|
Apache Tomcat 6.0.53 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.tomcat.util.net.ServerSocketFactory org.apache.tomcat.util.net.jsse.JSSESocketFactory
public class JSSESocketFactory
SSL server socket factory. It requires a valid RSA key and
JSSE.
keytool -genkey -alias tomcat -keyalg RSA
Use "changeit" as password (this is the default we use).
Field Summary | |
---|---|
protected boolean |
allowUnsafeLegacyRenegotiation
|
protected java.lang.String[] |
enabledCiphers
|
protected boolean |
initialized
|
protected boolean |
requireClientAuth
Flag to state that we require client authentication. |
protected javax.net.ssl.SSLServerSocketFactory |
sslProxy
|
protected boolean |
wantClientAuth
Flag to state that we would like client authentication. |
Fields inherited from class org.apache.tomcat.util.net.ServerSocketFactory |
---|
attributes |
Constructor Summary | |
---|---|
JSSESocketFactory()
|
|
JSSESocketFactory(java.lang.String sslProtocol)
|
Method Summary | |
---|---|
java.net.Socket |
acceptSocket(java.net.ServerSocket socket)
Wrapper function for accept(). |
protected void |
configureClientAuth(javax.net.ssl.SSLServerSocket socket)
Configure Client authentication for this version of JSSE. |
protected void |
configureClientAuth(javax.net.ssl.SSLSocket socket)
Configure Client authentication for this version of JSSE. |
java.net.ServerSocket |
createSocket(int port)
Returns a server socket which uses all network interfaces on the host, and is bound to a the specified port. |
java.net.ServerSocket |
createSocket(int port,
int backlog)
Returns a server socket which uses all network interfaces on the host, is bound to a the specified port, and uses the specified connection backlog. |
java.net.ServerSocket |
createSocket(int port,
int backlog,
java.net.InetAddress ifAddress)
Returns a server socket which uses only the specified network interface on the local host, is bound to a the specified port, and uses the specified connection backlog. |
static java.lang.String[] |
filterInsecureProtocols(java.lang.String[] protocols)
|
protected java.util.Collection<? extends java.security.cert.CRL> |
getCRLs(java.lang.String crlf)
Load the collection of CRLs. |
protected java.lang.String[] |
getEnabledCiphers(java.lang.String requestedCiphersStr,
java.lang.String[] supportedCiphers)
|
protected java.lang.String[] |
getEnabledProtocols(javax.net.ssl.SSLServerSocket socket,
java.lang.String requestedProtocols)
Determines the SSL protocol variants to be enabled. |
protected javax.net.ssl.KeyManager[] |
getKeyManagers(java.lang.String keystoreType,
java.lang.String keystoreProvider,
java.lang.String algorithm,
java.lang.String keyAlias)
Gets the initialized key managers. |
protected java.security.KeyStore |
getKeystore(java.lang.String type,
java.lang.String provider,
java.lang.String pass)
|
protected java.lang.String |
getKeystorePassword()
|
protected java.security.cert.CertPathParameters |
getParameters(java.lang.String algorithm,
java.lang.String crlf,
java.security.KeyStore trustStore)
Return the initialization parameters for the TrustManager. |
protected javax.net.ssl.TrustManager[] |
getTrustManagers(java.lang.String keystoreType,
java.lang.String keystoreProvider,
java.lang.String algorithm)
Gets the intialized trust managers. |
protected javax.net.ssl.TrustManager[] |
getTrustManagers(javax.net.ssl.TrustManagerFactory tmf)
Gets the TrustManagers either from Connector's trustManagerClassName attribute (if set) else from the
TrustManagerFactory . |
protected java.security.KeyStore |
getTrustStore(java.lang.String keystoreType,
java.lang.String keystoreProvider)
|
void |
handshake(java.net.Socket sock)
Extra function to initiate the handshake. |
protected void |
setEnabledProtocols(javax.net.ssl.SSLServerSocket socket,
java.lang.String[] protocols)
Set the SSL protocol variants to be enabled. |
Methods inherited from class org.apache.tomcat.util.net.ServerSocketFactory |
---|
getDefault, initSocket, setAttribute |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
protected boolean initialized
protected javax.net.ssl.SSLServerSocketFactory sslProxy
protected java.lang.String[] enabledCiphers
