See: Description
Class | Description |
---|---|
BootstrapConfig |
Collection of convenient methods to read, encrypt, decrypt and parse
bootstrap configuration XML files.
|
Configuration |
Master configuration object which loads subsystem configurations.
|
Parameter |
A simple parameter object with
name and value
properties and a bean-like interface to access them. |
Exception | Description |
---|---|
ConfigurationException |
This exception should be thrown to indicate an error during application
configuration.
|
Author |
Nick Saxon, Greg Shah |
Date |
May 15, 2014 |
Access Control |
CONFIDENTIAL |
<node
type="type">
element, where type is
either server
or client
. The type of the
node should match the type of the object being constructed based on
this XML file. Categories and groups are nested XML elements. Keys are
attributes that may be queried. They always return strings, so the
interpretation of the values is beyond the responsibilities of this
package.client
.
The logical structure of the union is simply a set of categories from
both files.
<?xml version="1.0"?> |
||
<node
type="client"> |
client bootstrap
configuration file |
|
<net> |
"net"
category
begins |
|
<server
host="hostname"/> |
"server" group, "host" key |
these
two items define the server's TCP/IP host name or IP address and
port
number |
<server
port="port"/> |
"server" group, "port" key | |
<dispatcher
threads="threads"/> |
"dispatcher" group, "threads"
key |
number of dispatcher's threads |
</net> |
"net" package category ends | |
<security> |
"security" category begins | |
<truststore
filename="file"/> |
"truststore"
group,
"filename" key |
where
X.509 certificates of the known servers and the Certification
Authorities are stored and the server's alias |
<truststore
alias="alias"/> |
"truststore" group, "alias"
key |
|
<keystore
filename="keystore"/> |
"keystore" group, "filename" key | where
this
client or application's X.509 certificates and private keys
are stored |
<keystore
processalias="alias"/> |
"keystore" group, "processalias" key, optional | if present, specifies the
process authentication mode and the process alias pointing to a
X.509
certificate to use |
<keystore
useralias="alias"/> |
"keystore" group, "useralias" key, optional | may
be
coded here to provide input for AuthUIHelper |
</security> |
"security" category ends |
|
</node> |
end of client bootstrap configuration file |
<?xml version="1.0"?> |
||
<node
type="server"> |
server bootstrap
configuration file |
|
<net> |
"net"
category begins |
|
<server port="port"/> |
"server" group, "port" key | TCP/IP port this server listens
on |
<server nodeaddress="address/> |
"server" group, "nodeaddress" key | P2J
node
address of this server |
<dispatcher
threads="threads"/> |
"dispatcher" group, "threads" key |
number of dispatcher threads |
<router
threads="threads"/> |
"router" group, "threads" key | number
of
router threads |
</net> |
"net" package category ends | |
<security> |
"security" category begins | |
<server
id="ident"/> |
"server" group, "id" key | server id matching an object
under /security/accounts/processes |
<keystore
filename="keystore"/> |
"keystore" group, "filename" key | this
server's X.509 certificates, private keys and alias |
<keystore
alias="alias"/> |
"keystore" group, "alias" key |
|
</security> |
"security"
category ends |
|
<directory>
|
"directory" category begins | |
<backend
class="class"/> |
"backend" group, "class" key | class
name
of a back end implementation |
<backend
type="type"/> |
"backend" group, "type" key | back end type as a string "xml"
or "ldap"; conditional groups should match the type |
<xml
filename="file"/>
|
conditional "xml" group, "filename" key | names
the
directory XML file |
<ldap
url="url"/> |
conditional "ldap" group, "url" key | Defines
full LDAP server URL and initial context, like this
"ldap://localhost:389/dc=goldencode,dc=com". For the ordinary
connection URL should have protocol "ldap". For TLS connection
protocol
should be set to "ldaps". |
<ldap
mode="file"/> |
conditional "ldap" group, "mode" key | These
two variables define the source of the mapping data for use by LDAP
back-end. Depending on the value of mode variable, mapping
may contain different
values. If mapping mode is set to "file" then mapping specifies a file name where P2J to LDAP mapping is stored. If mapping mode is set to "subtree", mapping should contain two parts separated with '/'. First part defines LDAP distinguished name of the node where mapping is stored. Second part defines name of the attribute which holds mapping data. |
<ldap
mapping="file"/>
<ldap mapping="location/attribute"/> |
conditional "ldap" group, "filename" key | |
<ldap
principal="name"/> |
conditional "ldap" group, "principal" key | Distinctive Name (DN) to be
used for LDAP authentication |
<ldap
credentials="text"/> |
conditional "ldap" group, "credentials" key | Credentials
(like
password) used in LDAP authentication. |
<ldap
auth="auth"/> |
conditional "ldap" group, "auth" key | Authorization mode for LDAP bind
operation. Recognized values are "simple" and "EXTERNAL". |
<ldap
keystore="file"/>
|
conditional "ldap" group, "keystore" key | Keystore
filename
that contain certificate to
be used for LDAP connection. |
<ldap
alias="alias"/> |
conditional "ldap" group, "alias" key | Alias of the certificate which
will be selected from ones present in keystore. |
<ldap
truststore="file"/> |
conditional "ldap" group, "truststore" key | Truststore
that
contain private keys to be used for LDAP connection. |
<ldap
keypasswd="password"/> |
conditional "ldap" group, "keypasswds" key | Password which will be used to
decrypt keystore. |
<ldap
aliaspasswd="password"/> |
conditional "ldap" group, "aliaspasswd" key | Password which
will be used to decrypt certificate. |
<ldap trustpasswd="password"/> |
conditional "ldap" group, "trustpasswd" key | Password which will be used to decrypt truststore. |
</directory> |
"directory"
category ends |
|
</node> |
end of server bootstrap configuration file |
public String[] listCategories()
- returns an array
of all categories found in the configurationpublic String[] listGroups(String category)
-
returns an array of all groups found in the categorypublic String[] listKeys(String category, String group)
- returns an array of all keys found in the grouppublic String getConfigItem(String category, String group,
String key)
- gets the value for a key, resolving referencespublic boolean isClient()
- returns true
if this is a client configuration , otherwise false
public boolean isServer()
- returns true
if this is a server configuration , otherwise false
getConfigItem
method uses case-insensitive search for all levels, so the returned
names can be directly used for retrieving key values.