Class SslTransportServer
java.lang.Object
org.apache.activemq.util.ServiceSupport
org.apache.activemq.transport.TransportServerSupport
org.apache.activemq.transport.TransportServerThreadSupport
org.apache.activemq.transport.tcp.TcpTransportServer
org.apache.activemq.transport.tcp.SslTransportServer
- All Implemented Interfaces:
Runnable
,Service
,TransportServer
,ServiceListener
An SSL TransportServer.
Allows for client certificate authentication (refer to setNeedClientAuth for
details).
NOTE: Client certificate authentication is disabled by default.
-
Nested Class Summary
Nested classes/interfaces inherited from class org.apache.activemq.transport.tcp.TcpTransportServer
TcpTransportServer.TransportInfo
-
Field Summary
Fields inherited from class org.apache.activemq.transport.tcp.TcpTransportServer
allowLinkStealing, backlog, connectionTimeout, currentTransportCount, dynamicManagement, jmxPort, logWriterName, maximumConnections, maximumConnectionsExceededCount, maxInactivityDuration, maxInactivityDurationInitalDelay, minmumWireFormatVersion, selector, serverSocket, serverSocketFactory, socketBufferSize, socketHandlerThread, socketQueue, soTimeout, startLogging, trace, transportFactory, useQueueForAccept, verifyHostName, wireFormatFactory
Fields inherited from class org.apache.activemq.transport.TransportServerSupport
transportOptions
-
Constructor Summary
ConstructorDescriptionSslTransportServer
(SslTransportFactory transportFactory, URI location, SSLServerSocketFactory serverSocketFactory) Creates a ssl transport server for the specified url using the provided serverSocketFactory -
Method Summary
Modifier and TypeMethodDescriptionvoid
bind()
Binds this socket to the previously specified URI.protected Transport
createTransport
(Socket socket, WireFormat format) Used to create Transports for this server.boolean
Returns whether client authentication should be required.boolean
Returns whether client authentication should be requested.boolean
For TransportServers that provide SSL connections to their connected peers they should return true here if and only if they populate the ConnectionInfo command presented to the Broker with the peers certificate chain so that the broker knows it can use that information to authenticate the connected peer.void
setNeedClientAuth
(boolean needAuth) Sets whether client authentication should be required Must be called beforebind()
Note: Calling this method clears the wantClientAuth flag in the underlying implementation.void
setWantClientAuth
(boolean wantAuth) Sets whether client authentication should be requested.Methods inherited from class org.apache.activemq.transport.tcp.TcpTransportServer
configureTransport, doHandleSocket, doStart, doStop, getBacklog, getConnectionTimeout, getCurrentTransportCount, getJmxPort, getLogWriterName, getMaxConnectionExceededCount, getMaximumConnections, getMaxInactivityDuration, getMaxInactivityDurationInitalDelay, getMinmumWireFormatVersion, getSocketAddress, getSocketBufferSize, getSoTimeout, getWireFormatFactory, handleSocket, isAllowLinkStealing, isDynamicManagement, isStartLogging, isTrace, isUseQueueForAccept, resetStatistics, resolveHostName, run, setAllowLinkStealing, setBacklog, setBrokerInfo, setConnectionTimeout, setDynamicManagement, setJmxPort, setLogWriterName, setMaximumConnections, setMaxInactivityDuration, setMaxInactivityDurationInitalDelay, setMinmumWireFormatVersion, setSocketBufferSize, setSoTimeout, setStartLogging, setTrace, setUseQueueForAccept, setWireFormatFactory, started, stopped, toString
Methods inherited from class org.apache.activemq.transport.TransportServerThreadSupport
getStackSize, isDaemon, isJoinOnStop, setDaemon, setJoinOnStop, setStackSize
Methods inherited from class org.apache.activemq.transport.TransportServerSupport
getAcceptListener, getBindLocation, getConnectURI, onAcceptError, setAcceptListener, setBindLocation, setConnectURI, setTransportOption
Methods inherited from class org.apache.activemq.util.ServiceSupport
addServiceListener, dispose, isStarted, isStopped, isStopping, postStop, preStart, removeServiceListener, start, stop
-
Constructor Details
-
SslTransportServer
public SslTransportServer(SslTransportFactory transportFactory, URI location, SSLServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException Creates a ssl transport server for the specified url using the provided serverSocketFactory- Parameters:
transportFactory
- The factory used to create transports when connections arrive.location
- The location of the broker to bind to.serverSocketFactory
- The factory used to create this server.- Throws:
IOException
- passed up from TcpTransportFactory.URISyntaxException
- passed up from TcpTransportFactory.
-
-
Method Details
-
setNeedClientAuth
public void setNeedClientAuth(boolean needAuth) Sets whether client authentication should be required Must be called beforebind()
Note: Calling this method clears the wantClientAuth flag in the underlying implementation. -
getNeedClientAuth
public boolean getNeedClientAuth()Returns whether client authentication should be required. -
getWantClientAuth
public boolean getWantClientAuth()Returns whether client authentication should be requested. -
setWantClientAuth
public void setWantClientAuth(boolean wantAuth) Sets whether client authentication should be requested. Must be called beforebind()
Note: Calling this method clears the needClientAuth flag in the underlying implementation. -
bind
Binds this socket to the previously specified URI. Overridden to allow for proper handling of needClientAuth.- Overrides:
bind
in classTcpTransportServer
- Throws:
IOException
- passed up from TcpTransportServer.
-
createTransport
Used to create Transports for this server. Overridden to allow the use of SslTransports (instead of TcpTransports).- Overrides:
createTransport
in classTcpTransportServer
- Parameters:
socket
- The incoming socket that will be wrapped into the new Transport.format
- The WireFormat being used.- Returns:
- The newly return (SSL) Transport.
- Throws:
IOException
-
isSslServer
public boolean isSslServer()Description copied from interface:TransportServer
For TransportServers that provide SSL connections to their connected peers they should return true here if and only if they populate the ConnectionInfo command presented to the Broker with the peers certificate chain so that the broker knows it can use that information to authenticate the connected peer.- Specified by:
isSslServer
in interfaceTransportServer
- Overrides:
isSslServer
in classTcpTransportServer
- Returns:
- true if this transport server provides SSL level security over its connections.
-