Package net.sf.basedb.core
Class FileServer
- All Implemented Interfaces:
AccessControlled
,Annotatable
,Identifiable
,Nameable
,Ownable
,Removable
,Shareable
This class represents a file server that is used to store
external files. A
File
should be associated with a file
server if authentication is required to access the file.- Since:
- 2.16
- Author:
- Nicklas
- Last modified
- $Date $
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
The length of the SSH fingerprint that can be stored in the database.static final Pattern
Deprecated.static final String
The fingerprint is a MD5 fingprint.static final String
The fingerprint is a SHA256 fingprint.static final int
The maximum length of the server certificate that can be stored in the database.static final int
The maximum length of the connection manager factory id that can be stored in the database.static final int
The maximum length of the SSH private key format path that can be stored in the database.static final int
The maximum length of the host name:port that can be stored in the database.static final int
The maximum length of the password that can be stored in the database.static final int
The maximum length of the SSH private key that can be stored in the database.static final int
The maximum length of the root path that can be stored in the database.static final int
The maximum length of the username that can be stored in the database.static final Pattern
Pattern that matches a SSH MD5 fingerprint: 16 pairs of hexadecimal numbers separated with colon.static final Pattern
Pattern that matches a SSH SHa256 fingerprint in BASE64 encoding (padding is optional).static final Item
The type of item represented by this class.Fields inherited from interface net.sf.basedb.core.Nameable
MAX_DESCRIPTION_LENGTH, MAX_NAME_LENGTH
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGet all parents objects which are annotatable and the logged in user has read permission to.static FileServer
Get aFileServer
item when you know the ID.byte[]
Get the client certificate that BASE should use to authenticate with the server when connecting with https.Get the password that is needed to unlock the client certificate.Get the X.509 certificate for the client.Get the ID of the connection manager factory that should be used to access file contents and metadata.(package private) FileServerData
getData()
Get theBasicData
object that holds all data for this item.getFiles()
Get a query returning all files that has been registered with this server.Get the type of the SSH fingerprint.getHost()
Get the name:port of the host that should override the host:port in the file url for files using this file server.static FileServer
Create a newFileServer
item.Get the password that is used when authenticating with the file server.static ItemQuery<FileServer>
getQuery()
Get a new query object for this class.byte[]
Get the public server certificate that indicates that we should only trust the server if it can present a certificate that matches this.Get the X.509 certificate for the server.byte[]
Get the private key that BASE should use to authenticate with the server when connecting with SSH.Get the format of the SSH private key.Get the password that is needed to unlock the SSH private key.org.apache.http.conn.ssl.SSLConnectionSocketFactory
Get a socket factory that can be used to create SSL connections to the given server.getType()
Get the type of item represented by the object.Get the username that is required to authenticate with the file server.Get all files registered with this server.boolean
Is a password set or not?boolean
Check if a SSH private key has been set on this file server.boolean
isUsed()
Checks if there are files registered with this server.void
setClientCertificate
(byte[] certificate) Set the client certificate that BASE should use to authenticate with the server when connecting with https.void
setClientCertificatePassword
(String password) Set the password that is needed to unlock the client certificate.void
setConnectionManagerFactoryId
(String factoryId) Set the ID of the connection manager factory.void
Set the host:port that should overrride the host:port specified in file urls.void
setPassword
(String password) Set the password to use when authenticating with the file server.void
setRootPath
(String rootPath) Set the root path that should be added to all URI:s when used with this file server.void
setServerCertificate
(byte[] certificate) Set the public server certificate so that BASE can trust https connections to the server.void
setSshFingerprint
(String fingerprint) Set the SSH fingerprint for the server.void
setSshPrivateKey
(byte[] privateKey) Set the private that BASE should use to authenticate with the server when connecting with SSH.void
setSshPrivateKeyFormat
(String format) Set the format of the SSH private key.void
setSshPrivateKeyPassword
