|
IBM WebSphereTM eXtreme Scale, Release 8.6 API Specification |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SecureTokenManager
This interface is used by ObjectGrid servers to transform an object to a secure token and vice versa. A secure token is a byte array.
Here is one example of a possible usage: When a server joins the cluster,
the joining server needs to present a password to the president server in the
cluster. Before sending the password out, the joining server calls the
generateToken(Object)
method to generate a token for this
password. The token should be hard to break so the password can be protected
securely. The token will then be sent across the wire. Usually the token is
associated with a time stamp so the malicious replay attack will be difficult.
On the receving side, the server calls the verifyToken(byte[])
method to verfiy the token and reconstruct the corresponding object from the
token.
ObjectGrid utilizes JCE to provide a default implementation of this interface. In this implementation, when generating the token, the object is encrypted with a time stamp and then signed. To verify a token, the token's signature is verified and then decrypted. This implementation will need a key store configured in the ObjectGrid servers to support the data encrypting and decrypting and signature signing and verifying. Please use security.ogserver.props for the secure token key settings.
An implementation class should have a default constructor. Users can set the CustomSecureTokenManagerProps property in the server security configuration property file. This property will be set on the object using the setProperties(String) method.
SecurityConstants.SECURE_TOKEN_MANAGER_CUSTOM_STRING
,
SecurityConstants.SECURE_TOKEN_MANAGER_DEFAULT_STRING
Method Summary | |
---|---|
byte[] |
generateToken(Object o)
Generates the token for the specified object. |
void |
setProperties(String properties)
Sets the user defined properties to the factory. |
Object |
verifyToken(byte[] bytes)
Verifies the token and reconstruct the object. |
Method Detail |
---|
byte[] generateToken(Object o) throws ObjectGridSecurityException
The generated token should be hard to break.
o
- the object to be protected
ObjectGridSecurityException
- if any exception occurs during
generation of the token byte arrayObject verifyToken(byte[] bytes) throws ObjectGridSecurityException
bytes
- the token byte array representing the protected object.
ObjectGridSecurityException
- if any exception occurs during
verification of the token byte arrayvoid setProperties(String properties)
This method is used to set SecureTokenManager properties to the object. These properties can be set using the "SecureTokenManagerProps" property in the server security configuration property file. This way, you can customize your factory.
properties
- user defined properties
|
IBM WebSphereTM eXtreme Scale, Release 8.6 API Specification |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |