Class TopologyRegistryTrustManagerProperties
- java.lang.Object
-
- com.unboundid.ldap.sdk.unboundidds.TopologyRegistryTrustManagerProperties
-
- All Implemented Interfaces:
java.io.Serializable
@Mutable @ThreadSafety(level=NOT_THREADSAFE) public final class TopologyRegistryTrustManagerProperties extends java.lang.Object implements java.io.Serializable
This class defines a number of configuration properties that may be used by theTopologyRegistryTrustManager
.
NOTE: This class, and other classes within the
com.unboundid.ldap.sdk.unboundidds
package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.- See Also:
- Serialized Form
-
-
Constructor Summary
Constructors Constructor Description TopologyRegistryTrustManagerProperties(java.io.File configurationFile)
Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.TopologyRegistryTrustManagerProperties(java.lang.String configurationFilePath)
Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description long
getCacheDurationMillis()
Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.java.io.File
getConfigurationFile()
Retrieves the server configuration file from which the topology registry certificates will be read.boolean
ignoreIssuerCertificateValidityWindow()
Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.boolean
ignorePeerCertificateValidityWindow()
Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.boolean
requirePeerCertificateInTopologyRegistry()
Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.void
setCacheDuration(long cacheDurationValue, java.util.concurrent.TimeUnit cacheDurationTimeUnit)
Specifies the maximum length of time that cached topology registry information should be considered valid.void
setConfigurationFile(java.io.File configurationFile)
Specifies the server configuration file from which the topology registry certificates will be read.void
setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow)
Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.void
setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow)
Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.void
setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry)
Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.java.lang.String
toString()
Retrieves a string representation of the topology registry trust manager properties.void
toString(java.lang.StringBuilder buffer)
Appends a string representation of the topology registry trust manager properties to the given buffer.
-
-
-
Constructor Detail
-
TopologyRegistryTrustManagerProperties
public TopologyRegistryTrustManagerProperties(@NotNull java.lang.String configurationFilePath)
Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:- cacheDurationMillis -- 300,000 (five minutes)
- requirePeerCertificateInTopologyRegistry -- false
- ignorePeerCertificateValidityWindow -- false
- ignoreIssuerCertificateValidityWindow -- false
- Parameters:
configurationFilePath
- The path to the server configuration file from which the topology registry certificates will be read. It must not benull
, and the file must exist.
-
TopologyRegistryTrustManagerProperties
public TopologyRegistryTrustManagerProperties(@NotNull java.io.File configurationFile)
Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:- cacheDurationMillis -- 300,000 (five minutes)
- requirePeerCertificateInTopologyRegistry -- false
- ignorePeerCertificateValidityWindow -- false
- ignoreIssuerCertificateValidityWindow -- false
- Parameters:
configurationFile
- The server configuration file from which the topology registry certificates will be read. It must not benull
, and the file must exist.
-
-
Method Detail
-
getConfigurationFile
@NotNull public java.io.File getConfigurationFile()
Retrieves the server configuration file from which the topology registry certificates will be read.- Returns:
- The server configuration file from which the topology registry certificates will be read.
-
setConfigurationFile
public void setConfigurationFile(@NotNull java.io.File configurationFile)
Specifies the server configuration file from which the topology registry certificates will be read.- Parameters:
configurationFile
- The server configuration file from which the topology registry certificates will be read. It must not benull
, and the file must exist.
-
getCacheDurationMillis
public long getCacheDurationMillis()
Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.- Returns:
- The maximum length of time in milliseconds that cached topology registry information should be considered valid, or zero if topology registry information should not be cached.
-
setCacheDuration
public void setCacheDuration(long cacheDurationValue, @NotNull java.util.concurrent.TimeUnit cacheDurationTimeUnit)
Specifies the maximum length of time that cached topology registry information should be considered valid.- Parameters:
cacheDurationValue
- The cache duration value to use with the given time unit. If this is less than or equal to zero, then topology registry information will not be cached.cacheDurationTimeUnit
- The time unit to use with the given value. It must not benull
.
-
requirePeerCertificateInTopologyRegistry
public boolean requirePeerCertificateInTopologyRegistry()
Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.- Returns:
true
if a certificate chain may only be trusted if the topology registry includes the peer certificate itself, orfalse
if a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.
-
setRequirePeerCertificateInTopologyRegistry
public void setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry)
Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.- Parameters:
requirePeerCertificateInTopologyRegistry
- Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted. If this istrue
, then a certificate chain may be trusted only if the topology registry contains the peer certificate itself. If this isfalse
, then a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.
-
ignorePeerCertificateValidityWindow
public boolean ignorePeerCertificateValidityWindow()
Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.- Returns:
true
if a certificate chain may be considered trusted even if the current time is outside the peer certificate's validity window, orfalse
if a certificate chain may only be considered trusted if the current time is between thenotBefore
andnotAfter
timestamps for the peer certificate.
-
setIgnorePeerCertificateValidityWindow
public void setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow)
Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.- Parameters:
ignorePeerCertificateValidityWindow
- Specifies whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain. If this istrue
, then a certificate chain may be trusted even if the current time is outside the peer certificate's validity window. If this isfalse
, then a certificate chain may only be trusted if the current time is between thenotBefore
andnotAfter
timestamps for the peer certificate.
-
ignoreIssuerCertificateValidityWindow
public boolean ignoreIssuerCertificateValidityWindow()
Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.- Returns:
true
if a certificate chain may be considered trusted even if the current time is outside the any issuer certificate's validity window, orfalse
if a certificate chain may only be considered trusted if the current time is between thenotBefore
andnotAfter
timestamps for all issuer certificates.
-
setIgnoreIssuerCertificateValidityWindow
public void setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow)
Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.- Parameters:
ignoreIssuerCertificateValidityWindow
- Specifies whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain. If this istrue
, then a certificate chain may be trusted even if the current time is outside any issuer certificate's validity window. If this isfalse
, then a certificate chain may only be trusted if the current time is between thenotBefore
andnotAfter
timestamps for all issuer certificate.
-
toString
@NotNull public java.lang.String toString()
Retrieves a string representation of the topology registry trust manager properties.- Overrides:
toString
in classjava.lang.Object
- Returns:
- A string representation of the topology registry trust manager properties.
-
-