Package org.glassfish.grizzly.config.ssl
Class JSSESocketFactory
- java.lang.Object
-
- org.glassfish.grizzly.config.ssl.ServerSocketFactory
-
- org.glassfish.grizzly.config.ssl.JSSESocketFactory
-
- All Implemented Interfaces:
Cloneable
- Direct Known Subclasses:
JSSE14SocketFactory
public abstract class JSSESocketFactory extends ServerSocketFactory
SSL server socket factory. It _requires_ a valid RSA key and JSSE.- Author:
- Harish Prabandham, Costin Manolache, Stefan Freyr Stefansson, EKR -- renamed to JSSESocketFactory
-
-
Field Summary
Fields Modifier and Type Field Description protected boolean
clientAuthNeed
protected boolean
clientAuthWant
static String
defaultAlgorithm
static String
defaultProtocol
protected String[]
enabledCiphers
protected boolean
initialized
protected static Logger
logger
protected SSLServerSocketFactory
sslProxy
-
Fields inherited from class org.glassfish.grizzly.config.ssl.ServerSocketFactory
attributes, context
-
-
Constructor Summary
Constructors Constructor Description JSSESocketFactory()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description Socket
acceptSocket(ServerSocket socket)
Wrapper function for accept().ServerSocket
createSocket(int port)
Returns a server socket which uses all network interfaces on the host, and is bound to a the specified port.ServerSocket
createSocket(int port, int backlog)
Returns a server socket which uses all network interfaces on the host, is bound to a the specified port, and uses the specified connection backlog.ServerSocket
createSocket(int port, int backlog, InetAddress ifAddress)
Returns a server socket which uses only the specified network interface on the local host, is bound to a the specified port, and uses the specified connection backlog.protected String[]
getEnabledCiphers(String requestedCiphers, String[] supportedCiphers)
Determines the SSL cipher suites to be enabled.protected abstract String[]
getEnabledProtocols(SSLServerSocket socket, String requestedProtocols)
Determines the SSL protocol variants to be enabled.protected ArrayList<KeyStore>
getKeystore(String pass)
Gets the SSL server's keystores.protected String
getKeystorePassword()
Gets the SSL server's keystore password.protected KeyStore[]
getTrustStore()
Gets the SSL server's truststore.protected String
getTruststorePassword()
void
handshake(Socket sock)
Extra function to initiate the handshake.abstract void
init()
Reads the keystore and initializes the SSL socket factory.protected void
initServerSocket(ServerSocket ssocket)
Configures the given SSL server socket with the requested cipher suites, protocol versions, and need for client authenticationprotected abstract void
setEnabledProtocols(SSLServerSocket socket, String[] protocols)
Set the SSL protocol variants to be enabled.-
Methods inherited from class org.glassfish.grizzly.config.ssl.ServerSocketFactory
getDefault, getSSLContext, initSocket, setAttribute
-
-
-
-
Field Detail
-
defaultProtocol
public static final String defaultProtocol
- See Also:
- Constant Field Values
-
defaultAlgorithm
public static final String defaultAlgorithm
-
logger
protected static final Logger logger
-
initialized
protected boolean initialized
-
clientAuthNeed
protected boolean clientAuthNeed
-
clientAuthWant
protected boolean clientAuthWant
-
sslProxy
protected SSLServerSocketFactory sslProxy
-
enabledCiphers
protected String[] enabledCiphers
-
-
Method Detail
-
createSocket
public ServerSocket createSocket(int port) throws IOException
Description copied from class:ServerSocketFactory
Returns a server socket which uses all network interfaces on the host, and is bound to a the specified port. The socket is configured with the socket options (such as accept timeout) given to this factory.- Specified by:
createSocket
in classServerSocketFactory
- Parameters:
port
- the port to listen to- Throws:
IOException
- for networking errors
-
createSocket
public ServerSocket createSocket(int port, int backlog) throws IOException
Description copied from class:ServerSocketFactory
Returns a server socket which uses all network interfaces on the host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.- Specified by:
createSocket
in classServerSocketFactory
- Parameters:
port
- the port to listen tobacklog
- how many connections are queued- Throws:
IOException
- for networking errors
-
createSocket
public ServerSocket createSocket(int port, int backlog, InetAddress ifAddress) throws IOException
Description copied from class:ServerSocketFactory
Returns a server socket which uses only the specified network interface on the local host, is bound to a the specified port, and uses the specified connection backlog. The socket is configured with the socket options (such as accept timeout) given to this factory.- Specified by:
createSocket
in classServerSocketFactory
- Parameters:
port
- the port to listen tobacklog
- how many connections are queuedifAddress
- the network interface address to use- Throws:
IOException
- for networking errors
-
acceptSocket
public Socket acceptSocket(ServerSocket socket) throws IOException
Description copied from class:ServerSocketFactory
Wrapper function for accept(). This allows us to trap and translate exceptions if necessary- Specified by:
acceptSocket
in classServerSocketFactory
- Throws:
IOException
-
handshake
public void handshake(Socket sock) throws IOException
Description copied from class:ServerSocketFactory
Extra function to initiate the handshake. Sometimes necessary for SSL- Specified by:
handshake
in classServerSocketFactory
- Throws:
IOException
-
getEnabledCiphers
protected String[] getEnabledCiphers(String requestedCiphers, String[] supportedCiphers)
Determines the SSL cipher suites to be enabled.- Parameters:
requestedCiphers
- Comma-separated list of requested cipherssupportedCiphers
- Array of supported ciphers- Returns:
- Array of SSL cipher suites to be enabled, or null if none of the requested ciphers are supported
-
getKeystorePassword
protected String getKeystorePassword()
Gets the SSL server's keystore password.
-
getKeystore
protected ArrayList<KeyStore> getKeystore(String pass) throws IOException
Gets the SSL server's keystores.- Returns:
- ArrayList of keystores.
- Throws:
IOException
-
getTruststorePassword
protected String getTruststorePassword()
-
getTrustStore
protected KeyStore[] getTrustStore() throws IOException
Gets the SSL server's truststore.- Returns:
- Array of truststores.
- Throws:
IOException
-
init
public abstract void init() throws IOException
Reads the keystore and initializes the SSL socket factory. Place holder method to initialize the KeyStore, etc.- Specified by:
init
in classServerSocketFactory
- Throws:
IOException
-
getEnabledProtocols
protected abstract String[] getEnabledProtocols(SSLServerSocket socket, String requestedProtocols)
Determines the SSL protocol variants to be enabled.- Parameters:
socket
- The socket to get supported list from.requestedProtocols
- Comma-separated list of requested SSL protocol variants- Returns:
- Array of SSL protocol variants to be enabled, or null if none of the requested protocol variants are supported
-
setEnabledProtocols
protected abstract void setEnabledProtocols(SSLServerSocket socket, String[] protocols)
Set the SSL protocol variants to be enabled.- Parameters:
socket
- the SSLServerSocket.protocols
- the protocols to use.
-
initServerSocket
protected void initServerSocket(ServerSocket ssocket)
Configures the given SSL server socket with the requested cipher suites, protocol versions, and need for client authentication
-
-