|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.novell.zos.jdl.CredentialManager
public class CredentialManager
Interface into the CredentialManager.
This class is only available in a joblet context. Also, only users in the administrator group or the system user are allowed access to these methods From this class you can add, get, update and delete credentials that are stored in an encrypted store on the PSO server. You can access the credentials stored on the PSO server with the following code:credMgr = CredentialManager() print "Adding a new secret" credMgr.addCredential("credentialName", "credentialType", "username", "secret", True) secret = credMgr.getCredential("credentialName").secret print "Stored password: %s" % secretAccessing stored certificates is similar:
credMgr.addCertificateFromUrl("testCert", "testGroup", "https://your.server.com", True) localFilename = credMgr.getCertificate('testCert') print "file returned: %s " % localFilename
Constructor Summary | |
---|---|
CredentialManager()
Initialize a new CredentialManager instance |
Method Summary | |
---|---|
void |
addCertificate(java.lang.String name,
java.lang.String group,
java.lang.String file)
Add a certificate to the cert store. |
void |
addCertificate(java.lang.String name,
java.lang.String group,
java.lang.String file,
boolean overwrite)
Add a certificate to the cert store. |
void |
addCertificateFromUrl(java.lang.String name,
java.lang.String group,
java.lang.String url)
Add a certificate, gathered from the specified https server, to the credential store, without overwriting any existing certificate. |
void |
addCertificateFromUrl(java.lang.String name,
java.lang.String group,
java.lang.String url,
boolean overwrite)
Add a certificate, gathered from the specified https server, to the credential store. |
Credential |
addCredential(Credential credential)
Add a new credential entry with the specified Credential. |
Credential |
addCredential(Credential credential,
boolean overwrite)
Add a new or update an existing credential entry with the specified Credential. |
Credential |
addCredential(java.lang.String name,
java.lang.String type,
java.lang.String user,
java.lang.String secret)
Add a new credential with the specified characteristics. |
Credential |
addCredential(java.lang.String name,
java.lang.String type,
java.lang.String user,
java.lang.String pass,
boolean overwrite)
Add a new or update an existing credential with the specified characteristics. |
void |
addSecurityItem(java.lang.String name,
java.lang.String group,
java.lang.String file,
boolean overwrite)
|
void |
deleteCertificate(java.lang.String name)
Delete a certificate from the credential store. |
void |
deleteCredential(java.lang.String name)
Delete the credential with the specified name. |
org.python.core.PyString |
getCertificate(java.lang.String name)
Get the certificate, as a pem encoded file, with the given name. |
org.python.core.PyList |
getCertificateGroups()
Get a list of the currently known certificate groups |
Credential |
getCredential(java.lang.String name)
Get a credential with the specified name |
org.python.core.PyList |
getCredentials(java.lang.String type)
Get a list of all the credentials with the specified type |
org.python.core.PyList |
getCredentialTypes()
Get a list of the known credential types stored in the CredentialManager |
org.python.core.PyString |
getSecurityItemFile(java.lang.String[] groups,
java.lang.String filename)
Create a file containing all of the security items in the specified groups. |
org.python.core.PyString |
getTrustStore(java.lang.String[] groups)
Create a jks trust store containing all of the certificates in the specified groups. |
org.python.core.PyString |
getTrustStore(java.lang.String[] groups,
java.lang.String filename,
java.lang.String desiredPassword)
Create a jks trust store containing all of the certificates in the specified groups. |
Methods inherited from class java.lang.Object |
---|
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CredentialManager()
Method Detail |
---|
public Credential getCredential(java.lang.String name)
name
- The name of the credential to retrieve
Credential
object with the specified name. If no credential exists for the
specified name, an exception will be thrown.public org.python.core.PyList getCredentials(java.lang.String type)
type
- the type of credential to return
type
field equals the string specified.
If there are no credentials of the specified type, an empty list is returnedpublic Credential addCredential(java.lang.String name, java.lang.String type, java.lang.String user, java.lang.String secret)
name
- The name (or id) of the new credentialtype
- The desired type of credential. This can be any string, but can be used to group similar
credentials (e.g. amazon-ec2 credentials)user
- The user stringsecret
- the unencrypted secret
public Credential addCredential(java.lang.String name, java.lang.String type, java.lang.String user, java.lang.String pass, boolean overwrite)
name
- The name (or id) of the new credentialtype
- The desired type of credential. This can be any string, but can be used to group similar
credentials (e.g. amazon-ec2 credentials)user
- The user stringsecret
- the unencrypted secretoverwrite
- specify whether or not to update any existing credential with the same name.
public Credential addCredential(Credential credential)
credential
- The credential object to persist to the credential store
public Credential addCredential(Credential credential, boolean overwrite)
credential
- The credential object to persist to the credential storeoverwrite
- specify whether or not to update any existing credential with the same name.
public void deleteCredential(java.lang.String name)
name
- the name of the credential to be deletedpublic org.python.core.PyList getCredentialTypes()
public org.python.core.PyString getTrustStore(java.lang.String[] groups)
trustStore.jks
and the store's password will be password
groups
- the name(s) of the group(s) to include in the generated jks store.
public org.python.core.PyString getTrustStore(java.lang.String[] groups, java.lang.String filename, java.lang.String desiredPassword)
filename
and the store's password will be desiredPassword
groups
- the name(s) of the group(s) to include in the generated jks store.filename
- the desired filename of the jks storedesiredPassword
- the password used to secure the jks store
public org.python.core.PyString getSecurityItemFile(java.lang.String[] groups, java.lang.String filename)
filename
groups
- the name(s) of the group(s) to include in the generated filefilename
- the desired filename of the security item file
public void addCertificate(java.lang.String name, java.lang.String group, java.lang.String file)
name
- the identifying name of the certificategroup
- an optional group for the certificatefile
- the local file containing the certificate. If the file is not a valid certificate file an exception
will be thrownpublic void addCertificate(java.lang.String name, java.lang.String group, java.lang.String file, boolean overwrite)
name
- the identifying name of the certificategroup
- an optional group for the certificatefile
- the local file containing the certificate. If the file is not a valid certificate file an exception
will be thrownoverwrite
- specify whether or not to overwrite any existing certificate with the specified name. If
false and a certificate is already associated with the specified name, an exception will be thrownpublic void addCertificateFromUrl(java.lang.String name, java.lang.String group, java.lang.String url)
name
- the identifying name of the certificategroup
- an optional group for the certificateurl
- the url of the server from which to gather the certificate. The string https://
,
if not present in url, is added. Port 443 is assumed unless specified in url (e.g. https://yourServer:8443)public void addCertificateFromUrl(java.lang.String name, java.lang.String group, java.lang.String url, boolean overwrite)
name
- the identifying name of the certificategroup
- an optional group for the certificateurl
- the url of the server from which to gather the certificate. The string https://
,
if not present in url, is added. Port 443 is assumed unless specified in url (e.g. https://yourServer:8443)overwrite
- specify whether or not to overwrite any existing certificate with the specified name. If
false and a certificate is already associated with the specified name, an exception will be thrownpublic void addSecurityItem(java.lang.String name, java.lang.String group, java.lang.String file, boolean overwrite)
public org.python.core.PyList getCertificateGroups()
public org.python.core.PyString getCertificate(java.lang.String name)
name
- The name of the certificate to retrieve
public void deleteCertificate(java.lang.String name)
name
- the name of the certificate to delete
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |