|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface VaultAdapter
Interface that defines a Vault that may be plugged into the portal.
Note, there is only one instance of a particular Vault Adapter.
Therefore, an implementation must be guaranteed thread safe.
Credentials may be shared across different portlets (apps, instances, etc.)
and different back-ends. Credentials also may already be populated for
various back-end resources.
An instance of the vault itself is only available to the Vault
Service. The Vault Service is responsible for authorization of accesses
between the service and the installed Vaults.
Credential information is identified by Secret Types, and are defined by
the Credential Service Credential Secret Objects. Vaults may only support
a subset of the Secret Types, so a SecretTypeNotSupportedException must be
thrown.
Communication between an implementation of a Vault Adapter and the Vault
Service is done via Credential Secret Objects.
A particular Vault may also categorize mapped credentials based on
resources. Therefore, the Vault Interface provides add, delete, and modify
for individual resources. If the Vault cannot handle such categorization,
then the Adapter implementation must handle the resource logic.
This interface is designed to be implemented by clients. |
Field Summary | |
---|---|
static java.lang.String |
VAULT_SECRET_CONTEXT
The name of the context used in a JNDI lookup to get the CredentialSecretFactory class. |
Method Summary | |
---|---|
void |
addCredential(CredentialSecret secret,
Identifiable userID,
java.lang.String resource)
Adds a mapped credential of the provided secret type under the specified resource. |
boolean |
containsResource(java.lang.String resource)
Tells if the Vault contains the specified resource. |
void |
createResource(java.lang.String resource)
Adds a resource of the given name to the Vault. |
void |
deleteCredential(int secretType,
Identifiable userID,
java.lang.String resource)
Deletes a mapped credential of the provided Secret Type under the specified resource. |
void |
deleteResource(java.lang.String resource)
Deletes the specified resource from the Vault. |
void |
destroy()
Termination Routine. |
CredentialSecret |
getCredential(int secretType,
Identifiable userID,
java.lang.String resource)
Retreives a mapped credential of the provided Secret Type under the specified resource. |
int[] |
getSupportedSecretTypes()
Returns an array of integers of the supported Secret Types. |
java.lang.String |
getVersion()
Returns the descriptive Version String of this Vault Adapter. |
boolean |
init(java.lang.String configFilename)
Initialization Routine. |
boolean |
isSecretTypeSupported(int secretType)
Tells if the specified Secret Type is supported |
java.util.Iterator<java.lang.String> |
listResources()
Returns a list of resources as strings. |
void |
modifyCredential(CredentialSecret secret,
Identifiable userID,
java.lang.String resource)
Modifies a mapped credential of the provided secret type under the specified resource. |
Field Detail |
---|
static final java.lang.String VAULT_SECRET_CONTEXT
com.ibm.portal.portlet.service.credentialvault.spi.secret.CredentialSecretFactory
,
Constant Field ValuesMethod Detail |
---|
boolean init(java.lang.String configFilename)
configFilename
- Configuration file name
void destroy()
void addCredential(CredentialSecret secret, Identifiable userID, java.lang.String resource) throws SecretTypeNotSupportedException, CredentialVaultException
secret
- Credential Secret to add. The code of the custom Vault Adapter has to
throw a CredentialVaultException if the secret is null.userID
- The identifiable of the secret ownerresource
- Resource to add the credential under, arbitrary String
SecretTypeNotSupportedException
- The provided secret type is
not supported.
CredentialVaultException
- Problem communicating with the
back-end Vault or the credential could not
be addedvoid modifyCredential(CredentialSecret secret, Identifiable userID, java.lang.String resource) throws SecretTypeNotSupportedException, CredentialVaultException
secret
- New Credential Secret. The code of the custom Vault Adapter has to
throw a CredentialVaultException if the secret is null.userID
- The identifiable of the secret ownerresource
- Resource to modify the credential under, arbitrary String
if the resource is not found, the secret cannot be changed and a
CredentialVaultException is thrown
SecretTypeNotSupportedException
- The provided secret type is
not supported.
CredentialVaultException
- Problem communicating with the
backend Vault or the credential could not
be modifiedvoid deleteCredential(int secretType, Identifiable userID, java.lang.String resource) throws SecretTypeNotSupportedException, CredentialVaultException
secretType
- Secret TypeuserID
- The identifiable of the secret ownerresource
- Resource to delete the credential under.
If the resource is not found, the secret cannot be deleted and a
CredentialVaultException is thrown
SecretTypeNotSupportedException
- The provided secret type is
not supported.
CredentialVaultException
- Problem communicating with the
backend Vault or the credential could not
be deletedCredentialSecret getCredential(int secretType, Identifiable userID, java.lang.String resource) throws SecretTypeNotSupportedException, CredentialVaultException
secretType
- Secret TypeuserID
- The identifiable of the secret ownerresource
- Resource to delete the credential under
SecretTypeNotSupportedException
- The provided secret type is
not supported.
CredentialVaultException
- Problem communicating with the
back-end Vault or the credential could not
be retrievedvoid createResource(java.lang.String resource) throws CredentialVaultException
resource
- Resource name to create. The resource name can be any string.
CredentialVaultException
- Problem communicating with the
backend Vault or the resource could not
be addedvoid deleteResource(java.lang.String resource) throws CredentialVaultException
resource
- Resource name to delete
CredentialVaultException
- Problem communicating with the
backend Vault or the resource could not
be deletedboolean containsResource(java.lang.String resource) throws CredentialVaultException
resource
- Resource name
CredentialVaultException
- Problem communicating with the
backend Vaultjava.util.Iterator<java.lang.String> listResources() throws CredentialVaultException
CredentialVaultException
- Problem communicating with the
backe-nd Vaultint[] getSupportedSecretTypes()
CredentialSecret
java.lang.String getVersion()
boolean isSecretTypeSupported(int secretType)
secretType
- Secret Type to check
CredentialSecret
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |