org.apache.tomcat.util.net.jsse

Class JSSESocketFactory

public class JSSESocketFactory extends ServerSocketFactory

SSL server socket factory. It _requires_ a valid RSA key and JSSE.

Author: Harish Prabandham Costin Manolache Stefan Freyr Stefansson EKR -- renamed to JSSESocketFactory Jan Luehe Bill Barker

Field Summary
protected booleanallowUnsafeLegacyRenegotiation
protected StringclientAuth
protected String[]enabledCiphers
protected booleaninitialized
protected booleanrequireClientAuth
Flag to state that we require client authentication.
protected SSLServerSocketFactorysslProxy
protected booleanwantClientAuth
Flag to state that we would like client authentication.
Constructor Summary
JSSESocketFactory()
Method Summary
SocketacceptSocket(ServerSocket socket)
protected voidconfigureClientAuth(SSLServerSocket socket)
Configure Client authentication for this version of JSSE.
protected voidconfigureClientAuth(SSLSocket socket)
Configure Client authentication for this version of JSSE.
ServerSocketcreateSocket(int port)
ServerSocketcreateSocket(int port, int backlog)
ServerSocketcreateSocket(int port, int backlog, InetAddress ifAddress)
protected Collection<? extends CRL>getCRLs(String crlf)
Load the collection of CRLs.
protected String[]getEnabledCiphers(String requestedCiphers, String[] supportedCiphers)
protected String[]getEnabledProtocols(SSLServerSocket socket, String requestedProtocols)
Determines the SSL protocol variants to be enabled.
protected KeyManager[]getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias)
Gets the initialized key managers.
protected KeyStoregetKeystore(String type, String provider, String pass)
protected StringgetKeystorePassword()
protected CertPathParametersgetParameters(String algorithm, String crlf, KeyStore trustStore)
Return the initialization parameters for the TrustManager.
protected TrustManager[]getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
Gets the intialized trust managers.
protected KeyStoregetTrustStore(String keystoreType, String keystoreProvider)
voidhandshake(Socket sock)
protected voidsetEnabledProtocols(SSLServerSocket socket, String[] protocols)
Set the SSL protocol variants to be enabled.

Field Detail

allowUnsafeLegacyRenegotiation

protected boolean allowUnsafeLegacyRenegotiation

clientAuth

protected String clientAuth

enabledCiphers

protected String[] enabledCiphers

initialized

protected boolean initialized

requireClientAuth

protected boolean requireClientAuth
Flag to state that we require client authentication.

sslProxy

protected SSLServerSocketFactory sslProxy

wantClientAuth

protected boolean wantClientAuth
Flag to state that we would like client authentication.

Constructor Detail

JSSESocketFactory

public JSSESocketFactory()

Method Detail

acceptSocket

public Socket acceptSocket(ServerSocket socket)

configureClientAuth

protected void configureClientAuth(SSLServerSocket socket)
Configure Client authentication for this version of JSSE. The JSSE included in Java 1.4 supports the 'want' value. Prior versions of JSSE will treat 'want' as 'false'.

Parameters: socket the SSLServerSocket

configureClientAuth

protected void configureClientAuth(SSLSocket socket)
Configure Client authentication for this version of JSSE. The JSSE included in Java 1.4 supports the 'want' value. Prior versions of JSSE will treat 'want' as 'false'.

Parameters: socket the SSLSocket

createSocket

public ServerSocket createSocket(int port)

createSocket

public ServerSocket createSocket(int port, int backlog)

createSocket

public ServerSocket createSocket(int port, int backlog, InetAddress ifAddress)

getCRLs

protected Collection<? extends CRL> getCRLs(String crlf)
Load the collection of CRLs.

getEnabledCiphers

protected String[] getEnabledCiphers(String requestedCiphers, String[] supportedCiphers)

getEnabledProtocols

protected String[] getEnabledProtocols(SSLServerSocket socket, String requestedProtocols)
Determines the SSL protocol variants to be enabled.

Parameters: socket The socket to get supported list from. requestedProtocols Comma-separated list of requested SSL protocol variants

Returns: Array of SSL protocol variants to be enabled, or null if none of the requested protocol variants are supported

getKeyManagers

protected KeyManager[] getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias)
Gets the initialized key managers.

getKeystore

protected KeyStore getKeystore(String type, String provider, String pass)

getKeystorePassword

protected String getKeystorePassword()

getParameters

protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore)
Return the initialization parameters for the TrustManager. Currently, only the default PKIX is supported.

Parameters: algorithm The algorithm to get parameters for. crlf The path to the CRL file. trustStore The configured TrustStore.

Returns: The parameters including the CRLs and TrustStore.

getTrustManagers

protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
Gets the intialized trust managers.

getTrustStore

protected KeyStore getTrustStore(String keystoreType, String keystoreProvider)

handshake

public void handshake(Socket sock)

setEnabledProtocols

protected void setEnabledProtocols(SSLServerSocket socket, String[] protocols)
Set the SSL protocol variants to be enabled.

Parameters: socket the SSLServerSocket. protocols the protocols to use.

Copyright © 2000-2011 Apache Software Foundation. All Rights Reserved.