Package org.apache.activemq.transport.tcp

Class SslTransportServer

  • All Implemented Interfaces:
    Runnable, Service, TransportServer, ServiceListener
    public class SslTransportServer
extends TcpTransportServer
    An SSL TransportServer. Allows for client certificate authentication (refer to setNeedClientAuth for details). NOTE: Client certificate authentication is disabled by default.

    • Constructor Detail

      • SslTransportServer

        public SslTransportServer​(SslTransportFactory transportFactory,
                          URI location,
                          SSLServerSocketFactory serverSocketFactory)
                   throws IOException,
                          URISyntaxException
        Creates a ssl transport server for the specified url using the provided serverSocketFactory
        Parameters:
        transportFactory - The factory used to create transports when connections arrive.
        location - The location of the broker to bind to.
        serverSocketFactory - The factory used to create this server.
        Throws:
        IOException - passed up from TcpTransportFactory.
        URISyntaxException - passed up from TcpTransportFactory.

    • Method Detail

      • setNeedClientAuth

        public void setNeedClientAuth​(boolean needAuth)
        Sets whether client authentication should be required Must be called before bind() Note: Calling this method clears the wantClientAuth flag in the underlying implementation.

      • getNeedClientAuth

        public boolean getNeedClientAuth()
        Returns whether client authentication should be required.

      • getWantClientAuth

        public boolean getWantClientAuth()
        Returns whether client authentication should be requested.

      • setWantClientAuth

        public void setWantClientAuth​(boolean wantAuth)
        Sets whether client authentication should be requested. Must be called before bind() Note: Calling this method clears the needClientAuth flag in the underlying implementation.

      • bind

        public void bind()
          throws IOException
        Binds this socket to the previously specified URI. Overridden to allow for proper handling of needClientAuth.
        Overrides:
        bind in class TcpTransportServer
        Throws:
        IOException - passed up from TcpTransportServer.

      • createTransport

        protected Transport createTransport​(Socket socket,
                                    WireFormat format)
                             throws IOException
        Used to create Transports for this server. Overridden to allow the use of SslTransports (instead of TcpTransports).
        Overrides:
        createTransport in class TcpTransportServer
        Parameters:
        socket - The incoming socket that will be wrapped into the new Transport.
        format - The WireFormat being used.
        Returns:
        The newly return (SSL) Transport.
        Throws:
        IOException

      • isSslServer

        public boolean isSslServer()
        Description copied from interface: TransportServer
        For TransportServers that provide SSL connections to their connected peers they should return true here if and only if they populate the ConnectionInfo command presented to the Broker with the peers certificate chain so that the broker knows it can use that information to authenticate the connected peer.
        Specified by:
        isSslServer in interface TransportServer
        Overrides:
        isSslServer in class TcpTransportServer
        Returns:
        true if this transport server provides SSL level security over its connections.