at.gv.egovernment.moa.spss.server.config
Class ConfigurationProvider

java.lang.Object
  |
  +--at.gv.egovernment.moa.spss.server.config.ConfigurationProvider

public class ConfigurationProvider

extends Object

A class providing access to the MOA configuration data.

Configuration data is read from an XML file, whose location is given by the moa.spss.server.configuration system property.

This class implements the Singleton pattern. The reload() method can be used to update the configuration data. Therefore, it is not guaranteed that consecutive calls to getInstance() will return the same ConfigurationProvider all the time. During the processing of a web service request, the current TransactionContext should be used to obtain the ConfigurationProvider local to that request.

Version:

$Id$

Author:

Patrick Peck, Sven Aigner

Field Summary

static String	ARCHIVE_REVOCATION_INFO_PROPERTY The name of the generic configuration property determining whether to archive revocation information.
static String	AUTO_ADD_CERTIFICATES_PROPERTY The name of the generic configuration property which determines if certificates should be added to the cert store automatically.
static String	CONFIG_PROPERTY_NAME The name of the system property which contains the file name of the configuration file.
static String	DATABASE_ARCHIVE_PARAMETER_PROPERTY The name of the generic configuration property giving the database URL of the CRL archive.
static String	DIRECTORY_CERTSTORE_PARAMETER_PROPERTY The name of the generic configuration property giving the root directory of a directory based cert store.
static String	MAX_REVOCATION_AGE_PROPERTY The name of the generic configuration property determining the maximum age of CRL entries.
static String	REVOCATION_CHECKING_PROPERTY The name of the generic configuration property determining whether to check the revocation status of signer certificates.
static String	TEST_SIGNING_TIME_PROPERTY The name of the generic configuration property used for setting the signing time to a predefined value.
static String	USE_AUTHORITY_INFO_ACCESS_PROPERTY The name of the generic configuration property whether the authority info access should be used.

Constructor Summary

ConfigurationProvider(String fileName)
Constructor for ConfigurationProvider.

Method Summary

String	getCanonicalizationAlgorithmName() Return the name of the canonicalization algorithm used during signature creation.
String	getChainingMode(X509Certificate trustAnchor) Return the chaining mode for a given trust anchor.
org.w3c.dom.Element	getCreateSignatureEnvironmentProfile(String id) Return a CreateSignatureEnvironmentProfile with the given ID.
org.w3c.dom.Element	getCreateTransformsInfoProfile(String id) Return a CreateTransformsInfoProfile with the given ID.
int	getCRLArchiveDuration() Return the CRL archive duration.
Set	getCRLDP(X509Certificate cert) Return the CRL distribution points for a given CA.
String	getDigestMethodAlgorithmName() Return the name of the digest algorithm used during signature creation.
String	getGenericConfiguration(String name) Return the value of a generic configuration.
String	getGenericConfiguration(String name, String defaultValue) Return the value of a generic configuration, or a given default value.
List	getHardwareCryptoModules() Return the configured hardware crypto modules.
List	getHardwareKeyModules() Return the hardware key modules configuration.
static ConfigurationProvider	getInstance() Return the single instance of configuration data.
Set	getKeyGroupEntries(Principal issuer, BigInteger serial, String keyGroupId) Return the set of KeyGroupEntrys of a given key group, which a client (identified by an issuer/serial pair) may access.
Map	getKeyGroups() Return the key group mapping.
List	getSoftwareKeyModules() Return the software key module configuration.
org.w3c.dom.Element	getSupplementProfile(String id) Return a SupplementProfile with the given ID.
TrustProfile	getTrustProfile(String id) Return a TrustProfile with the given ID.
org.w3c.dom.Element	getVerifyTransformsInfoProfile(String id) Return a VerifyTransformsInfoProfile with the given ID.
List	getWarnings() Returns the warnings encountered during building the configuration.
static ConfigurationProvider	reload() Reload the configuration data and set it if successful.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

CONFIG_PROPERTY_NAME

public static final String CONFIG_PROPERTY_NAME

The name of the system property which contains the file name of the configuration file.

DIRECTORY_CERTSTORE_PARAMETER_PROPERTY

public static final String DIRECTORY_CERTSTORE_PARAMETER_PROPERTY

The name of the generic configuration property giving the root directory of a directory based cert store.

AUTO_ADD_CERTIFICATES_PROPERTY

public static final String AUTO_ADD_CERTIFICATES_PROPERTY

The name of the generic configuration property which determines if certificates should be added to the cert store automatically.

USE_AUTHORITY_INFO_ACCESS_PROPERTY

public static final String USE_AUTHORITY_INFO_ACCESS_PROPERTY

The name of the generic configuration property whether the authority info access should be used.

MAX_REVOCATION_AGE_PROPERTY

public static final String MAX_REVOCATION_AGE_PROPERTY

The name of the generic configuration property determining the maximum age of CRL entries.

DATABASE_ARCHIVE_PARAMETER_PROPERTY

public static final String DATABASE_ARCHIVE_PARAMETER_PROPERTY

The name of the generic configuration property giving the database URL of the CRL archive.

REVOCATION_CHECKING_PROPERTY

public static final String REVOCATION_CHECKING_PROPERTY

The name of the generic configuration property determining whether to check the revocation status of signer certificates.

ARCHIVE_REVOCATION_INFO_PROPERTY

public static final String ARCHIVE_REVOCATION_INFO_PROPERTY

The name of the generic configuration property determining whether to archive revocation information.

