirePeerCertificateInTopologyRegistry -- false
• ignorePeerCertificateValidityWindow -- false
• ignoreIssuerCertificateValidityWindow -- false

Parameters:

configurationFilePath - The path to the server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

TopologyRegistryTrustManagerProperties

public TopologyRegistryTrustManagerProperties(@NotNull
                                              java.io.File configurationFile)

Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:

• cacheDurationMillis -- 300,000 (five minutes)
• requirePeerCertificateInTopologyRegistry -- false
• ignorePeerCertificateValidityWindow -- false
• ignoreIssuerCertificateValidityWindow -- false

Parameters:

configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

Method Detail

getConfigurationFile

@NotNull
public java.io.File getConfigurationFile()

Retrieves the server configuration file from which the topology registry certificates will be read.

Returns:

The server configuration file from which the topology registry certificates will be read.

setConfigurationFile

public void setConfigurationFile(@NotNull
                                 java.io.File configurationFile)

Specifies the server configuration file from which the topology registry certificates will be read.

Parameters:

configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

getCacheDurationMillis

public long getCacheDurationMillis()

Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.

Returns:

The maximum length of time in milliseconds that cached topology registry information should be considered valid, or zero if topology registry information should not be cached.

setCacheDuration

public void setCacheDuration(long cacheDurationValue,
                             @NotNull
                             java.util.concurrent.TimeUnit cacheDurationTimeUnit)

Specifies the maximum length of time that cached topology registry information should be considered valid.

Parameters:

cacheDurationValue - The cache duration value to use with the given time unit. If this is less than or equal to zero, then topology registry information will not be cached.

cacheDurationTimeUnit - The time unit to use with the given value. It must not be null.

requirePeerCertificateInTopologyRegistry

public boolean requirePeerCertificateInTopologyRegistry()

Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.

Returns:

true if a certificate chain may only be trusted if the topology registry includes the peer certificate itself, or false if a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.

setRequirePeerCertificateInTopologyRegistry

public void setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry)

Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.

Parameters:

requirePeerCertificateInTopologyRegistry - Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted. If this is true, then a certificate chain may be trusted only if the topology registry contains the peer certificate itself. If this is false, then a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.

ignorePeerCertificateValidityWindow

public boolean ignorePeerCertificateValidityWindow()

Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.

Returns:

true if a certificate chain may be considered trusted even if the current time is outside the peer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.

setIgnorePeerCertificateValidityWindow

public void setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow)

Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.

Parameters:

ignorePeerCertificateValidityWindow - Specifies whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside the peer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.

ignoreIssuerCertificateValidityWindow

public boolean ignoreIssuerCertificateValidityWindow()

Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.

Returns:

true if a certificate chain may be considered trusted even if the current time is outside the any issuer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificates.

setIgnoreIssuerCertificateValidityWindow

public void setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow)

Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.

Parameters:

ignoreIssuerCertificateValidityWindow - Specifies whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside any issuer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificate.

toString

@NotNull
public java.lang.String toString()

Retrieves a string representation of the topology registry trust manager properties.

Overrides:

toString in class java.lang.Object

Returns:

A string representation of the topology registry trust manager properties.

toString

public void toString(@NotNull
                     java.lang.StringBuilder buffer)

Appends a string representation of the topology registry trust manager properties to the given buffer.

Parameters:

buffer - The buffer to which the string representation should be appended.