Authenticating with the Registry

The Registry uses certificate authentication, so to submit data to the Registry you must have a certificate. You must also use the User Registration Wizard of the Web Console to create a user who can submit data to the Registry. See Getting Access to the Registry for details.

Before a client can submit data, the client must send its certificate to the Registry in a set of credentials. The following code fragment shows how to perform this task. You need to specify the following required values to obtain credentials:

• The keystore path, the full path to the file, typically keystore.jks, in which the certificate key is stored

• The keystore password, typically ebxmlrr

• The user name and password that you chose when you registered using the Wizard

Typically, you would retrieve the four required values from a resource bundle, and you would encapsulate much of the code in a method.

String keystorePath = "myKeystorePath";
String storepass = "myStorepass";
String alias = "myAlias";
String keypass = myKeypass");

Set credentials = new HashSet();
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new BufferedInputStream(
    new FileInputStream(keystorePath)),
     storepass.toCharArray());
X509Certificate cert = (X509Certificate)
     keyStore.getCertificate(alias);
PrivateKey privateKey =
     (PrivateKey) keyStore.getKey(alias, keypass.toCharArray());
credentials.add(new X500PrivateCredential(cert, privateKey,
    alias));
connection.setCredentials(credentials);

If the setCredentials method succeeds, you are logged in to the Registry and can publish objects.

The sample programs that authenticate with the Registry all call a method named getCredentialsFromKeystore that contains this code. The method is defined in the file <INSTALL>/registry/samples/common/src/RegistryCredentials.java.