(String password) Set the password that is needed to unlock the SSH private key.void
setUsername
(String username) Set the username that is required to authenticate with the file server.Methods inherited from class net.sf.basedb.core.AnnotatedItem
getAnnotationSet, getProtocol, isAnnotated, removeAnnotations
Methods inherited from class net.sf.basedb.core.CommonItem
getDescription, getName, getRemovedBy, isRemoved, setDescription, setName, setRemoved
Methods inherited from class net.sf.basedb.core.SharedItem
getItemKey, getProjectKey, initPermissions, isShared, onBeforeCommit, setItemKey, setProjectKey
Methods inherited from class net.sf.basedb.core.OwnedItem
getOwner, isOwner, setOwner, takeOwnership
Methods inherited from class net.sf.basedb.core.BasicItem
addAnnotatableParents, addUsingItems, addUsingItems, breakCircularReferences, checkBatchAnnotatableUsage, checkPermission, equals, getBasicData, getDbControl, getId, getPermissions, getPluginPermissions, getSessionControl, getVersion, hashCode, hasPermission, isDetached, isInDatabase, onAfterCommit, onAfterInsert, onRollback, setDbControl, setProjectDefaults, toString, validate
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
Methods inherited from interface net.sf.basedb.core.AccessControlled
checkPermission, getPermissions, hasPermission
Methods inherited from interface net.sf.basedb.core.Identifiable
getId, getVersion
Methods inherited from interface net.sf.basedb.core.Ownable
getOwner, isOwner, setOwner, takeOwnership
-
Field Details
-
TYPE
The type of item represented by this class.- See Also:
-
MD5_FINGERPRINT_PATTERN
Pattern that matches a SSH MD5 fingerprint: 16 pairs of hexadecimal numbers separated with colon.- Since:
- 3.11
-
SHA256_FINGERPRINT_PATTERN
Pattern that matches a SSH SHa256 fingerprint in BASE64 encoding (padding is optional).- Since:
- 3.11
-
FINGERPRINT_PATTERN
Deprecated.In 3.11, useMD5_FINGERPRINT_PATTERN
insteadPattern that matches a SSH fingerprint: 16 pairs of hexadecimal numbers separated with colon.- Since:
- 3.3
-
FINGERPRINT_TYPE_MD5
The fingerprint is a MD5 fingprint.- Since:
- 3.11
- See Also:
-
FINGERPRINT_TYPE_SHA256
The fingerprint is a SHA256 fingprint.- Since:
- 3.11
- See Also:
-
MAX_CONNECTION_MANAGER_FACTORY_LENGTH
public static final int MAX_CONNECTION_MANAGER_FACTORY_LENGTHThe maximum length of the connection manager factory id that can be stored in the database. -
MAX_HOST_LENGTH
public static final int MAX_HOST_LENGTHThe maximum length of the host name:port that can be stored in the database.- Since:
- 3.0
- See Also:
-
MAX_USERNAME_LENGTH
public static final int MAX_USERNAME_LENGTHThe maximum length of the username that can be stored in the database.- See Also:
-
MAX_PASSWORD_LENGTH
public static final int MAX_PASSWORD_LENGTHThe maximum length of the password that can be stored in the database.- See Also:
-
MAX_ROOT_PATH_LENGTH
public static final int MAX_ROOT_PATH_LENGTHThe maximum length of the root path that can be stored in the database.- Since:
- 3.3
- See Also:
-
FINGERPRINT_LENGTH
public static final int FINGERPRINT_LENGTHThe length of the SSH fingerprint that can be stored in the database.- Since:
- 3.3
- See Also:
-
MAX_FORMAT_LENGTH
public static final int MAX_FORMAT_LENGTHThe maximum length of the SSH private key format path that can be stored in the database.- Since:
- 3.13
- See Also:
-
MAX_CERTIFICATE_LENGTH
public static final int MAX_CERTIFICATE_LENGTHThe maximum length of the server certificate that can be stored in the database. -
MAX_PRIVATE_KEY_LENGTH
public static final int MAX_PRIVATE_KEY_LENGTHThe maximum length of the SSH private key that can be stored in the database.- Since:
- 3.13
- See Also:
-
-
Constructor Details
-
FileServer
FileServer(FileServerData data)
-
-
Method Details
-
getNew
Create a newFileServer
item.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access- Returns:
- The new
FileServer
item - Throws:
BaseException
- If there is an error
-
getById
public static FileServer getById(DbControl dc, int id) throws ItemNotFoundException, PermissionDeniedException, BaseException Get aFileServer
item when you know the ID.- Parameters:
dc
- TheDbControl
which will be used for permission checking and database access.id
- The ID of the item to load- Returns:
- The
FileServer
item - Throws:
ItemNotFoundException
- If an item with the specified ID is not foundPermissionDeniedException
- If the logged in user doesn't havePermission.READ
permission to the itemBaseException
- If there is another error
-
getQuery
Get a new query object for this class.- Returns:
- An
ItemQuery
object
-
getData
FileServerData getData()Description copied from class:BasicItem
Get theBasicData
object that holds all data for this item.- Overrides:
getData
in classAnnotatedItem
-
getType
Description copied from interface:Identifiable
