New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[MNG-5583] per endpoint support for PKI authentication #67
Closed
Closed
Changes from all commits
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
6861204
MGN-5593 adds key manager from tomcat and new repo specific configura…
spyhunter99 77e8c6e
MNG-5583 commit for supporting PKI authentication to nexus repositories.
spyhunter99 0c21172
MNG-5583 resolves check styles issues and a NPE
spyhunter99 842d279
MNG-5583 addressing most of the PR issues
spyhunter99 96d88de
MNG-5583 adds a unit test suite for PKI authentication scenarios and …
spyhunter99 eb2fedd
MNG-5583 more pr issues
spyhunter99 a10301c
MNG-5583 removing unused import
spyhunter99 File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -52,6 +52,195 @@ public class AuthenticationInfo | |
*/ | ||
private String privateKey; | ||
|
||
/** | ||
* The path to the trust store. If not defined, the JRE's cacert store is | ||
* used. | ||
*/ | ||
private String trustStore; | ||
|
||
/** | ||
* The password to the trust store. | ||
*/ | ||
private String trustStorePassword; | ||
|
||
/** | ||
* The type of trust store, default is JKS | ||
*/ | ||
private String trustStoreType; | ||
|
||
/** | ||
* The path to the keystore used for authentication purposes, or null | ||
*/ | ||
private String keyStore; | ||
|
||
/** | ||
* Keystore password, can be null | ||
*/ | ||
private String keyStorePassword; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This field contains a password. We must convert it to |
||
|
||
/** | ||
* Keystore if the key store has multiple key pairs, this can be used to | ||
* explicitly select a specific certificate via it's alias. If null, the | ||
* most appropriate certificate is automatically selected by the SSL Factory | ||
*/ | ||
private String keyAlias; | ||
|
||
/** | ||
* The password to unlock the key, can be null | ||
*/ | ||
private String keyPassword; | ||
spyhunter99 marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
||
/** | ||
* The key store type, defaults to JKS | ||
*/ | ||
private String keyStoreType; | ||
|
||
/** | ||
* The path to the trust store. If not defined, the JRE's cacert store is | ||
* used. | ||
* @return path, name or null | ||
*/ | ||
public String getTrustStore() | ||
{ | ||
return trustStore; | ||
} | ||
|
||
/** | ||
* The path to the trust store. If not defined, the JRE's cacert store is | ||
* used. | ||
* @param trustStore path name or null | ||
*/ | ||
public void setTrustStore( String trustStore ) | ||
{ | ||
this.trustStore = trustStore; | ||
} | ||
|
||
/** | ||
* The password to the trust store. | ||
* @return password or null | ||
*/ | ||
public String getTrustStorePassword() | ||
{ | ||
return trustStorePassword; | ||
} | ||
|
||
/** | ||
* The password to the trust store. | ||
* @param trustStorePassword password or null | ||
*/ | ||
public void setTrustStorePassword( String trustStorePassword ) | ||
{ | ||
this.trustStorePassword = trustStorePassword; | ||
} | ||
|
||
/** | ||
* The type of trust store, default is JKS | ||
* @return type | ||
*/ | ||
public String getTrustStoreType() | ||
{ | ||
return trustStoreType; | ||
} | ||
|
||
/** | ||
* The type of trust store, default is JKS | ||
* @param trustStoreType key store type | ||
*/ | ||
public void setTrustStoreType( String trustStoreType ) | ||
{ | ||
this.trustStoreType = trustStoreType; | ||
} | ||
|
||
/** | ||
* The path to the keystore used for authentication purposes, or null | ||
* @return path, named keystore or null | ||
*/ | ||
public String getKeyStore() | ||
{ | ||
return keyStore; | ||
} | ||
|
||
/** | ||
* The path to the keystore used for authentication purposes, or null | ||
* @param keyStore keystore path, name or null | ||
*/ | ||
public void setKeyStore( String keyStore ) | ||
{ | ||
this.keyStore = keyStore; | ||
} | ||
|
||
/** | ||
* Keystore password, can be null | ||
* @return password or null | ||
*/ | ||
public String getKeyStorePassword() | ||
{ | ||
return keyStorePassword; | ||
} | ||
|
||
/** | ||
* Keystore password, can be null | ||
* @param keyStorePassword password or null | ||
*/ | ||
public void setKeyStorePassword( String keyStorePassword ) | ||
{ | ||
this.keyStorePassword = keyStorePassword; | ||
} | ||
|
||
/** | ||
* Keystore if the key store has multiple key pairs, this can be used to | ||
* explicitly select a specific certificate via it's alias. If null, the | ||
* most appropriate certificate is automatically selected by the SSL Factory | ||
* @return the alias or null | ||
*/ | ||
public String getKeyAlias() | ||
{ | ||
return keyAlias; | ||
} | ||
|
||
/** | ||
* Keystore if the key store has multiple key pairs, this can be used to | ||
* explicitly select a specific certificate via it's alias. If null, the | ||
* most appropriate certificate is automatically selected by the SSL Factory | ||
* @param keyAlias alias | ||
*/ | ||
public void setKeyAlias( String keyAlias ) | ||
{ | ||
this.keyAlias = keyAlias; | ||
} | ||
|
||
/** | ||
* The password to unlock the key, can be null | ||
*/ | ||
public String getKeyPassword() | ||
{ | ||
return keyPassword; | ||
} | ||
|
||
/** | ||
* The password to unlock the key, can be null | ||
*/ | ||
public void setKeyPassword( String keyPassword ) | ||
{ | ||
this.keyPassword = keyPassword; | ||
} | ||
|
||
/** | ||
* The key store type, defaults to JKS | ||
*/ | ||
public String getKeyStoreType() | ||
{ | ||
return keyStoreType; | ||
} | ||
|
||
/** | ||
* The key store type, defaults to JKS | ||
*/ | ||
public void setKeyStoreType( String keyStoreType ) | ||
{ | ||
this.keyStoreType = keyStoreType; | ||
} | ||
|
||
/** | ||
* Get the passphrase of the private key file. The passphrase is used only | ||
* when host/protocol supports authentication via exchange of | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This field contains a password. We must convert it to
char[]
later on, so can't we store it as achar[]
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The upstream model does not allow that. Given that other password fields are strings too, this is acceptable, but not ideal.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i agree with @michael-o otherwise i would have used char[]