Class DefaultCredentialMonitorBean
- All Implemented Interfaces:
InitializingBean
,CredentialMonitorBean
CredentialMonitorBean
interface.
The bean can be configured to monitor one, or several, credentials. Note that the credentials being tested must
implement the ReloadablePkiCredential
interface and have a test function installed
(ReloadablePkiCredential.getTestFunction()
must not be null
.
The reason for performing monitoring of credentials is to detect, and possibly fix, the cases where a credential
becomes non-functional. This may typically happen if a credential that resides on a hardware device is used. The
connection to the device may get lost, and may be fixed by a re-connect. Those types of credentials takes care of
their own reloading by implementing ReloadablePkiCredential.reload()
.
Since testing a credential, especially those residing on hardware devices, may be a relatively costly operation, the
monitor bean also supports configuring "additional credentials for reload" (setAdditionalForReload(List)
).
The use case here is that one credential is configured to be monitored (tested), and if this test fails, we try to
reload this credential, but also the "additional credentials for reload". This case may be used if we know that we
have a set of credentials that all reside on the same device, and if one is non-functional the others will not work
either (bacause of a connection failure). In this case we save computing power and keep testing only one credential,
and if that one fails, reloads not only the failing credential but the other ones as well.
- Author:
- Martin Lindström (martin@idsec.se), Stefan Santesson (stefan@idsec.se)
-
Constructor Summary
ConstructorDescriptionDefault constructor.DefaultCredentialMonitorBean
(List<ReloadablePkiCredential> credentials) Constructor setting up monitoring of the supplied credentials.DefaultCredentialMonitorBean
(ReloadablePkiCredential credential) Constructor setting up monitoring of a single credential.DefaultCredentialMonitorBean
(ReloadablePkiCredential credential, List<ReloadablePkiCredential> additionalForReload) Constructor setting up monitoring of a single credential. -
Method Summary
Modifier and TypeMethodDescriptionvoid
protected void
reload
(ReloadablePkiCredential credential) Performs reloading of the supplied credential.void
setAdditionalForReload
(List<ReloadablePkiCredential> additionalForReload) Assigns the a list of additional credentials that should be reloaded if a test fails.void
setCredential
(ReloadablePkiCredential credential) Assigns the credential that should be monitored.void
setCredentials
(List<ReloadablePkiCredential> credentials) Assigns the credentials that should be monitored.void
setFailureCallback
(BiFunction<ReloadablePkiCredential, Exception, Boolean> failureCallback) Assigns callback function that is invoked if the test of a credential fails.void
setReloadFailureCallback
(BiConsumer<ReloadablePkiCredential, Exception> reloadFailureCallback) Assigns a callback function that is invoked if the reloading of a failed credential fails.void
setReloadSuccessCallback
(Consumer<ReloadablePkiCredential> reloadSuccessCallback) Assigns a callback function that is invoked if the reloading of a failed credential was successful.void
test()
Performs testing, and possibly reloading, of the credentials that this monitor bean has been configured to monitor.
-
Constructor Details
-
DefaultCredentialMonitorBean
public DefaultCredentialMonitorBean()Default constructor. -
DefaultCredentialMonitorBean
Constructor setting up monitoring of a single credential. If the test for this credential fails a reload attempt will be made (ReloadablePkiCredential.reload()
).- Parameters:
credential
- the credential to monitor, and possible reload
-
DefaultCredentialMonitorBean
public DefaultCredentialMonitorBean(ReloadablePkiCredential credential, List<ReloadablePkiCredential> additionalForReload) Constructor setting up monitoring of a single credential. Since many credentials may share the same underlying device it may in some cases be efficient to only test one credential, and if that fails reload multiple credentials (residing on the same device). TheadditionalForReload
contains additional credentials to reload if the test ofcredential
fails.- Parameters:
credential
- the credential to monitor, and possible reloadadditionalForReload
- credentials to reload (in addition to the supplied credential)
-
DefaultCredentialMonitorBean
Constructor setting up monitoring of the supplied credentials. If the test call for any credential fails, a reload attempt will be made (ReloadablePkiCredential.reload()
) for this credential.- Parameters:
credentials
- the credentials to monitor, and possible reload
-
-
Method Details
-
test
public void test()Performs testing, and possibly reloading, of the credentials that this monitor bean has been configured to monitor.- Specified by:
test
in interfaceCredentialMonitorBean
-
reload
Performs reloading of the supplied credential. If the reload is successful, the credential is tested again.- Parameters:
credential
- the credential to reload
-
setCredential
Assigns the credential that should be monitored.- Parameters:
credential
- the credential to be monitored
-
setCredentials
Assigns the credentials that should be monitored.- Parameters:
credentials
- the credentials to be monitored
-
setAdditionalForReload
Assigns the a list of additional credentials that should be reloaded if a test fails.- Parameters:
additionalForReload
- additional credentials for reload
-
setFailureCallback
public void setFailureCallback(BiFunction<ReloadablePkiCredential, Exception, Boolean> failureCallback) Assigns callback function that is invoked if the test of a credential fails. This is typically useful if some sort of alarm should be issued for failing credentials. The callback returns a boolean that tells whether we should try to reload the failing credential.The default is to not have a callback. In those case the failure is logged (at error level) and the credential is reloaded. Otherwise, the implementation assumes that the callback handles logging.
- Parameters:
failureCallback
- callback function
-
setReloadSuccessCallback
Assigns a callback function that is invoked if the reloading of a failed credential was successful.- Parameters:
reloadSuccessCallback
- callback function
-
setReloadFailureCallback
public void setReloadFailureCallback(BiConsumer<ReloadablePkiCredential, Exception> reloadFailureCallback) Assigns a callback function that is invoked if the reloading of a failed credential fails. This is typically useful if some sort of alarm should be issued for failing reloads.The default is to not have a callback. In those case the failure is logged (at error level). Otherwise, the implementation assumes that the callback handles logging.
- Parameters:
reloadFailureCallback
- callback function
-
afterPropertiesSet
- Specified by:
afterPropertiesSet
in interfaceInitializingBean
- Throws:
Exception
-