Package org.wildfly.security.credential.store

Class CredentialStore

java.lang.Object
org.wildfly.security.credential.store.CredentialStore
public final class CredentialStore extends Object
This class represents credential store functionality. Type of the credential store is determined by instance type and is loaded from Provider.
Author:
Peter Skopek.

  • Field Details

    • CREDENTIAL_STORE_TYPE

      public static final String CREDENTIAL_STORE_TYPE
      JCA service type for a credential store.
      See Also:

  • Method Details

    • getInstance

      public static CredentialStore getInstance(String algorithm) throws NoSuchAlgorithmException
      Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      Returns:
      a CredentialStore instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • getInstance

      public static CredentialStore getInstance(String algorithm, Supplier<Provider[]> providers) throws NoSuchAlgorithmException
      Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      providers - supplier of provider instances to search.
      Returns:
      a CredentialStore instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • getInstance

      public static CredentialStore getInstance(String algorithm, String providerName) throws NoSuchAlgorithmException, NoSuchProviderException
      Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      providerName - the name of the provider to use
      Returns:
      a CredentialStore instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations
      NoSuchProviderException - if given provider name cannot match any registered Provider

    • getInstance

      public static CredentialStore getInstance(String algorithm, String providerName, Supplier<Provider[]> providers) throws NoSuchAlgorithmException, NoSuchProviderException
      Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      providerName - the name of the provider to use
      providers - supplier of provider instances to search
      Returns:
      a CredentialStore instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations
      NoSuchProviderException - if given provider name cannot match any registered Provider

    • getInstance

      public static CredentialStore getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException
      Get a CredentialStore instance. The returned CredentialStore object will implement the given algorithm.
      Parameters:
      algorithm - the name of the algorithm
      provider - the provider to use
      Returns:
      a CredentialStore instance
      Throws:
      NoSuchAlgorithmException - if the given algorithm has no available implementations

    • initialize

      public void initialize(Map<String,String> attributes, CredentialStore.ProtectionParameter protectionParameter, Provider[] providers) throws CredentialStoreException
      Initialize Credential Store service with given attributes. This procedure should set CredentialStoreSpi.initialized after successful initialization.
      Parameters:
      attributes - attributes to used to pass information to Credential Store service
      protectionParameter - the protection parameter to use when accessing the store
      providers - providers to be injected into SPI implementation to get custom object instances of various type from
      Throws:
      CredentialStoreException - if initialization fails due to any reason

    • initialize

      public void initialize(Map<String,String> attributes, CredentialStore.ProtectionParameter protectionParameter) throws CredentialStoreException
      Initialize Credential Store service with given attributes. This procedure should set CredentialStoreSpi.initialized after successful initialization.
      Parameters:
      attributes - attributes to used to pass information to Credential Store service
      protectionParameter - the protection parameter to use when accessing the store
      Throws:
      CredentialStoreException - if initialization fails due to any reason

    • initialize

      public void initialize(Map<String,String> attributes) throws CredentialStoreException
      Initialize Credential Store service with given attributes. This procedure should set CredentialStoreSpi.initialized after successful initialization.
      Parameters:
      attributes - attributes to used to pass information to Credential Store service
      Throws:
      CredentialStoreException - if initialization fails due to any reason

    • isInitialized

      public boolean isInitialized()
      Checks whether underlying credential store is initialized.
      Returns:
      true in case of initialization passed successfully, false otherwise.

    • isModifiable

      public boolean isModifiable()
      Check if credential store supports modification of actual store
      Returns:
      true in case of modification of store is supported

    • exists

      public <C extends Credential> boolean exists(String credentialAlias, Class<C> credentialType) throws CredentialStoreException, UnsupportedCredentialTypeException
      Check whether credential store has an entry associated with the given credential alias of specified credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - alias to check existence
      credentialType - to check existence in the credential store
      Returns:
      true in case key exist in store
      Throws:
      CredentialStoreException - when there is a problem with credential store
      UnsupportedCredentialTypeException - when the credentialType is not supported

    • store

      public <C extends Credential> void store(String credentialAlias, C credential) throws CredentialStoreException, UnsupportedCredentialTypeException
      Store credential to the store under the given alias. If given alias already contains specific credential type type the credential replaces older one. Note: CredentialStoreSpi supports storing of multiple entries (credential types) per alias. Each must be of different credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to store the credential to the store
      credential - instance of Credential to store
      Throws:
      CredentialStoreException - when the credential cannot be stored
      UnsupportedCredentialTypeException - when the credentialType is not supported

    • store

      public <C extends Credential> void store(String credentialAlias, C credential, CredentialStore.ProtectionParameter protectionParameter) throws CredentialStoreException, UnsupportedCredentialTypeException
      Store credential to the store under the given alias. If given alias already contains specific credential type type the credential replaces older one. Note: CredentialStoreSpi supports storing of multiple entries (credential types) per alias. Each must be of different credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to store the credential to the store
      credential - instance of Credential to store
      protectionParameter - the protection parameter to use, or null for none
      Throws:
      CredentialStoreException - when the credential cannot be stored
      UnsupportedCredentialTypeException - when the credentialType is not supported

