Field Detail

• DEFAULT_KEY_PASS

  public static final java.lang.String DEFAULT_KEY_PASS

  See Also:

  Constant Field Values

• sslProxy

  protected javax.net.ssl.SSLServerSocketFactory sslProxy

• enabledCiphers

  protected java.lang.String[] enabledCiphers

• enabledProtocols

  protected java.lang.String[] enabledProtocols

• allowUnsafeLegacyRenegotiation

  protected boolean allowUnsafeLegacyRenegotiation

• requireClientAuth

  protected boolean requireClientAuth

  Flag to state that we require client authentication.

• wantClientAuth

  protected boolean wantClientAuth

  Flag to state that we would like client authentication.

Constructor Detail

• JSSESocketFactory

  public JSSESocketFactory(AbstractEndpoint<?> endpoint)

Method Detail

• createSocket

  public java.net.ServerSocket createSocket(int port)
                                     throws java.io.IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses all network interfaces on the host, and is bound to a the specified port. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  Throws:

  java.io.IOException - for networking errors

• createSocket

  public java.net.ServerSocket createSocket(int port,
                                   int backlog)
                                     throws java.io.IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses all network interfaces on the host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  backlog - how many connections are queued

  Throws:

  java.io.IOException - for networking errors

• createSocket

  public java.net.ServerSocket createSocket(int port,
                                   int backlog,
                                   java.net.InetAddress ifAddress)
                                     throws java.io.IOException

  Description copied from interface: ServerSocketFactory
  Returns a server socket which uses only the specified network interface on the local host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.

  Specified by:

  createSocket in interface ServerSocketFactory

  Parameters:

  port - the port to listen to

  backlog - how many connections are queued

  ifAddress - the network interface address to use

  Throws:

  java.io.IOException - for networking errors

• acceptSocket

  public java.net.Socket acceptSocket(java.net.ServerSocket socket)
                               throws java.io.IOException

  Description copied from interface: ServerSocketFactory
  Wrapper function for accept(). This allows us to trap and translate exceptions if necessary.

  Specified by:

  acceptSocket in interface ServerSocketFactory

  Throws:

  java.io.IOException

• handshake

  public void handshake(java.net.Socket sock)
                 throws java.io.IOException

  Description copied from interface: ServerSocketFactory
  Triggers the SSL handshake. This will be a no-op for non-SSL sockets.

  Specified by:

  handshake in interface ServerSocketFactory

  Throws:

  java.io.IOException

• getEnableableCiphers

  public java.lang.String[] getEnableableCiphers(javax.net.ssl.SSLContext context)

  Description copied from interface: SSLUtil
  Determines the SSL cipher suites that can be enabled, based on the configuration of the endpoint and the ciphers supported by the SSL implementation.

  Specified by:

  getEnableableCiphers in interface SSLUtil

  Parameters:

  context - An initialized context to obtain the supported ciphers from.

  Returns:

  Array of SSL cipher suites that may be enabled (which may be empty if none of the specified ciphers are supported), or the defaults for the underlying SSL implementation if the endpoint configuration does not specify any ciphers.

• getEnabledCiphers

  public java.lang.String[] getEnabledCiphers()

• getKeystorePassword

  protected java.lang.String getKeystorePassword()

• getKeystore

  protected java.security.KeyStore getKeystore(java.lang.String type,
                                   java.lang.String provider,
                                   java.lang.String pass)
                                        throws java.io.IOException

  Throws:

  java.io.IOException

• getTrustStore

  protected java.security.KeyStore getTrustStore(java.lang.String keystoreType,
                                     java.lang.String keystoreProvider)
                                          throws java.io.IOException

  Throws:

  java.io.IOException

• createSSLContext

  public javax.net.ssl.SSLContext createSSLContext()
                                            throws java.lang.Exception

  Specified by:

  createSSLContext in interface SSLUtil

  Throws:

  java.lang.Exception

• getKeyManagers

  public javax.net.ssl.KeyManager[] getKeyManagers()
                                            throws java.lang.Exception

  Specified by:

  getKeyManagers in interface SSLUtil

  Throws:

  java.lang.Exception

• getTrustManagers

  public javax.net.ssl.TrustManager[] getTrustManagers()
                                                throws java.lang.Exception

  Specified by:

  getTrustManagers in interface SSLUtil

  Throws:

  java.lang.Exception

• configureSessionContext

  public void configureSessionContext(javax.net.ssl.SSLSessionContext sslSessionContext)

  Specified by:

  configureSessionContext in interface SSLUtil

• getKeyManagers

  protected javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String keystoreType,
                                          java.lang.String keystoreProvider,
                                          java.lang.String algorithm,
                                          java.lang.String keyAlias)
                                               throws java.lang.Exception

  Gets the initialized key managers.

  Throws:

  java.lang.Exception

• getTrustManagers

  protected javax.net.ssl.TrustManager[] getTrustManagers(java.lang.String keystoreType,
                                              java.lang.String keystoreProvider,
                                              java.lang.String algorithm)
                                                   throws java.lang.Exception

  Gets the initialized trust managers.

  Throws:

  java.lang.Exception

• getParameters

  protected java.security.cert.CertPathParameters getParameters(java.lang.String algorithm,
                                                    java.lang.String crlf,
                                                    java.security.KeyStore trustStore)
                                                         throws java.lang.Exception

  Return the initialization parameters for the TrustManager. Currently, only the default PKIX is supported.

  Parameters:

  algorithm - The algorithm to get parameters for.

  crlf - The path to the CRL file.

  trustStore - The configured TrustStore.

  Returns:

  The parameters including the CRLs and TrustStore.

  Throws:

  java.lang.Exception

• getCRLs

  protected java.util.Collection<? extends java.security.cert.CRL> getCRLs(java.lang.String crlf)
                                                                    throws java.io.IOException,
                                                                           java.security.cert.CRLException,
                                                                           java.security.cert.CertificateException

  Load the collection of CRLs.

  Throws:

  java.io.IOException

  java.security.cert.CRLException

  java.security.cert.CertificateException

• getEnableableProtocols

  public java.lang.String[] getEnableableProtocols(javax.net.ssl.SSLContext context)

  Description copied from interface: SSLUtil
  Determines the SSL protocol variants that can be enabled, based on the configuration of the endpoint and the ciphers supported by the SSL implementation.

  Specified by:

  getEnableableProtocols in interface SSLUtil

  Parameters:

  context - An initialized context to obtain the supported protocols from.

  Returns:

  Array of SSL protocol variants that may be enabled (which may be empty if none of the specified protocols are supported), or the defaults for the underlying SSL implementation if the endpoint configuration does not specify any protocols.

• configureClientAuth

  protected void configureClientAuth(javax.net.ssl.SSLServerSocket socket)

  Configure Client authentication for this version of JSSE. The JSSE included in Java 1.4 supports the 'want' value. Prior versions of JSSE will treat 'want' as 'false'.

  Parameters:

  socket - the SSLServerSocket

• configureUseServerCipherSuitesOrder

  protected void configureUseServerCipherSuitesOrder(javax.net.ssl.SSLServerSocket socket)

  Configures SSLEngine to honor cipher suites ordering based upon endpoint configuration.