public class JSSESocketFactory extends java.lang.Object implements ServerSocketFactory, SSLUtil
Modifier and Type | Field and Description |
---|---|
protected boolean |
allowUnsafeLegacyRenegotiation |
static java.lang.String |
DEFAULT_KEY_PASS |
protected java.lang.String[] |
enabledCiphers |
protected java.lang.String[] |
enabledProtocols |
protected boolean |
requireClientAuth
Flag to state that we require client authentication.
|
protected javax.net.ssl.SSLServerSocketFactory |
sslProxy |
protected boolean |
wantClientAuth
Flag to state that we would like client authentication.
|
Constructor and Description |
---|
JSSESocketFactory(AbstractEndpoint<?> endpoint) |
Modifier and Type | Method and Description |
---|---|
java.net.Socket |
acceptSocket(java.net.ServerSocket socket)
Wrapper function for accept().
|
protected void |
configureClientAuth(javax.net.ssl.SSLServerSocket socket)
Configure Client authentication for this version of JSSE.
|
void |
configureSessionContext(javax.net.ssl.SSLSessionContext sslSessionContext) |
protected void |
configureUseServerCipherSuitesOrder(javax.net.ssl.SSLServerSocket socket)
Configures SSLEngine to honor cipher suites ordering based upon
endpoint configuration.
|
java.net.ServerSocket |
createSocket(int port)
Returns a server socket which uses all network interfaces on the host,
and is bound to a the specified port.
|
java.net.ServerSocket |
createSocket(int port,
int backlog)
Returns a server socket which uses all network interfaces on the host, is
bound to a the specified port, and uses the specified connection backlog.
|
java.net.ServerSocket |
createSocket(int port,
int backlog,
java.net.InetAddress ifAddress)
Returns a server socket which uses only the specified network interface
on the local host, is bound to a the specified port, and uses the
specified connection backlog.
|
javax.net.ssl.SSLContext |
createSSLContext() |
protected java.util.Collection<? extends java.security.cert.CRL> |
getCRLs(java.lang.String crlf)
Load the collection of CRLs.
|
java.lang.String[] |
getEnableableCiphers(javax.net.ssl.SSLContext context)
Determines the SSL cipher suites that can be enabled, based on the
configuration of the endpoint and the ciphers supported by the SSL
implementation.
|
java.lang.String[] |
getEnableableProtocols(javax.net.ssl.SSLContext context)
Determines the SSL protocol variants that can be enabled, based on the
configuration of the endpoint and the ciphers supported by the SSL
implementation.
|
javax.net.ssl.KeyManager[] |
getKeyManagers() |
protected javax.net.ssl.KeyManager[] |
getKeyManagers(java.lang.String keystoreType,
java.lang.String keystoreProvider,
java.lang.String algorithm,
java.lang.String keyAlias)
Gets the initialized key managers.
|
protected java.security.KeyStore |
getKeystore(java.lang.String type,
java.lang.String provider,
java.lang.String pass) |
protected java.lang.String |
getKeystorePassword() |
protected java.security.cert.CertPathParameters |
getParameters(java.lang.String algorithm,
java.lang.String crlf,
java.security.KeyStore trustStore)
Return the initialization parameters for the TrustManager.
|
javax.net.ssl.TrustManager[] |
getTrustManagers() |
protected javax.net.ssl.TrustManager[] |
getTrustManagers(java.lang.String keystoreType,
java.lang.String keystoreProvider,
java.lang.String algorithm)
Gets the initialized trust managers.
|
protected java.security.KeyStore |
getTrustStore(java.lang.String keystoreType,
java.lang.String keystoreProvider) |
void |
handshake(java.net.Socket sock)
Triggers the SSL handshake.