    • retrieve

      public <C extends Credential> C retrieve(String credentialAlias, Class<C> credentialType) throws CredentialStoreException, UnsupportedCredentialTypeException
      Retrieve credential stored in the store under the key and of the credential type
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to find the credential in the store
      credentialType - - credential type to retrieve from under the credentialAlias from the store
      Returns:
      instance of Credential stored in the store
      Throws:
      CredentialStoreException - - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved
      UnsupportedCredentialTypeException - when the credentialType is not supported

    • retrieve

      public <C extends Credential> C retrieve(String credentialAlias, Class<C> credentialType, String credentialAlgorithm) throws CredentialStoreException
      Retrieve credential stored in the store under the key and of the credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to find the credential in the store
      credentialType - credential type to retrieve from under the credentialAlias from the store
      credentialAlgorithm - the credential algorithm to match, or null to match any
      Returns:
      instance of Credential stored in the store
      Throws:
      CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

    • retrieve

      public <C extends Credential> C retrieve(String credentialAlias, Class<C> credentialType, String credentialAlgorithm, AlgorithmParameterSpec parameterSpec) throws CredentialStoreException
      Retrieve credential stored in the store under the key and of the credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to find the credential in the store
      credentialType - credential type to retrieve from under the credentialAlias from the store
      credentialAlgorithm - the credential algorithm to match, or null to match any
      parameterSpec - the parameter specification to match, or null to match any
      Returns:
      instance of Credential stored in the store
      Throws:
      CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

    • retrieve

      public <C extends Credential> C retrieve(String credentialAlias, Class<C> credentialType, String credentialAlgorithm, AlgorithmParameterSpec parameterSpec, CredentialStore.ProtectionParameter protectionParameter) throws CredentialStoreException
      Retrieve credential stored in the store under the key and of the credential type.
      Type Parameters:
      C - the class of type to which should be credential casted
      Parameters:
      credentialAlias - to find the credential in the store
      credentialType - credential type to retrieve from under the credentialAlias from the store
      credentialAlgorithm - the credential algorithm to match, or null to match any
      parameterSpec - the parameter specification to match, or null to match any
      protectionParameter - the protection parameter to use, or null to use none
      Returns:
      instance of Credential stored in the store
      Throws:
      CredentialStoreException - if credentialAlias credentialType combination doesn't exist or credentialAlias cannot be retrieved

    • remove

      public void remove(String credentialAlias, Class<? extends Credential> credentialType) throws CredentialStoreException
      Remove the credentialType with from given alias matching the given criteria from the store.
      Parameters:
      credentialAlias - alias to remove credential(s) from
      credentialType - credential type to match (must not be null)
      Throws:
      CredentialStoreException - if credential removal fails

    • remove

      public void remove(String credentialAlias, Class<? extends Credential> credentialType, String credentialAlgorithm) throws CredentialStoreException
      Remove the credentialType with from given alias matching the given criteria from the store.
      Parameters:
      credentialAlias - alias to remove credential(s) from
      credentialType - credential type to match (must not be null)
      credentialAlgorithm - the algorithm name to match, or null to match any
      Throws:
      CredentialStoreException - if credential removal fails

    • remove

      public void remove(String credentialAlias, Class<? extends Credential> credentialType, String credentialAlgorithm, AlgorithmParameterSpec parameterSpec) throws CredentialStoreException
      Remove the credentialType with from given alias matching the given criteria from the store.
      Parameters:
      credentialAlias - alias to remove credential(s) from
      credentialType - credential type to match (must not be null)
      credentialAlgorithm - the algorithm name to match, or null to match any
      parameterSpec - the parameters to match, or null to match any
      Throws:
      CredentialStoreException - if credential removal fails

    • getAliases

      public Set<String> getAliases() throws UnsupportedOperationException, CredentialStoreException
      Returns Set<String> stored in this store.
      Returns:
      Set<String> of all keys stored in this store
      Throws:
      UnsupportedOperationException - when this method is not supported by the underlying credential store
      CredentialStoreException - if there is any problem with internal store

    • getCredentialTypesForAlias

      public Set<String> getCredentialTypesForAlias(String credentialAlias) throws UnsupportedOperationException
      Returns Set<String> of types stored in this store with given alias.
      Parameters:
      credentialAlias - to find the credentials types in the store
      Returns:
      Set<String> of all credential types stored in this store with given alias
      Throws:
      UnsupportedOperationException - when this method is not supported by the underlying credential store

    • flush

      public void flush() throws CredentialStoreException
      Flush the contents of this credential store to storage. This method may be a no-op on credential stores without backing storage or which do not buffer changes.
      Throws:
      CredentialStoreException - if flushing the store fails for some reason

    • getProvider

      public Provider getProvider()
      Returns Provider which provides CredentialStoreSpi for this instance.
      Returns:
      Provider of this CredentialStoreSpi

    • getType

      public String getType()
      Returns JCA service type of CredentialStoreSpi for this instance.
      Returns:
      type of service of this CredentialStoreSpi