org.apache.tomcat.util.net.jsse: public class: JSSE13SocketFactory

org.apache.tomcat.util.net.jsse
public class: JSSE13SocketFactory [javadoc | source]

java.lang.Object
   org.apache.tomcat.util.net.ServerSocketFactory
      org.apache.tomcat.util.net.jsse.JSSESocketFactory
         org.apache.tomcat.util.net.jsse.JSSE13SocketFactory

All Implemented Interfaces:
Cloneable

SSL server socket factory. It _requires_ a valid RSA key and JSSE.

author: Harish - Prabandham

author: Costin - Manolache

author: Stefan - Freyr Stefansson

author: EKR - -- renamed to JSSESocketFactory

author: Bill - Barker

Field Summary
protected boolean	clientAuth	Flag for client authentication

Fields inherited from org.apache.tomcat.util.net.jsse.JSSESocketFactory:
defaultProtocol, defaultClientAuth, defaultKeystoreType, log, initialized, clientAuth, sslProxy, enabledCiphers, allowUnsafeLegacyRenegotiation, requireClientAuth, wantClientAuth

Fields inherited from org.apache.tomcat.util.net.ServerSocketFactory:
attributes

Constructor:
public JSSE13SocketFactory() { super(); }

Method from org.apache.tomcat.util.net.jsse.JSSE13SocketFactory Summary:
configureClientAuth, configureClientAuth, getEnabledProtocols, init, setEnabledProtocols

Methods from org.apache.tomcat.util.net.jsse.JSSESocketFactory:
acceptSocket, configureClientAuth, configureClientAuth, createSocket, createSocket, createSocket, getCRLs, getEnabledCiphers, getEnabledProtocols, getKeyManagers, getKeystore, getKeystorePassword, getParameters, getTrustManagers, getTrustStore, handshake, init, setEnabledProtocols

Methods from org.apache.tomcat.util.net.ServerSocketFactory:
acceptSocket, createSocket, createSocket, createSocket, getDefault, handshake, initSocket, setAttribute

Methods from java.lang.Object:
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method from org.apache.tomcat.util.net.jsse.JSSE13SocketFactory Detail:
protected void configureClientAuth(SSLServerSocket socket) { socket.setNeedClientAuth(clientAuth); }
protected void configureClientAuth(SSLSocket socket) { // In JSSE 1.0.2 docs it does not explicitly // state whether SSLSockets returned from // SSLServerSocket.accept() inherit this setting. socket.setNeedClientAuth(clientAuth); }
protected String[] getEnabledProtocols(SSLServerSocket socket, String requestedProtocols) { return null; }
void init() throws IOException { try { try { Class ssps = Class.forName("sun.security.provider.Sun"); Security.addProvider ((Provider)ssps.newInstance()); }catch(Exception cnfe) { //Ignore, since this is a non-Sun JVM } Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider()); String clientAuthStr = (String)attributes.get("clientauth"); if("true".equalsIgnoreCase(clientAuthStr) \|\| "yes".equalsIgnoreCase(clientAuthStr) \|\| "want".equalsIgnoreCase(clientAuthStr)) { clientAuth = true; } // SSL protocol variant (e.g., TLS, SSL v3, etc.) String protocol = (String)attributes.get("protocol"); if (protocol == null) protocol = defaultProtocol; // Certificate encoding algorithm (e.g., SunX509) String algorithm = (String)attributes.get("algorithm"); if (algorithm == null) algorithm = defaultAlgorithm; // Set up KeyManager, which will extract server key com.sun.net.ssl.KeyManagerFactory kmf = com.sun.net.ssl.KeyManagerFactory.getInstance(algorithm); String keystoreType = (String)attributes.get("keystoreType"); if (keystoreType == null) { keystoreType = defaultKeystoreType; } String keystorePass = getKeystorePassword(); kmf.init(getKeystore(keystoreType, keystorePass), keystorePass.toCharArray()); // Set up TrustManager com.sun.net.ssl.TrustManager[] tm = null; String truststoreType = (String)attributes.get("truststoreType"); if(truststoreType == null) { truststoreType = keystoreType; } KeyStore trustStore = getTrustStore(truststoreType); if (trustStore != null) { com.sun.net.ssl.TrustManagerFactory tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509"); tmf.init(trustStore); tm = tmf.getTrustManagers(); } // Create and init SSLContext com.sun.net.ssl.SSLContext context = com.sun.net.ssl.SSLContext.getInstance(protocol); context.init(kmf.getKeyManagers(), tm, new SecureRandom()); // Create proxy sslProxy = context.getServerSocketFactory(); // Determine which cipher suites to enable String requestedCiphers = (String)attributes.get("ciphers"); enabledCiphers = getEnabledCiphers(requestedCiphers, sslProxy.getSupportedCipherSuites()); } catch(Exception e) { if( e instanceof IOException ) throw (IOException)e; throw new IOException(e.getMessage()); } } Reads the keystore and initializes the SSL socket factory. NOTE: This method is identical in functionality to the method of the same name in JSSE14SocketFactory, except that this method is used with JSSE 1.0.x (which is an extension to the 1.3 JVM), whereas the other is used with JSSE 1.1.x (which ships with the 1.4 JVM). Therefore, this method uses classes in com.sun.net.ssl, which have since moved to javax.net.ssl, and explicitly registers the required security providers, which come standard in a 1.4 JVM.
protected void setEnabledProtocols(SSLServerSocket socket, String[] protocols) { }