public class JSSESocketFactory extends Object implements ServerSocketFactory, SSLUtil
| Modifier and Type | Field and Description |
|---|---|
protected boolean |
allowUnsafeLegacyRenegotiation |
static String |
DEFAULT_KEY_PASS |
protected String[] |
enabledCiphers |
protected String[] |
enabledProtocols |
protected boolean |
requireClientAuth
Flag to state that we require client authentication.
|
protected SSLServerSocketFactory |
sslProxy |
protected boolean |
wantClientAuth
Flag to state that we would like client authentication.
|
| Constructor and Description |
|---|
JSSESocketFactory(AbstractEndpoint endpoint) |
| Modifier and Type | Method and Description |
|---|---|
Socket |
acceptSocket(ServerSocket socket)
Wrapper function for accept().
|
protected void |
configureClientAuth(SSLServerSocket socket)
Configure Client authentication for this version of JSSE.
|
void |
configureSessionContext(SSLSessionContext sslSessionContext) |
ServerSocket |
createSocket(int port)
Returns a server socket which uses all network interfaces on the host,
and is bound to a the specified port.
|
ServerSocket |
createSocket(int port,
int backlog)
Returns a server socket which uses all network interfaces on the host, is
bound to a the specified port, and uses the specified connection backlog.
|
ServerSocket |
createSocket(int port,
int backlog,
InetAddress ifAddress)
Returns a server socket which uses only the specified network interface
on the local host, is bound to a the specified port, and uses the
specified connection backlog.
|
SSLContext |
createSSLContext() |
protected Collection<? extends CRL> |
getCRLs(String crlf)
Load the collection of CRLs.
|
String[] |
getEnableableCiphers(SSLContext context)
Determines the SSL cipher suites that can be enabled, based on the
configuration of the endpoint and the ciphers supported by the SSL
implementation.
|
String[] |
getEnableableProtocols(SSLContext context)
Determines the SSL protocol variants that can be enabled, based on the
configuration of the endpoint and the ciphers supported by the SSL
implementation.
|
KeyManager[] |
getKeyManagers() |
protected KeyManager[] |
getKeyManagers(String keystoreType,
String keystoreProvider,
String algorithm,
String keyAlias)
Gets the initialized key managers.
|
protected KeyStore |
getKeystore(String type,
String provider,
String pass) |
protected String |
getKeystorePassword() |
protected CertPathParameters |
getParameters(String algorithm,
String crlf,
KeyStore trustStore)
Return the initialization parameters for the TrustManager.
|
TrustManager[] |
getTrustManagers() |
protected TrustManager[] |
getTrustManagers(String keystoreType,
String keystoreProvider,
String algorithm)
Gets the initialized trust managers.
|
protected KeyStore |
getTrustStore(String keystoreType,
String keystoreProvider) |
void |
handshake(Socket sock)
Triggers the SSL handshake.
|
public static final String DEFAULT_KEY_PASS
protected SSLServerSocketFactory sslProxy
protected String[] enabledCiphers
protected String[] enabledProtocols
protected boolean allowUnsafeLegacyRenegotiation
protected boolean requireClientAuth
protected boolean wantClientAuth
public JSSESocketFactory(AbstractEndpoint endpoint)
public ServerSocket createSocket(int port) throws IOException
ServerSocketFactorycreateSocket in interface ServerSocketFactoryport - the port to listen toIOException - for networking errorspublic ServerSocket createSocket(int port, int backlog) throws IOException
ServerSocketFactorycreateSocket in interface ServerSocketFactoryport - the port to listen tobacklog - how many connections are queuedIOException - for networking errorspublic ServerSocket createSocket(int port, int backlog, InetAddress ifAddress) throws IOException
ServerSocketFactorycreateSocket in interface ServerSocketFactoryport - the port to listen tobacklog - how many connections are queuedifAddress - the network interface address to useIOException - for networking errorspublic Socket acceptSocket(ServerSocket socket) throws IOException
ServerSocketFactoryacceptSocket in interface ServerSocketFactoryIOExceptionpublic void handshake(Socket sock) throws IOException
ServerSocketFactoryhandshake in interface ServerSocketFactoryIOExceptionpublic String[] getEnableableCiphers(SSLContext context)
SSLUtilgetEnableableCiphers in interface SSLUtilcontext - An initialized context to obtain the supported ciphers from.protected String getKeystorePassword()
protected KeyStore getKeystore(String type, String provider, String pass) throws IOException
IOExceptionprotected KeyStore getTrustStore(String keystoreType, String keystoreProvider) throws IOException
IOExceptionpublic SSLContext createSSLContext() throws Exception
createSSLContext in interface SSLUtilExceptionpublic KeyManager[] getKeyManagers() throws Exception
getKeyManagers in interface SSLUtilExceptionpublic TrustManager[] getTrustManagers() throws Exception
getTrustManagers in interface SSLUtilExceptionpublic void configureSessionContext(SSLSessionContext sslSessionContext)
configureSessionContext in interface SSLUtilprotected KeyManager[] getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias) throws Exception
Exceptionprotected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm) throws Exception
Exceptionprotected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception
PKIX is supported.algorithm - The algorithm to get parameters for.crlf - The path to the CRL file.trustStore - The configured TrustStore.Exceptionprotected Collection<? extends CRL> getCRLs(String crlf) throws IOException, CRLException, CertificateException
public String[] getEnableableProtocols(SSLContext context)
SSLUtilgetEnableableProtocols in interface SSLUtilcontext - An initialized context to obtain the supported protocols from.protected void configureClientAuth(SSLServerSocket socket)
socket - the SSLServerSocketCopyright © 2000-2013 Apache Software Foundation. All Rights Reserved.