|
public static final java.lang.String DEFAULT_KEY_PASS
protected javax.net.ssl.SSLServerSocketFactory sslProxy
protected java.lang.String[] enabledCiphers
protected java.lang.String[] enabledProtocols
protected boolean allowUnsafeLegacyRenegotiation
protected boolean requireClientAuth
protected boolean wantClientAuth
public JSSESocketFactory(AbstractEndpoint<?> endpoint)
public java.net.ServerSocket createSocket(int port) throws java.io.IOException
ServerSocketFactory
createSocket
in interface ServerSocketFactory
port
- the port to listen tojava.io.IOException
- for networking errorspublic java.net.ServerSocket createSocket(int port, int backlog) throws java.io.IOException
ServerSocketFactory
createSocket
in interface ServerSocketFactory
port
- the port to listen tobacklog
- how many connections are queuedjava.io.IOException
- for networking errorspublic java.net.ServerSocket createSocket(int port, int backlog, java.net.InetAddress ifAddress) throws java.io.IOException
ServerSocketFactory
createSocket
in interface ServerSocketFactory
port
- the port to listen tobacklog
- how many connections are queuedifAddress
- the network interface address to usejava.io.IOException
- for networking errorspublic java.net.Socket acceptSocket(java.net.ServerSocket socket) throws java.io.IOException
ServerSocketFactory
acceptSocket
in interface ServerSocketFactory
java.io.IOException
public void handshake(java.net.Socket sock) throws java.io.IOException
ServerSocketFactory
handshake
in interface ServerSocketFactory
java.io.IOException
public java.lang.String[] getEnableableCiphers(javax.net.ssl.SSLContext context)
SSLUtil
getEnableableCiphers
in interface SSLUtil
context
- An initialized context to obtain the supported ciphers from.protected java.lang.String getKeystorePassword()
protected java.security.KeyStore getKeystore(java.lang.String type, java.lang.String provider, java.lang.String pass) throws java.io.IOException
java.io.IOException
protected java.security.KeyStore getTrustStore(java.lang.String keystoreType, java.lang.String keystoreProvider) throws java.io.IOException
java.io.IOException
public javax.net.ssl.SSLContext createSSLContext() throws java.lang.Exception
createSSLContext
in interface SSLUtil
java.lang.Exception
public javax.net.ssl.KeyManager[] getKeyManagers() throws java.lang.Exception
getKeyManagers
in interface SSLUtil
java.lang.Exception
public javax.net.ssl.TrustManager[] getTrustManagers() throws java.lang.Exception
getTrustManagers
in interface SSLUtil
java.lang.Exception
public void configureSessionContext(javax.net.ssl.SSLSessionContext sslSessionContext)
configureSessionContext
in interface SSLUtil
protected javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String keystoreType, java.lang.String keystoreProvider, java.lang.String algorithm, java.lang.String keyAlias) throws java.lang.Exception
java.lang.Exception
protected javax.net.ssl.TrustManager[] getTrustManagers(java.lang.String keystoreType, java.lang.String keystoreProvider, java.lang.String algorithm) throws java.lang.Exception
java.lang.Exception
protected java.security.cert.CertPathParameters getParameters(java.lang.String algorithm, java.lang.String crlf, java.security.KeyStore trustStore) throws java.lang.Exception
PKIX
is supported.algorithm
- The algorithm to get parameters for.crlf
- The path to the CRL file.trustStore
- The configured TrustStore.java.lang.Exception
protected java.util.Collection<? extends java.security.cert.CRL> getCRLs(java.lang.String crlf) throws java.io.IOException, java.security.cert.CRLException, java.security.cert.CertificateException
java.io.IOException
java.security.cert.CRLException
java.security.cert.CertificateException
public java.lang.String[] getEnableableProtocols(javax.net.ssl.SSLContext context)
SSLUtil
getEnableableProtocols
in interface SSLUtil
context
- An initialized context to obtain the supported protocols from.protected void configureClientAuth(javax.net.ssl.SSLServerSocket socket)
socket
- the SSLServerSocketprotected void configureUseServerCipherSuitesOrder(javax.net.ssl.SSLServerSocket socket)
InvalidAlgorithmParameterException
- If the runtime JVM doesn't
support this setting.Copyright © 2000-2015 Apache Software Foundation. All Rights Reserved.