Field Detail

• DEFAULT_KEY_PASS

  public static final String DEFAULT_KEY_PASS

  See Also:

  Constant Field Values

• sslProxy

  protected SSLServerSocketFactory sslProxy

• enabledCiphers

  protected String[] enabledCiphers

• enabledProtocols

  protected String[] enabledProtocols

• allowUnsafeLegacyRenegotiation

  protected boolean allowUnsafeLegacyRenegotiation

• requireClientAuth

  protected boolean requireClientAuth

  Flag to state that we require client authentication.

• wantClientAuth

  protected boolean wantClientAuth

  Flag to state that we would like client authentication.

Constructor Detail

• JSSESocketFactory

  public JSSESocketFactory(AbstractEndpoint<?> endpoint)

Method Detail

• createSocket

  public ServerSocket createSocket(int port)
                            throws IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses all network interfaces on the host, and is bound to a the specified port. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  Throws:

  IOException - for networking errors

• createSocket

  public ServerSocket createSocket(int port,
                          int backlog)
                            throws IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses all network interfaces on the host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  backlog - how many connections are queued

  Throws:

  IOException - for networking errors

• createSocket

  public ServerSocket createSocket(int port,
                          int backlog,
                          InetAddress ifAddress)
                            throws IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses only the specified network interface on the local host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  backlog - how many connections are queued

  ifAddress - the network interface address to use

  Throws:

  IOException - for networking errors

• acceptSocket

  public Socket acceptSocket(ServerSocket socket)
                      throws IOException

  Description copied from interface: ServerSocketFactory
  Wrapper function for accept(). This allows us to trap and translate exceptions if necessary.

  Specified by:

  acceptSocket in interface ServerSocketFactory

  Throws:

  IOException

• handshake

  public void handshake(Socket sock)
                 throws IOException

  Description copied from interface: ServerSocketFactory
  Triggers the SSL handshake. This will be a no-op for non-SSL sockets.

  Specified by:

  handshake in interface ServerSocketFactory

  Throws:

  IOException

• getEnableableCiphers

  public String[] getEnableableCiphers(SSLContext context)

  Description copied from interface: SSLUtil
  Determines the SSL cipher suites that can be enabled, based on the configuration of the endpoint and the ciphers supported by the SSL implementation.

  Specified by:

  getEnableableCiphers in interface SSLUtil

  Parameters:

  context - An initialized context to obtain the supported ciphers from.

  Returns:

  Array of SSL cipher suites that may be enabled (which may be empty if none of the specified ciphers are supported), or the defaults for the underlying SSL implementation if the endpoint configuration does not specify any ciphers.

• getKeystorePassword

  protected String getKeystorePassword()

• getKeystore

  protected KeyStore getKeystore(String type,
                     String provider,
                     String pass)
                          throws IOException

  Throws:

  IOException

• getTrustStore

  protected KeyStore getTrustStore(String keystoreType,
                       String keystoreProvider)
                            throws IOException

  Throws:

  IOException

• createSSLContext

  public SSLContext createSSLContext()
                              throws Exception

  Specified by:

  createSSLContext in interface SSLUtil

  Throws:

  Exception

• getKeyManagers

  public KeyManager[] getKeyManagers()
                              throws Exception

  Specified by:

  getKeyManagers in interface SSLUtil

  Throws:

  Exception

• getTrustManagers

  public TrustManager[] getTrustManagers()
                                  throws Exception

  Specified by:

  getTrustManagers in interface SSLUtil

  Throws:

  Exception

• configureSessionContext

  public void configureSessionContext(SSLSessionContext sslSessionContext)

  Specified by:

  configureSessionContext in interface SSLUtil

• getKeyManagers

  protected KeyManager[] getKeyManagers(String keystoreType,
                            String keystoreProvider,
                            String algorithm,
                            String keyAlias)
                                 throws Exception

  Gets the initialized key managers.

  Throws:

  Exception

• getTrustManagers

  protected TrustManager[] getTrustManagers(String keystoreType,
                                String keystoreProvider,
                                String algorithm)
                                     throws Exception

  Gets the initialized trust managers.

  Throws:

  Exception

• getParameters

  protected CertPathParameters getParameters(String algorithm,
                                 String crlf,
                                 KeyStore trustStore)
                                      throws Exception

  Return the initialization parameters for the TrustManager. Currently, only the default PKIX is supported.

  Parameters:

  algorithm - The algorithm to get parameters for.

  crlf - The path to the CRL file.

  trustStore - The configured TrustStore.

  Returns:

  The parameters including the CRLs and TrustStore.

  Throws:

  Exception

• getCRLs

  protected Collection<? extends CRL> getCRLs(String crlf)
                                       throws IOException,
                                              CRLException,
                                              CertificateException

  Load the collection of CRLs.

  Throws:

  IOException

  CRLException

  CertificateException

• getEnableableProtocols

  public String[] getEnableableProtocols(SSLContext context)

  Description copied from interface: SSLUtil
  Determines the SSL protocol variants that can be enabled, based on the configuration of the endpoint and the ciphers supported by the SSL implementation.

  Specified by:

  getEnableableProtocols in interface SSLUtil

  Parameters:

  context - An initialized context to obtain the supported protocols from.

  Returns:

  Array of SSL protocol variants that may be enabled (which may be empty if none of the specified protocols are supported), or the defaults for the underlying SSL implementation if the endpoint configuration does not specify any protocols.

• configureClientAuth

  protected void configureClientAuth(SSLServerSocket socket)

  Configure Client authentication for this version of JSSE. The JSSE included in Java 1.4 supports the 'want' value. Prior versions of JSSE will treat 'want' as 'false'.

  Parameters:

  socket - the SSLServerSocket

• configureUseServerCipherSuitesOrder

  protected void configureUseServerCipherSuitesOrder(SSLServerSocket socket)

  Configures SSLEngine to honor cipher suites ordering based upon endpoint configuration.

  Throws:

  UnsupportedOperationException - If the runtime JVM doesn't support this setting.