protected boolean allowUnsafeLegacyRenegotiation
protected boolean requireClientAuth
protected boolean wantClientAuth
Constructor Detail |
---|
public JSSESocketFactory()
public JSSESocketFactory(java.lang.String sslProtocol)
Method Detail |
---|
public java.net.ServerSocket createSocket(int port) throws java.io.IOException
ServerSocketFactory
createSocket
in class ServerSocketFactory
port
- the port to listen to
java.io.IOException
- for networking errorspublic java.net.ServerSocket createSocket(int port, int backlog) throws java.io.IOException
ServerSocketFactory
createSocket
in class ServerSocketFactory
port
- the port to listen tobacklog
- how many connections are queued
java.io.IOException
- for networking errorspublic java.net.ServerSocket createSocket(int port, int backlog, java.net.InetAddress ifAddress) throws java.io.IOException
ServerSocketFactory
createSocket
in class ServerSocketFactory
port
- the port to listen tobacklog
- how many connections are queuedifAddress
- the network interface address to use
java.io.IOException
- for networking errorspublic java.net.Socket acceptSocket(java.net.ServerSocket socket) throws java.io.IOException
ServerSocketFactory
acceptSocket
in class ServerSocketFactory
java.io.IOException
public void handshake(java.net.Socket sock) throws java.io.IOException
ServerSocketFactory
handshake
in class ServerSocketFactory
java.io.IOException
protected java.lang.String[] getEnabledCiphers(java.lang.String requestedCiphersStr, java.lang.String[] supportedCiphers)
protected java.lang.String getKeystorePassword()
protected java.security.KeyStore getKeystore(java.lang.String type, java.lang.String provider, java.lang.String pass) throws java.io.IOException
java.io.IOException
protected java.security.KeyStore getTrustStore(java.lang.String keystoreType, java.lang.String keystoreProvider) throws java.io.IOException
java.io.IOException
protected javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String keystoreType, java.lang.String keystoreProvider, java.lang.String algorithm, java.lang.String keyAlias) throws java.lang.Exception
java.lang.Exception
protected javax.net.ssl.TrustManager[] getTrustManagers(java.lang.String keystoreType, java.lang.String keystoreProvider, java.lang.String algorithm) throws java.lang.Exception
java.lang.Exception
protected javax.net.ssl.TrustManager[] getTrustManagers(javax.net.ssl.TrustManagerFactory tmf) throws java.security.NoSuchAlgorithmException, java.lang.ClassNotFoundException, java.lang.InstantiationException, java.lang.IllegalAccessException
trustManagerClassName
attribute (if set) else from the
TrustManagerFactory
.
java.security.NoSuchAlgorithmException
java.lang.ClassNotFoundException
java.lang.IllegalAccessException
java.lang.InstantiationException
protected java.security.cert.CertPathParameters getParameters(java.lang.String algorithm, java.lang.String crlf, java.security.KeyStore trustStore) throws java.lang.Exception
PKIX
is supported.
algorithm
- The algorithm to get parameters for.crlf
- The path to the CRL file.trustStore
- The configured TrustStore.
java.lang.Exception
protected java.util.Collection<? extends java.security.cert.CRL> getCRLs(java.lang.String crlf) throws java.io.IOException, java.security.cert.CRLException, java.security.cert.CertificateException
java.io.IOException
java.security.cert.CRLException
java.security.cert.CertificateException
protected void setEnabledProtocols(javax.net.ssl.SSLServerSocket socket, java.lang.String[] protocols)
socket
- the SSLServerSocket.protocols
- the protocols to use.protected java.lang.String[] getEnabledProtocols(javax.net.ssl.SSLServerSocket socket, java.lang.String requestedProtocols)
socket
- The socket to get supported list from.requestedProtocols
- Comma-separated list of requested SSL
protocol variants
protected void configureClientAuth(javax.net.ssl.SSLServerSocket socket)
socket
- the SSLServerSocketprotected void configureClientAuth(javax.net.ssl.SSLSocket socket)
socket
- the SSLSocketpublic static java.lang.String[] filterInsecureProtocols(java.lang.String[] protocols)
|
Apache Tomcat 6.0.53 | ||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |