org.glassfish.admin.mbeanserver.ssl

Class SSLParams

java.lang.Object

org.glassfish.admin.mbeanserver.ssl.SSLParams

public class SSLParams
extends Object

This class is a config holder for configuring SSL Sockets. It comes with set of defaults as defined below TrustAlgorithm = SunX509 keystore type = JKS truststore type = JKS protocol = TLS ssl3 Enabled = true tls Enabled= true It also picks up the value of keystore, keystore password, truststore , trustore password from system properties. Usage : This class can be used in any enviroment , where one wants to pass in SSL defaults programatically as well as use a default set of configuration without setting in values explicitly.

Author:

[email protected]

Constructor Summary

Constructors

Constructor and Description
SSLParams()
SSLParams(File truststore, String trustStorePwd, String trustStoreType)

Method Summary

Modifier and Type	Method and Description
String	getCertNickname()
String	getClientAuth() Determines if if the engine will request (want) or require (need) client authentication.
String	getClientAuthEnabled() Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control.
String	getCrlFile()
String[]	getEnabledCiphers()
String[]	getEnabledProtocols()
String	getKeyAlgorithm()
File	getKeyStore()
String	getKeyStorePassword()
String	getKeyStoreType() type of the keystore file
String	getProtocol()
String	getSsl2Ciphers() A comma-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable, for example +rc4.
Boolean	getSsl2Enabled() Determines whether SSL2 is enabled.
Boolean	getSsl3Enabled() Determines whether SSL3 is enabled.
String	getSsl3TlsCiphers() A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5.
Boolean	getTlsEnabled() Determines whether TLS is enabled.
Boolean	getTlsRollbackEnabled() Determines whether TLS rollback is enabled.
String	getTrustAlgorithm()
File	getTrustStore()
String	getTrustStorePassword()
String	getTrustStoreType()
void	setCertNickname(String certNickname)
void	setClientAuth(String clientAuth)
void	setClientAuthEnabled(String clientAuthEnabled)
void	setCrlFile(String crlFile)
void	setEnabledCiphers(String[] enabledCiphers)
void	setEnabledProtocols(String[] enabledProtocols)
void	setKeyAlgorithm(String algorithm)
void	setKeyStore(String location)
void	setKeyStorePassword(String password)
void	setKeyStoreType(String type)
void	setProtocol(String protocol)
void	setSsl2Ciphers(String ssl2Ciphers)
void	setSsl2Enabled(String ssl2Enabled)
void	setSsl3Enabled(String ssl3Enabled)
void	setSsl3TlsCiphers(String ssl3TlsCiphers)
void	setTlsEnabled(String tlsEnabled)
void	setTlsRollbackEnabled(String tlsRollBackEnabled)
void	setTrustAlgorithm(String algorithm)
void	setTrustMaxCertLength(String maxLength)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SSLParams

public SSLParams(File truststore,
                 String trustStorePwd,
                 String trustStoreType)

SSLParams

public SSLParams()

Method Detail

getTrustStore

public File getTrustStore()

getTrustStorePassword

public String getTrustStorePassword()

getTrustStoreType

public String getTrustStoreType()

getTrustAlgorithm

public String getTrustAlgorithm()

setTrustAlgorithm

public void setTrustAlgorithm(String algorithm)

getEnabledCiphers

public String[] getEnabledCiphers()

setEnabledCiphers

public void setEnabledCiphers(String[] enabledCiphers)

getEnabledProtocols

public String[] getEnabledProtocols()

setEnabledProtocols

public void setEnabledProtocols(String[] enabledProtocols)

getProtocol

public String getProtocol()

setProtocol

public void setProtocol(String protocol)

setTrustMaxCertLength

public void setTrustMaxCertLength(String maxLength)

getCertNickname

public String getCertNickname()

setCertNickname

public void setCertNickname(String certNickname)

getClientAuthEnabled

public String getClientAuthEnabled()

Determines whether SSL3 client authentication is performed on every request, independent of ACL-based access control.

setClientAuthEnabled

public void setClientAuthEnabled(String clientAuthEnabled)

getClientAuth

public String getClientAuth()

Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

setClientAuth

public void setClientAuth(String clientAuth)

getCrlFile

public String getCrlFile()

setCrlFile

public void setCrlFile(String crlFile)

getKeyAlgorithm

public String getKeyAlgorithm()

setKeyAlgorithm

public void setKeyAlgorithm(String algorithm)

getKeyStoreType

public String getKeyStoreType()

type of the keystore file

setKeyStoreType

public void setKeyStoreType(String type)

getKeyStorePassword

public String getKeyStorePassword()

setKeyStorePassword

public void setKeyStorePassword(String password)

getKeyStore

public File getKeyStore()

setKeyStore

public void setKeyStore(String location)

getSsl2Ciphers

public String getSsl2Ciphers()

A comma-separated list of the SSL2 ciphers used, with the prefix + to enable or - to disable, for example +rc4. Allowed values are rc4, rc4export, rc2, rc2export, idea, des, desede3. If no value is specified, all supported ciphers are assumed to be enabled. NOT Used in PE

setSsl2Ciphers

public void setSsl2Ciphers(String ssl2Ciphers)

getSsl2Enabled

public Boolean getSsl2Enabled()

Determines whether SSL2 is enabled. NOT Used in PE. SSL2 is not supported by either iiop or web-services. When this element is used as a child of the iiop-listener element then the only allowed value for this attribute is "false".

setSsl2Enabled

public void setSsl2Enabled(String ssl2Enabled)

getSsl3Enabled

public Boolean getSsl3Enabled()

Determines whether SSL3 is enabled. If both SSL2 and SSL3 are enabled for a virtual server, the server tries SSL3 encryption first. If that fails, the server tries SSL2 encryption.

setSsl3Enabled

public void setSsl3Enabled(String ssl3Enabled)

getSsl3TlsCiphers

public String getSsl3TlsCiphers()

A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

setSsl3TlsCiphers

public void setSsl3TlsCiphers(String ssl3TlsCiphers)

getTlsEnabled

public Boolean getTlsEnabled()

Determines whether TLS is enabled.

setTlsEnabled

public void setTlsEnabled(String tlsEnabled)

getTlsRollbackEnabled

public Boolean getTlsRollbackEnabled()

Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

setTlsRollbackEnabled

public void setTlsRollbackEnabled(String tlsRollBackEnabled)