public final class SSLSocketTransport extends TcpSocketTransport
This implementation will use a JSSE 1.0.2 compliant provider in order to provide the appropriate security and certificate handling.
An attempt is made to add the default JSSE provider
com.sun.net.ssl.internal.ssl.Provider() in a static
initialisation loop, but no error is logged if this fails (not required under
JDK1.4)
This class naturally extends TcpSocketTransport as a secure
socket is simply a encryption/decryption layer over the top of a plain
socket. Because of this, the configuration for a SSLSocketTransport
object is similar to that for a TcpSocketTransport object with
a number of additions discussed below
transport.security.keystore.url The path to the keystore
in the as a URL. The url may follow the rules as specified by
KeystoreFactory.transport.security.keystore.password The password to
access the keystore.transport.security.keystore.privatekeypassword The
private key passwordtransport.socket.ssl.always.trust if set to
true then AlwaysTrustManager is used to verify the
certificate chain sent by the remote party
The purpose of this private class is to implement a
X509TrustManager
that always returns true, regardless of the situation.
Its use is primarily during the test phase, when the Certificate Authority or the certificates themselves have not been agreed upon. It will allow any certificate to be used, ensuring the encryption of the data, but not anything else.
transport.socket.ssl.require.client.auth if set to true
the the client is always required to present a certificate.More information about SSL/TLS can be found on the internet draft RFC2246. Java Secure Socket Extensions can be found here
config, logR, serverSocket, socketLoggerCONFIG_ALWAYS_TRUST, CONFIG_BLOCKSIZE, CONFIG_CLIENT_AUTH, CONFIG_HOST, CONFIG_LISTEN, CONFIG_PORT, CONFIG_TIMEOUTCONFIG_KEYSTORE_FILE, CONFIG_KEYSTORE_PW, CONFIG_PRIVATE_KEY_PW| Constructor and Description |
|---|
SSLSocketTransport() |
| Modifier and Type | Method and Description |
|---|---|
TransportLayer |
connect()
Make a connection.
|
boolean |
getAlwaysTrust()
Get the always trust value.
|
java.lang.String |
getKeystorePassword()
Get the keystore password
|
java.lang.String |
getKeystoreUrl()
Get the keystore path.
|
java.lang.String |
getPrivateKeyPassword()
Get the private key password
|
boolean |
getRequireClientAuth()
Get the require client authentication flag.
|
protected void |
initFromProperties()
Perform initialisation from properties.
|
TransportLayer |
listen(int listenTimeout)
Listen for requests.
|
void |
setAlwaysTrust(boolean b)
set the AlwaysTrust flag.
|
void |
setKeystorePassword(java.lang.String pw)
Set the keystore password.
|
void |
setKeystoreUrl(java.lang.String string)
Set the Keystore path
|
void |
setPrivateKeyPassword(java.lang.String pw)
Set the private key password *
In additional to plain text passwords, the passwords can also be encoded
using the appropriate
Password
|
void |
setRequireClientAuth(boolean b)
Set the require client authentication flag.
|
close, getBlockSize, getConnectTimeout, getHost, getListenPort, getPort, listProperties, printSocketInfo, setBlockSize, setConfiguration, setConnectTimeout, setHost, setListenPort, setPortpublic TransportLayer connect() throws java.io.InterruptedIOException, TransportException, java.lang.IllegalStateException
TransportIf this has to negotiate an X.25 pad, then this is where that happens.
The point where this method should return is when the connection has been made to the remote server, but before any actual transport protocol negotiation, other than that required to make the connection has occurred e.g. there is a connection to the remote server, but the OFTP SSRM has not yet been received.
connect in class TcpSocketTransportjava.io.InterruptedIOException - If the attempt to connect exceeded
the timeoutTransportException - Any other Exceptionjava.lang.IllegalStateException - If this TransportLayer object can't make a
client connection because it doesn't know how toTransport.connect()public TransportLayer listen(int listenTimeout) throws TransportException, java.lang.IllegalStateException, java.io.InterruptedIOException
TransportThe method should block until timeout or until a request is received and accepted.
The point where this method should return is when the connection has been made to the remote server, but before any actual transport protocol negotiation, other than that required to make the connection has occurred. e.g. The remote party is connected, but this server has not yet sent the OFTP SSRM.
listen in class TcpSocketTransportlistenTimeout - how long to listen for (ms)TransportException - Any other Exceptionjava.lang.IllegalStateException - If this TransportLayer object can't listen
because it doesn't know how tojava.io.InterruptedIOException - if the attempt to listen has exceeded the
listenTimeoutTransport.listen(int)public boolean getAlwaysTrust()
public java.lang.String getKeystorePassword()
public java.lang.String getKeystoreUrl()
public java.lang.String getPrivateKeyPassword()
public boolean getRequireClientAuth()
public void setAlwaysTrust(boolean b)
b - true or false.public void setKeystorePassword(java.lang.String pw)
In additional to plain text passwords, the passwords can also be encoded
using the appropriate Password
pw - the password, defaults to null as the password may be embedded in
setKeystoreUrl(String)public void setKeystoreUrl(java.lang.String string)
string - the pathpublic void setPrivateKeyPassword(java.lang.String pw)
In additional to plain text passwords, the passwords can also be encoded
using the appropriate Password
pw - the passwordpublic void setRequireClientAuth(boolean b)
b - true or falseprotected void initFromProperties()
throws TransportException
TcpSocketTransportinitFromProperties in class TcpSocketTransportTransportException - on error.TcpSocketTransport.initFromProperties()Copyright Adaptris