Interface ISecurityService
-
public interface ISecurityService
The security service is responsible for validating (remote) requests. Currently only platform level authentication is provided. More fine grained control on service/method level based on user/group access rights is planned for the mid-term future.
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description IFuture<java.lang.Void>
addNameAuthority(java.lang.String cert)
Adds an authority for authenticating platform names.IFuture<java.lang.Void>
addRole(java.lang.String entity, java.lang.String role)
Adds a role for an entity (platform or network name).IFuture<java.lang.Void>
addTrustedPlatform(java.lang.String name)
Adds a name of an authenticated platform to allow access.IFuture<java.lang.Boolean>
checkPlatformPassword(java.lang.String platformpass)
Check the platform password.IFuture<Tuple2<ISecurityInfo,byte[]>>
decryptAndAuth(IComponentIdentifier sender, byte[] content)
Decrypt and authenticates the message from a sender.IFuture<byte[]>
encryptAndSign(IMsgHeader header, byte[] content)
Encrypts and signs the message for a receiver.IFuture<MultiCollection<java.lang.String,java.lang.String>>
getAllKnownNetworks()
Gets the current known networks and secrets.IFuture<java.util.Set<java.lang.String>>
getCustomNameAuthorities()
Gets all authorities not defined in the Java trust store for authenticating platform names.JadexVersion
getJadexVersion(IComponentIdentifier remoteid)
Opportunistically returns the remote Jadex version if known.IFuture<java.util.Set<java.lang.String>>
getNameAuthorities()
Gets all authorities for authenticating platform names.IFuture<java.lang.String[][]>
getNameAuthoritiesInfo()
Get infos about name authorities.IFuture<java.util.Set<java.lang.String>>
getNetworkNames()
Gets the current network names.IFuture<java.lang.String>
getPlatformSecret(IComponentIdentifier cid)
Gets the secret of a platform if available.IFuture<java.util.Map<java.lang.String,java.util.Set<java.lang.String>>>
getRoleMap()
Gets a copy of the current role map.IFuture<java.util.Set<java.lang.String>>
getTrustedPlatforms()
Gets the trusted platforms that are specified by names.IFuture<java.lang.Boolean>
isPrintPlatformSecret()
Checks if platform secret is printed.IFuture<java.lang.Boolean>
isUsePlatformSecret()
Checks if platform secret is used.IFuture<java.lang.Void>
removeNameAuthority(java.lang.String cert)
Remvoes an authority for authenticating platform names.IFuture<java.lang.Void>
removeNetwork(java.lang.String networkname, java.lang.String secret)
Remove a network.IFuture<java.lang.Void>
removeRole(java.lang.String entity, java.lang.String role)
Adds a role of an entity (platform or network name).IFuture<java.lang.Void>
removeTrustedPlatform(java.lang.String name)
Adds a name of an authenticated platform to allow access.IFuture<java.lang.Void>
setNetwork(java.lang.String networkname, java.lang.String secret)
Sets a new network.IFuture<java.lang.Void>
setPlatformSecret(IComponentIdentifier cid, java.lang.String secret)
Sets the secret of a platform.IFuture<java.lang.Void>
setPrintPlatformSecret(boolean printplatformsecret)
Sets whether the platform secret should be printed.IFuture<java.lang.Void>
setUsePlatformSecret(boolean useplatformsecret)
Sets whether the platform secret should be used.
-
-
-
Method Detail
-
encryptAndSign
IFuture<byte[]> encryptAndSign(IMsgHeader header, byte[] content)
Encrypts and signs the message for a receiver.- Parameters:
receiver
- The receiver.content
- The content- Returns:
- Encrypted/signed message.
-
decryptAndAuth
IFuture<Tuple2<ISecurityInfo,byte[]>> decryptAndAuth(IComponentIdentifier sender, byte[] content)
Decrypt and authenticates the message from a sender.- Parameters:
sender
- The sender.content
- The content.- Returns:
- Decrypted/authenticated message or null on invalid message.
-
isUsePlatformSecret
IFuture<java.lang.Boolean> isUsePlatformSecret()
Checks if platform secret is used.- Returns:
- True, if so.
-
setUsePlatformSecret
IFuture<java.lang.Void> setUsePlatformSecret(boolean useplatformsecret)
Sets whether the platform secret should be used.- Parameters:
useplatformsecret
- The flag.- Returns:
- Null, when done.
-
isPrintPlatformSecret
IFuture<java.lang.Boolean> isPrintPlatformSecret()
Checks if platform secret is printed.- Returns:
- True, if so.