TEST_SIGNING_TIME_PROPERTY

public static final String TEST_SIGNING_TIME_PROPERTY

The name of the generic configuration property used for setting the signing time to a predefined value. (Use for testing purposes only).

Constructor Detail

ConfigurationProvider

public ConfigurationProvider(String fileName)
                      throws ConfigurationException

Constructor for ConfigurationProvider.

Parameters:

fileName - The name of the configuration file.

Throws:

ConfigurationException - An error occurred loading the configuration.

Method Detail

getInstance

public static ConfigurationProvider getInstance()
                                         throws ConfigurationException

Return the single instance of configuration data.

Returns:

MOAConfigurationProvider The current configuration data.

Throws:

ConfigurationException - Failure to load the configuration data.

reload

public static ConfigurationProvider reload()
                                    throws ConfigurationException

Reload the configuration data and set it if successful.

Returns:

MOAConfigurationProvider The loaded configuration data.

Throws:

ConfigurationException - Failure to load the configuration data.

getWarnings

public List getWarnings()

Returns the warnings encountered during building the configuration.

Returns:

A List of Strings, containing the warning messages.

getDigestMethodAlgorithmName

public String getDigestMethodAlgorithmName()

Return the name of the digest algorithm used during signature creation.

Returns:

The digest method algorithm name, or an empty String, if none has been configured.

getCanonicalizationAlgorithmName

public String getCanonicalizationAlgorithmName()

Return the name of the canonicalization algorithm used during signature creation.

Returns:

The canonicalization algorithm name, or an empty String if none has been configured.

getHardwareCryptoModules

public List getHardwareCryptoModules()

Return the configured hardware crypto modules.

Returns:

A List of HardwareCryptoModule objects containing the hardware crypto module configurations.

getHardwareKeyModules

public List getHardwareKeyModules()

Return the hardware key modules configuration.

Returns:

A List of HardwareKeyModule objects containing the configuration of the hardware key modules.

getSoftwareKeyModules

public List getSoftwareKeyModules()

Return the software key module configuration.

Returns:

A List of SoftwareKeyModule objects containing the configuration of the software key modules.

getKeyGroups

public Map getKeyGroups()

Return the key group mapping.

Returns:

A mapping from key group ID (a String) to KeyGroup mapping.

getKeyGroupEntries

public Set getKeyGroupEntries(Principal issuer,
                              BigInteger serial,
                              String keyGroupId)

Return the set of KeyGroupEntrys of a given key group, which a client (identified by an issuer/serial pair) may access.

Parameters:

issuer - The issuer of the client certificate.

serial - The serial number of the client certificate.

keyGroupId - The ID of the key group.

Returns:

A Set of all the KeyGroupEntrys in the given key group, if the user may access them. Returns null, if the user may not access the given key group or if the key group does not exist.

getChainingMode

public String getChainingMode(X509Certificate trustAnchor)

Return the chaining mode for a given trust anchor.

Parameters:

trustAnchor - The trust anchor for which the chaining mode should be returned.

Returns:

The chaining mode for the given trust anchor. If the trust anchor has not been configured separately, the system default will be returned.

getCRLDP

public Set getCRLDP(X509Certificate cert)

Return the CRL distribution points for a given CA.

Parameters:

cert - The certificate for which the CRL distribution points should be looked up. The issuer information is used to perform the lookup.

Returns:

A Set of DistributionPoint objects. The set will be empty, if no distribution points have been configured for this certificate.

getCRLArchiveDuration

public int getCRLArchiveDuration()

Return the CRL archive duration.

Returns:

The duration of how long to keep CRL archive entries (measured in days).

getGenericConfiguration

public String getGenericConfiguration(String name)

Return the value of a generic configuration.

Parameters:

name - The name of the generic configuration.

Returns:

The value of the generic configuration with the given name, or null, if none can be found.

getGenericConfiguration

public String getGenericConfiguration(String name,
                                      String defaultValue)

Return the value of a generic configuration, or a given default value.

Parameters:

name - The name of the generic configuration.

defaultValue - A default value to be returned in case that the generic configuration with the given name does not exist.

Returns:

The value of the generic configuration with the given name, or the defaultValue, if none can be found.

getCreateTransformsInfoProfile

public org.w3c.dom.Element getCreateTransformsInfoProfile(String id)

Return a CreateTransformsInfoProfile with the given ID.

Parameters:

id - The CreateTransformsInfoProfile ID.

Returns:

The CreateTransformsInfoProfile with the given ID or null, if none exists.

getCreateSignatureEnvironmentProfile

public org.w3c.dom.Element getCreateSignatureEnvironmentProfile(String id)

Return a CreateSignatureEnvironmentProfile with the given ID.

Parameters:

id - The CreateSignatureEnvironmentProfile ID.

Returns:

The CreateSignatureEnvironmentProfile with the given ID or null, if none exists.

getVerifyTransformsInfoProfile

public org.w3c.dom.Element getVerifyTransformsInfoProfile(String id)

Return a VerifyTransformsInfoProfile with the given ID.

Parameters:

id - The VerifyTransformsInfoProfile ID.

Returns:

The VerifyTransformsInfoProfile with the given ID or null, if none exists.

getSupplementProfile

public org.w3c.dom.Element getSupplementProfile(String id)

Return a SupplementProfile with the given ID.

Parameters:

id - The SupplementProfile ID.

Returns:

The SupplementProfile with the given ID or null, if none exists.

getTrustProfile

public TrustProfile getTrustProfile(String id)

Return a TrustProfile with the given ID.

Parameters:

id - The TrustProfile ID.

Returns:

The TrustProfile with the given ID or null, if none exists.