Get the type of item represented by the object. The returned value is one of the values defined in theItem
enumeration.- Returns:
- A value indicating the type of item
-
isUsed
Checks if there are files registered with this server.- Overrides:
isUsed
in classBasicItem
- Returns:
- TRUE if this item is used, FALSE otherwise
- Throws:
BaseException
- If there is another error- See Also:
-
getUsingItems
Get all files registered with this server.- Overrides:
getUsingItems
in classBasicItem
- Returns:
- A set containing proxies for the items, or an empty set if no items are using this item
- See Also:
-
getAnnotatableParents
Description copied from interface:Annotatable
Get all parents objects which are annotatable and the logged in user has read permission to. If the item doesn't have any annotatable parents, it may return null or an empty set. The method should only return the immediate parent(s), not parents to parents, etc. As of BASE 3.1 this method may also return child items if the child item is aSubtypable
item that has a subtype with theItemSubtype.getPushAnnotations()
flag set.- Returns:
- A set containing annotatable items, or null
-
getConnectionManagerFactoryId
Get the ID of the connection manager factory that should be used to access file contents and metadata. A null value mean that auto-detection based on the file URI should be used.- Returns:
- An ID or null if using auto-detection
-
setConnectionManagerFactoryId
public void setConnectionManagerFactoryId(String factoryId) throws PermissionDeniedException, InvalidDataException Set the ID of the connection manager factory.- Parameters:
factoryId
- The new ID of the factory, null if using auto-detection- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the ID is longer thanMAX_CONNECTION_MANAGER_FACTORY_LENGTH
-
getHost
Get the name:port of the host that should override the host:port in the file url for files using this file server.- Returns:
- A string or null if no override should be done.
- Since:
- 3.0
-
setHost
Set the host:port that should overrride the host:port specified in file urls.- Parameters:
host
- The host:port or null to not override- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the host is longer thanMAX_HOST_LENGTH
or is an invalid host name + port- Since:
- 3.0
-
getUsername
Get the username that is required to authenticate with the file server.- Returns:
- A username or null if authentication is not required
-
setUsername
Set the username that is required to authenticate with the file server.- Parameters:
username
- The new username, null if not authentication is required- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the username is longer thanMAX_USERNAME_LENGTH
-
getPassword
Get the password that is used when authenticating with the file server. NOTE! Write permission is required to read the password.- Returns:
- The password (which may be null)
- See Also:
-
hasPassword
public boolean hasPassword()Is a password set or not? -
setPassword
Set the password to use when authenticating with the file server.- Parameters:
password
- The new password (can be null)- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the password is longer thanMAX_PASSWORD_LENGTH
-
getServerCertificate
public byte[] getServerCertificate()Get the public server certificate that indicates that we should only trust the server if it can present a certificate that matches this. This property is typically only needed to access servers using https that has a self-signed certificate. Servers which has a valid certificate signed by a trusted certification authority should be automatically trusted by BASE without setting this property. The certificate must be a X.509 certificate in either binary or base64-encoded DER format.- Returns:
- A byte array with the certificate or null if no certificate has been set
- See Also:
-
setServerCertificate
public void setServerCertificate(byte[] certificate) Set the public server certificate so that BASE can trust https connections to the server. SeegetServerCertificate()
for more information. The certificate must be a X.509 certificate in either binary or base64-encoded DER format.- Parameters:
certificate
- The server certificate or null if no certificate is required
-
getServerX509Certificate
Get the X.509 certificate for the server.- Returns:
- The server certificate or null if no certificate has been specified
-
getClientCertificate
public byte[] getClientCertificate()Get the client certificate that BASE should use to authenticate with the server when connecting with https. This property is typically needed when the server requires clients to authenticate themselves using a certificate. The certificate must be a PKCS #12 certificate in binary format, and it should contain only one certificate. NOTE! WRITE permission is required to read this property since it may contain sensitive data, usegetClientX509Certificate()
