Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD

com.entrust.toolkit.x509.directory
Class JNDIDirectory

java.lang.Object
  |
  +--com.entrust.toolkit.x509.directory.JNDIDirectory
public class JNDIDirectory
extends java.lang.Object
implements LdapDirectory

Provides an interface to a JNDI Directory.

JNDIDirectory implements the IX509Directory interface. The class uses the Java Naming and Directory Interface (JNDI) as the means of retrieving the data, and relies on classes delivered in jndi.jar and ldap.jar to function correctly. These jar files are available from Sun Microsystems.

Constructor Summary
JNDIDirectory(javax.naming.directory.DirContext dir)
           Constructor used to minimize number of Directory connections.
JNDIDirectory(java.lang.String ipAddress, int port)
           Constructs a JNDIDirectory object using Directory IP address and port number as arguments.
 
Method Summary
 javax.naming.directory.DirContext connect()
           Connects to the Directory.
 byte[][] getAttr(java.lang.String DN, java.lang.String attributeToFind)
           Search the Directory for a given attribute within a DN entry.
 X509CRL[] getCRLs(java.lang.String distributionPoint, boolean wantARL)
           Finds the CRLs or ARLs from a distribution point
 javax.naming.NamingEnumeration Search(java.lang.String searchBase, java.lang.String searchExpr)
           Searches the Directory for a given entry within a searchbase hierarchy.
 byte[][] Search(java.lang.String searchBase, java.lang.String searchExpr, java.lang.String attributeToFind)
           Searches the Directory for a given attribute within a searchbase hierarchy.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JNDIDirectory

public JNDIDirectory(java.lang.String ipAddress,
                     int port)
Constructs a JNDIDirectory object using Directory IP address and port number as arguments.

A URL in the format ldap://ipAddress:port is constructed from this information and stored for later use. The application must call the connect() method before a connection to the URL is established.

Parameters:
ipAddress - the ip address as a string, for example, 1.2.3.4
port - the port number

JNDIDirectory

public JNDIDirectory(javax.naming.directory.DirContext dir)
Constructor used to minimize number of Directory connections.

The argument, dir is an initailized JNDI DirContext

Applications using this constructor should not call the connect method.

Parameters:
dir - a javax.naming.directory.DirContext object.
Method Detail

connect

public javax.naming.directory.DirContext connect()
                                          throws javax.naming.NamingException
Connects to the Directory.

This method establishes a new JNDI context. The method uses the IP address and port number from the constructor, and returns this context so that the application can use it to create additional JNDIDirectory objects using the same Directory connection.

Returns:
the JNDI DirContext handle
Throws:
javax.naming.NamingException - thrown if the directory is not accessable

Search

public javax.naming.NamingEnumeration Search(java.lang.String searchBase,
                                             java.lang.String searchExpr)
                                      throws javax.naming.NamingException
Searches the Directory for a given entry within a searchbase hierarchy.

Search performs a search operation on the JNDI context, using the given searchBase, searchExpr parameters, and a subtree scope. The results are returned as a NamingEnumeration.

Parameters:
searchBase - the starting point for the search
searchExpr - the search expression
Returns:
a NamingEnumeration
Throws:
javax.naming.NamingException - thrown if the entry is not found, or if the search expression is not formatted correctly

Search

public byte[][] Search(java.lang.String searchBase,
                       java.lang.String searchExpr,
                       java.lang.String attributeToFind)
                throws javax.naming.NamingException
Searches the Directory for a given attribute within a searchbase hierarchy.

Search performs a search operation on the JNDI context, using the given searchBase, searchExpr parameters, and a subtree scope. The results are searched for the specified attributeToFind and, if found, the method returns the matching attributes. If the attributeToFind is not found, the method returns null.

Parameters:
searchBase - the starting point for the search
searchExpr - the search expression
attributeToFind - the attribute to be extracted from the entry
Returns:
the attribute as a byte array
Throws:
javax.naming.NamingException - thrown if the entry is not found or the search expression is malformed

getAttr

public byte[][] getAttr(java.lang.String DN,
                        java.lang.String attributeToFind)
                 throws javax.naming.NamingException
Search the Directory for a given attribute within a DN entry.

This method is required to implement the IX509Directory interface. The desired attributes (usually userCertificate, caCertificate, or crossCertificatePair) are extracted from the Directory at the location specified by the Distinguished Name, DN.

Specified by:
getAttr in interface LdapDirectory
Parameters:
DN - the distinguished name of the entry
attributeToFind - the attribute to be extracted from the entry
Returns:
the attributes as a byte array
Throws:
javax.naming.NamingException - thrown if the attribute is not found or the search expression is malformed

getCRLs

public X509CRL[] getCRLs(java.lang.String distributionPoint,
                         boolean wantARL)
                  throws javax.naming.NamingException,
                         CRLException
Finds the CRLs or ARLs from a distribution point

This method is required to implement the IX509Directory interface. It is called during the certificate path validation process to retrieve all of the revocation lists from a specific CRL Distribution Point.

Specified by:
getCRLs in interface LdapDirectory
Parameters:
distributionPoint - the name of the distribution point
wantARL - a flag indicating whether an ARL (true) or CRL (false) is required
Returns:
the array of CRLs or ARLs found at the distribution point
Throws:
javax.naming.NamingException - thrown if the CRL is not found or the search expression is cot formatted correctly
CRLException - if the CRL cannot be parsed.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES
SUMMARY:  INNER | FIELD | CONSTR | METHOD DETAIL:  FIELD | CONSTR | METHOD