Package com.unboundid.ldap.sdk.unboundidds

Class TopologyRegistryTrustManagerProperties

java.lang.Object
com.unboundid.ldap.sdk.unboundidds.TopologyRegistryTrustManagerProperties
All Implemented Interfaces:
Serializable
@Mutable @ThreadSafety(level=NOT_THREADSAFE) public final class TopologyRegistryTrustManagerProperties extends Object implements Serializable
This class defines a number of configuration properties that may be used by the TopologyRegistryTrustManager.
NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
See Also:

  • Constructor Summary

    Constructors
    Constructor
    Description
    TopologyRegistryTrustManagerProperties(File configurationFile)
    Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.
    TopologyRegistryTrustManagerProperties(String configurationFilePath)
    Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties.

  • Method Summary

    Modifier and Type
    Method
    Description
    long
    getCacheDurationMillis()
    Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.
    File
    getConfigurationFile()
    Retrieves the server configuration file from which the topology registry certificates will be read.
    boolean
    ignoreIssuerCertificateValidityWindow()
    Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.
    boolean
    ignorePeerCertificateValidityWindow()
    Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
    boolean
    requirePeerCertificateInTopologyRegistry()
    Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
    void
    setCacheDuration(long cacheDurationValue, TimeUnit cacheDurationTimeUnit)
    Specifies the maximum length of time that cached topology registry information should be considered valid.
    void
    setConfigurationFile(File configurationFile)
    Specifies the server configuration file from which the topology registry certificates will be read.
    void
    setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow)
    Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.
    void
    setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow)
    Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
    void
    setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry)
    Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
    String
    toString()
    Retrieves a string representation of the topology registry trust manager properties.
    void
    toString(StringBuilder buffer)
    Appends a string representation of the topology registry trust manager properties to the given buffer.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • TopologyRegistryTrustManagerProperties

      public TopologyRegistryTrustManagerProperties(@NotNull String configurationFilePath)
      Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:
      • cacheDurationMillis -- 300,000 (five minutes)
      • requirePeerCertificateInTopologyRegistry -- false
      • ignorePeerCertificateValidityWindow -- false
      • ignoreIssuerCertificateValidityWindow -- false
      Parameters:
      configurationFilePath - The path to the server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

    • TopologyRegistryTrustManagerProperties

      public TopologyRegistryTrustManagerProperties(@NotNull File configurationFile)
      Creates a new topology registry trust manager properties object with the specified configuration file and the default settings for all other properties. Default settings include:
      • cacheDurationMillis -- 300,000 (five minutes)
      • requirePeerCertificateInTopologyRegistry -- false
      • ignorePeerCertificateValidityWindow -- false
      • ignoreIssuerCertificateValidityWindow -- false
      Parameters:
      configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

  • Method Details

    • getConfigurationFile

      @NotNull public File getConfigurationFile()
      Retrieves the server configuration file from which the topology registry certificates will be read.
      Returns:
      The server configuration file from which the topology registry certificates will be read.

    • setConfigurationFile

      public void setConfigurationFile(@NotNull File configurationFile)
      Specifies the server configuration file from which the topology registry certificates will be read.
      Parameters:
      configurationFile - The server configuration file from which the topology registry certificates will be read. It must not be null, and the file must exist.

    • getCacheDurationMillis

      public long getCacheDurationMillis()
      Retrieves the maximum length of time in milliseconds that cached topology registry information should be considered valid.
      Returns:
      The maximum length of time in milliseconds that cached topology registry information should be considered valid, or zero if topology registry information should not be cached.

    • setCacheDuration

      public void setCacheDuration(long cacheDurationValue, @NotNull TimeUnit cacheDurationTimeUnit)
      Specifies the maximum length of time that cached topology registry information should be considered valid.
      Parameters:
      cacheDurationValue - The cache duration value to use with the given time unit. If this is less than or equal to zero, then topology registry information will not be cached.
      cacheDurationTimeUnit - The time unit to use with the given value. It must not be null.

    • requirePeerCertificateInTopologyRegistry

      public boolean requirePeerCertificateInTopologyRegistry()
      Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
      Returns:
      true if a certificate chain may only be trusted if the topology registry includes the peer certificate itself, or false if a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.

    • setRequirePeerCertificateInTopologyRegistry

      public void setRequirePeerCertificateInTopologyRegistry(boolean requirePeerCertificateInTopologyRegistry)
      Specifies whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted.
      Parameters:
      requirePeerCertificateInTopologyRegistry - Indicates whether to require the peer certificate itself to be included in the topology registry for a certificate chain to be trusted. If this is true, then a certificate chain may be trusted only if the topology registry contains the peer certificate itself. If this is false, then a certificate chain may be trusted if the topology registry contains the peer certificate or any of its issuers.

    • ignorePeerCertificateValidityWindow

      public boolean ignorePeerCertificateValidityWindow()
      Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
      Returns:
      true if a certificate chain may be considered trusted even if the current time is outside the peer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.

    • setIgnorePeerCertificateValidityWindow

      public void setIgnorePeerCertificateValidityWindow(boolean ignorePeerCertificateValidityWindow)
      Indicates whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain.
      Parameters:
      ignorePeerCertificateValidityWindow - Specifies whether to ignore the validity window for the peer certificate when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside the peer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for the peer certificate.

    • ignoreIssuerCertificateValidityWindow

      public boolean ignoreIssuerCertificateValidityWindow()
      Indicates whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain.
      Returns:
      true if a certificate chain may be considered trusted even if the current time is outside the any issuer certificate's validity window, or false if a certificate chain may only be considered trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificates.

    • setIgnoreIssuerCertificateValidityWindow

      public void setIgnoreIssuerCertificateValidityWindow(boolean ignoreIssuerCertificateValidityWindow)
      Indicates whether to ignore the validity window for the issuer certificates when determining whether to trust a certificate chain.
      Parameters:
      ignoreIssuerCertificateValidityWindow - Specifies whether to ignore the validity window for issuer certificates when determining whether to trust a certificate chain. If this is true, then a certificate chain may be trusted even if the current time is outside any issuer certificate's validity window. If this is false, then a certificate chain may only be trusted if the current time is between the notBefore and notAfter timestamps for all issuer certificate.

    • toString

      @NotNull public String toString()
      Retrieves a string representation of the topology registry trust manager properties.
      Overrides:
      toString in class Object
      Returns:
      A string representation of the topology registry trust manager properties.

    • toString

      public void toString(@NotNull StringBuilder buffer)
      Appends a string representation of the topology registry trust manager properties to the given buffer.
      Parameters:
      buffer - The buffer to which the string representation should be appended.