to get the public information from the certificate.- Returns:
- A byte array with the certificate or null if no certificate has been set
- See Also:
-
setClientCertificate
public void setClientCertificate(byte[] certificate) Set the client certificate that BASE should use to authenticate with the server when connecting with https. The certificate must be a PKCS #12 certificate in binary format, and it should contain only one certificate.- Parameters:
certificate
- The client certificate or null if no certificate is required
-
getClientX509Certificate
Get the X.509 certificate for the client.- Returns:
- The client certificate or null if no certificate has been specified
-
getClientCertificatePassword
Get the password that is needed to unlock the client certificate. NOTE! WRITE permission is required to read this property.- Returns:
- The password (which may be null)
-
setClientCertificatePassword
public void setClientCertificatePassword(String password) throws PermissionDeniedException, InvalidDataException Set the password that is needed to unlock the client certificate.- Parameters:
password
- The new password (can be null)- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the password is longer thanMAX_PASSWORD_LENGTH
-
hasSshPrivateKey
public boolean hasSshPrivateKey()Check if a SSH private key has been set on this file server.- Since:
- 3.13
-
getSshPrivateKey
public byte[] getSshPrivateKey()Get the private key that BASE should use to authenticate with the server when connecting with SSH. This can be used as an alternate to password authentication. Note that BASE has no built-in support for SSH connections. See http://baseplugins.thep.lu.se/wiki/net.sf.basedb.xfiles for an extension which includes support for SSH.NOTE! WRITE permission is required to read this property since it may contain sensitive data.
- Returns:
- A byte array with the private key or null if no private key has been set
- Since:
- 3.13
-
setSshPrivateKey
public void setSshPrivateKey(byte[] privateKey) Set the private that BASE should use to authenticate with the server when connecting with SSH.- Parameters:
privateKey
- The private key data or null if no private key is required- Since:
- 3.13
-
getSshPrivateKeyPassword
Get the password that is needed to unlock the SSH private key. NOTE! WRITE permission is required to read this property.- Returns:
- The password (which may be null)
- Since:
- 3.13
-
setSshPrivateKeyPassword
public void setSshPrivateKeyPassword(String password) throws PermissionDeniedException, InvalidDataException Set the password that is needed to unlock the SSH private key.- Parameters:
password
- The new password (can be null)- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the password is longer thanMAX_PASSWORD_LENGTH
- Since:
- 3.13
-
getSshPrivateKeyFormat
Get the format of the SSH private key.- Returns:
- The format (which may be null to use auto-detection)
- Since:
- 3.13
-
setSshPrivateKeyFormat
public void setSshPrivateKeyFormat(String format) throws PermissionDeniedException, InvalidDataException Set the format of the SSH private key. Supported values are: PuTTY OpenSSH OpenSSHv1 PKCS5 PKCS8- Parameters:
format
- The private key format or null to use auto-detection- Throws:
PermissionDeniedException
- If the logged in user doesn't have write permissionInvalidDataException
- If the password is longer thanMAX_FORMAT_LENGTH
- Since:
- 3.13
-
getRootPath
- Since:
- 3.3
- See Also:
-
setRootPath
Set the root path that should be added to all URI:s when used with this file server. Eg. if URI specify http://myhost.com/path/to/file it is converted to http://myhost.com/rootPath/path/to/file- Parameters:
rootPath
- The root path or null to not use any root path- Since:
- 3.3
-
getSshFingerprint
- Since:
- 3.3
- See Also:
-
setSshFingerprint
Set the SSH fingerprint for the server. Connections made to the server with SSH should be verified against this fingerprint to protect against man-in-the-middle attacks. If no fingerprint is present, the implementation may choose to reject or accept all connections.- Parameters:
fingerprint
- The fingerprint or null to not use fingerprint- Since:
- 3.3
-
getFingerprintType
Get the type of the SSH fingerprint.- Returns:
- The fingerprint type or null if not known
- Since:
- 3.11
-
getSSLSocketFactory2
public org.apache.http.conn.ssl.SSLConnectionSocketFactory getSSLSocketFactory2()Get a socket factory that can be used to create SSL connections to the given server. If a server and/or client certificate has been specified for this file server the socket factory will be created with those certificates. Otherwise, the default (as configured in base.config) certificates are used.- Returns:
- A SSL socket factory
-
getFiles
Get a query returning all files that has been registered with this server.
-
MD5_FINGERPRINT_PATTERN
instead