Class TopologyRegistryTrustManagerProperties

  • All Implemented Interfaces:
    java.io.Serializable

    @Mutable
    @ThreadSafety(level=NOT_THREADSAFE)
    public final class TopologyRegistryTrustManagerProperties
    extends java.lang.Object
    implements java.io.Serializable
    This class defines a number of configuration properties that may be used by the TopologyRegistryTrustManager.
    NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
    See Also:
    Serialized Form
    • Constructor Summary

      Constructors 
      Constructor Description
      TopologyRegistryTrustManagerProperties​(java.io.File configurationFile)
      Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.
      TopologyRegistryTrustManagerProperties​(java.lang.String configurationFilePath)
      Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      long getCacheDurationMillis()
      Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.
      java.io.File getConfigurationFile()
      Retrieves the server configuration file from which the topology registry certificates will be read.
      boolean ignoreIssuerCertificateValidityWindow()
      Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.
      boolean ignorePeerCertificateValidityWindow()
      Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
      boolean requirePeerCertificateInTopologyRegistry()
      Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
      void setCacheDuration​(long cacheDurationValue, java.util.concurrent.TimeUnit cacheDurationTimeUnit)
      Specifies the maximum length of time that cached topology registry information should be considered valid.
      void setConfigurationFile​(java.io.File configurationFile)
      Specifies the server configuration file from which the topology registry certificates will be read.
      void setIgnoreIssuerCertificateValidityWindow​(boolean ignoreIssuerCertificateValidityWindow)
      Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.
      void setIgnorePeerCertificateValidityWindow​(boolean ignorePeerCertificateValidityWindow)
      Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
      void setRequirePeerCertificateInTopologyRegistry​(boolean requirePeerCertificateInTopologyRegistry)
      Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
      java.lang.String toString()
      Retrieves a string representation of the topology registry trust manager properties.
      void toString​(java.lang.StringBuilder buffer)
      Appends a string representation of the topology registry trust manager properties to the given buffer.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Constructor Detail

      • TopologyRegistryTrustManagerProperties

        public TopologyRegistryTrustManagerProperties​(@NotNull
                                                      java.lang.String configurationFilePath)
        Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:
        • cacheDurationMillis -- 300,000 (five minutes)
        • requirePeerCertificateInTopologyRegistry -- false
        • ignorePeerCertificateValidityWindow -- false
        • ignoreIssuerCertificateValidityWindow -- false
        Parameters:
        configurationFilePath - The path to the server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.
      • TopologyRegistryTrustManagerProperties

        public TopologyRegistryTrustManagerProperties​(@NotNull
                                                      java.io.File configurationFile)
        Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:
        • cacheDurationMillis -- 300,000 (five minutes)
        • requirePeerCertificateInTopologyRegistry -- false
        • ignorePeerCertificateValidityWindow -- false
        • ignoreIssuerCertificateValidityWindow -- false
        Parameters:
        configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.
    • Method Detail

      • getConfigurationFile

        @NotNull
        public java.io.File getConfigurationFile()
        Retrieves the server configuration file from which the topology registry certificates will be read.
        Returns:
        The server configuration file from which the topology registry certificates will be read.
      • setConfigurationFile

        public void setConfigurationFile​(@NotNull
                                         java.io.File configurationFile)
        Specifies the server configuration file from which the topology registry certificates will be read.
        Parameters:
        configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.
      • getCacheDurationMillis

        public long getCacheDurationMillis()
        Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.
        Returns:
        The maximum length of time in milliseconds that cached topology registry information should be considered valid, or zero if topology registry information should not be cached.
      • setCacheDuration

        public void setCacheDuration​(long cacheDurationValue,
                                     @NotNull
                                     java.util.concurrent.TimeUnit cacheDurationTimeUnit)
        Specifies the maximum length of time that cached topology registry information should be considered valid.
        Parameters:
        cacheDurationValue - The cache duration value to use with the given time unit. If this is less than or equal to zero, then topology registry information will not be cached.
        cacheDurationTimeUnit - The time unit to use with the given value. It must not be null.
      • requirePeerCertificateInTopologyRegistry

        public boolean requirePeerCertificateInTopologyRegistry()
        Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
        Returns:
        true if a certificate chain may only be trusted if the topology registry includes the peer certificate itself, or false if a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.
      • setRequirePeerCertificateInTopologyRegistry

        public void setRequirePeerCertificateInTopologyRegistry​(boolean requirePeerCertificateInTopologyRegistry)
        Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
        Parameters:
        requirePeerCertificateInTopologyRegistry - Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted. If this is true, then a certificate chain may be trusted only if the topology registry contains the peer certificate itself. If this is false, then a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.
      • ignorePeerCertificateValidityWindow

        public boolean ignorePeerCertificateValidityWindow()
        Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
        Returns:
        true if a certificate chain may be considered trusted even if the current time is outside the peer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.
      • setIgnorePeerCertificateValidityWindow

        public void setIgnorePeerCertificateValidityWindow​(boolean ignorePeerCertificateValidityWindow)
        Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
        Parameters:
        ignorePeerCertificateValidityWindow - Specifies whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside the peer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.
      • ignoreIssuerCertificateValidityWindow

        public boolean ignoreIssuerCertificateValidityWindow()
        Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.
        Returns:
        true if a certificate chain may be considered trusted even if the current time is outside the any issuer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificates.
      • setIgnoreIssuerCertificateValidityWindow

        public void setIgnoreIssuerCertificateValidityWindow​(boolean ignoreIssuerCertificateValidityWindow)
        Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.
        Parameters:
        ignoreIssuerCertificateValidityWindow - Specifies whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside any issuer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificate.
      • toString

        @NotNull
        public java.lang.String toString()
        Retrieves a string representation of the topology registry trust manager properties.
        Overrides:
        toString in class java.lang.Object
        Returns:
        A string representation of the topology registry trust manager properties.
      • toString

        public void toString​(@NotNull
                             java.lang.StringBuilder buffer)
        Appends a string representation of the topology registry trust manager properties to the given buffer.
        Parameters:
        buffer - The buffer to which the string representation should be appended.