-
setPrintPlatformSecret
IFuture<java.lang.Void> setPrintPlatformSecret(boolean printplatformsecret)
Sets whether the platform secret should be printed.- Parameters:
printplatformsecret
- The flag.- Returns:
- Null, when done.
-
setNetwork
IFuture<java.lang.Void> setNetwork(java.lang.String networkname, java.lang.String secret)
Sets a new network.- Parameters:
networkname
- The network name.secret
- The secret, null to remove.- Returns:
- Null, when done.
-
removeNetwork
IFuture<java.lang.Void> removeNetwork(java.lang.String networkname, java.lang.String secret)
Remove a network.- Parameters:
networkname
- The network name.secret
- The secret, null to remove the network completely.- Returns:
- Null, when done.
-
getAllKnownNetworks
IFuture<MultiCollection<java.lang.String,java.lang.String>> getAllKnownNetworks()
Gets the current known networks and secrets.- Returns:
- The current networks and secrets.
-
addNameAuthority
IFuture<java.lang.Void> addNameAuthority(java.lang.String cert)
Adds an authority for authenticating platform names.- Parameters:
secret
- The secret, only X.509 secrets allowed.- Returns:
- Null, when done.
-
removeNameAuthority
IFuture<java.lang.Void> removeNameAuthority(java.lang.String cert)
Remvoes an authority for authenticating platform names.- Parameters:
secret
- The secret, only X.509 secrets allowed.- Returns:
- Null, when done.
-
addTrustedPlatform
IFuture<java.lang.Void> addTrustedPlatform(java.lang.String name)
Adds a name of an authenticated platform to allow access.- Parameters:
name
- The platform name, name must be authenticated with certificate.- Returns:
- Null, when done.
-
removeTrustedPlatform
IFuture<java.lang.Void> removeTrustedPlatform(java.lang.String name)
Adds a name of an authenticated platform to allow access.- Parameters:
name
- The platform name.- Returns:
- Null, when done.
-
getTrustedPlatforms
IFuture<java.util.Set<java.lang.String>> getTrustedPlatforms()
Gets the trusted platforms that are specified by names.- Returns:
- The trusted platforms and their roles.
-
getNameAuthorities
IFuture<java.util.Set<java.lang.String>> getNameAuthorities()
Gets all authorities for authenticating platform names.- Returns:
- List of all name authorities.
-
getNameAuthoritiesInfo
IFuture<java.lang.String[][]> getNameAuthoritiesInfo()
Get infos about name authorities. Format is [{subjectid,dn,custom},...]- Returns:
- Infos about the name authorities.
-
getCustomNameAuthorities
IFuture<java.util.Set<java.lang.String>> getCustomNameAuthorities()
Gets all authorities not defined in the Java trust store for authenticating platform names.- Returns:
- List of name authorities.
-
getPlatformSecret
IFuture<java.lang.String> getPlatformSecret(IComponentIdentifier cid)
Gets the secret of a platform if available.- Parameters:
cid
- ID of the platform.- Returns:
- Encoded secret or null.
-
setPlatformSecret
IFuture<java.lang.Void> setPlatformSecret(IComponentIdentifier cid, java.lang.String secret)
Sets the secret of a platform.- Parameters:
cid
- ID of the platform.secret
- Encoded secret or null to remove.
-
addRole
IFuture<java.lang.Void> addRole(java.lang.String entity, java.lang.String role)
Adds a role for an entity (platform or network name).- Parameters:
entity
- The entity name.role
- The role name.- Returns:
- Null, when done.
-
removeRole
IFuture<java.lang.Void> removeRole(java.lang.String entity, java.lang.String role)
Adds a role of an entity (platform or network name).- Parameters:
entity
- The entity name.role
- The role name.- Returns:
- Null, when done.
-
getRoleMap
IFuture<java.util.Map<java.lang.String,java.util.Set<java.lang.String>>> getRoleMap()
Gets a copy of the current role map.- Returns:
- Copy of the role map.
-
getNetworkNames
IFuture<java.util.Set<java.lang.String>> getNetworkNames()
Gets the current network names.- Returns:
- The current networks names.
-
getJadexVersion
JadexVersion getJadexVersion(IComponentIdentifier remoteid)
Opportunistically returns the remote Jadex version if known.- Parameters:
remoteid
- ID of the remote platform.- Returns:
- Null, if the version is cannot be determined, a JadexVersion otherwise. Note that the JadexVersion can still be an unknown version (as determined by isUnknown), which means that the platform itself reported an unknown version.
-
checkPlatformPassword
IFuture<java.lang.Boolean> checkPlatformPassword(java.lang.String platformpass)
Check the platform password.- Parameters:
platformpass
- The platform password.- Returns:
- True, if platform password is correct.
-
-