Package org.glassfish.admin.mbeanserver.ssl

Class SSLParams

java.lang.Object

org.glassfish.admin.mbeanserver.ssl.SSLParams

public class SSLParams
extends Object

This class is a config holder for configuring SSL Sockets. It comes with set of defaults as defined below TrustAlgorithm = SunX509 keystore type = JKS truststore type = JKS protocol = TLS tls Enabled= true It also picks up the value of keystore, keystore password, truststore , trustore password from system properties. Usage : This class can be used in any enviroment , where one wants to pass in SSL defaults programatically as well as use a default set of configuration without setting in values explicitly.

Author:

[email protected]

Constructor Summary

Constructors

Constructor	Description
SSLParams()
SSLParams(File truststore, String trustStorePwd, String trustStoreType)

Method Summary

Modifier and Type	Method	Description
String	getCertNickname()
String	getClientAuth()	Determines if if the engine will request (want) or require (need) client authentication.
String	getClientAuthEnabled()	Determines whether client authentication is performed on every request, independent of ACL-based access control.
String	getCrlFile()
String[]	getEnabledCiphers()
String[]	getEnabledProtocols()
Boolean	getHstsEnabled()	Determines whether Strict Transport Security is set
Boolean	getHstsPreload()
Boolean	getHstsSubDomains()
String	getKeyAlgorithm()
File	getKeyStore()
String	getKeyStorePassword()
String	getKeyStoreType()	type of the keystore file
String	getProtocol()
String	getSsl3TlsCiphers()	A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5.
Boolean	getTlsRollbackEnabled()	Determines whether TLS rollback is enabled.
String	getTrustAlgorithm()
File	getTrustStore()
String	getTrustStorePassword()
String	getTrustStoreType()
void	setCertNickname(String certNickname)
void	setClientAuth(String clientAuth)
void	setClientAuthEnabled(String clientAuthEnabled)
void	setCrlFile(String crlFile)
void	setEnabledCiphers(String[] enabledCiphers)
void	setEnabledProtocols(String[] enabledProtocols)
void	setHstsEnabled(String hstsEnabled)
void	setHstsPreload(Boolean hstsPreload)
void	setHstsSubDomains(Boolean hstsSubDomains)
void	setKeyAlgorithm(String algorithm)
void	setKeyStore(String location)
void	setKeyStorePassword(String password)
void	setKeyStoreType(String type)
void	setProtocol(String protocol)
void	setSsl3TlsCiphers(String ssl3TlsCiphers)
void	setTlsRollbackEnabled(String tlsRollBackEnabled)
void	setTrustAlgorithm(String algorithm)
void	setTrustMaxCertLength(String maxLength)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SSLParams

public SSLParams(File truststore,
                 String trustStorePwd,
                 String trustStoreType)

SSLParams

public SSLParams()

Method Detail

getTrustStore

public File getTrustStore()

getTrustStorePassword

public String getTrustStorePassword()

getTrustStoreType

public String getTrustStoreType()

getTrustAlgorithm

public String getTrustAlgorithm()

setTrustAlgorithm

public void setTrustAlgorithm(String algorithm)

getEnabledCiphers

public String[] getEnabledCiphers()

setEnabledCiphers

public void setEnabledCiphers(String[] enabledCiphers)

getEnabledProtocols

public String[] getEnabledProtocols()

setEnabledProtocols

public void setEnabledProtocols(String[] enabledProtocols)

getProtocol

public String getProtocol()

setProtocol

public void setProtocol(String protocol)

setTrustMaxCertLength

public void setTrustMaxCertLength(String maxLength)

getCertNickname

public String getCertNickname()

setCertNickname

public void setCertNickname(String certNickname)

getClientAuthEnabled

public String getClientAuthEnabled()

Determines whether client authentication is performed on every request, independent of ACL-based access control.

setClientAuthEnabled

public void setClientAuthEnabled(String clientAuthEnabled)

getClientAuth

public String getClientAuth()

Determines if if the engine will request (want) or require (need) client authentication. Valid values: want, need, or left blank

setClientAuth

public void setClientAuth(String clientAuth)

getCrlFile

public String getCrlFile()

setCrlFile

public void setCrlFile(String crlFile)

getKeyAlgorithm

public String getKeyAlgorithm()

setKeyAlgorithm

public void setKeyAlgorithm(String algorithm)

getKeyStoreType

public String getKeyStoreType()

type of the keystore file

setKeyStoreType

public void setKeyStoreType(String type)

getKeyStorePassword

public String getKeyStorePassword()

setKeyStorePassword

public void setKeyStorePassword(String password)

getKeyStore

public File getKeyStore()

setKeyStore

public void setKeyStore(String location)

getSsl3TlsCiphers

public String getSsl3TlsCiphers()

A comma-separated list of the SSL3 ciphers used, with the prefix + to enable or - to disable, for example +SSL_RSA_WITH_RC4_128_MD5. Allowed SSL3/TLS values are those that are supported by the JVM for the given security provider and security service configuration. If no value is specified, all supported ciphers are assumed to be enabled.

setSsl3TlsCiphers

public void setSsl3TlsCiphers(String ssl3TlsCiphers)

getTlsRollbackEnabled

public Boolean getTlsRollbackEnabled()

Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0 and 5.5. NOT Used in PE

setTlsRollbackEnabled

public void setTlsRollbackEnabled(String tlsRollBackEnabled)

getHstsEnabled

public Boolean getHstsEnabled()

Determines whether Strict Transport Security is set

setHstsEnabled

public void setHstsEnabled(String hstsEnabled)

getHstsSubDomains

public Boolean getHstsSubDomains()

setHstsSubDomains

public void setHstsSubDomains(Boolean hstsSubDomains)

getHstsPreload

public Boolean getHstsPreload()

setHstsPreload

public void setHstsPreload(Boolean hstsPreload)