Package org.apache.activemq.transport.tcp

Class SslTransportServer

java.lang.Object
org.apache.activemq.util.ServiceSupport
org.apache.activemq.transport.TransportServerSupport
org.apache.activemq.transport.TransportServerThreadSupport
org.apache.activemq.transport.tcp.TcpTransportServer
org.apache.activemq.transport.tcp.SslTransportServer
All Implemented Interfaces:
Runnable, Service, TransportServer, ServiceListener
public class SslTransportServer extends TcpTransportServer
An SSL TransportServer. Allows for client certificate authentication (refer to setNeedClientAuth for details). NOTE: Client certificate authentication is disabled by default.

  • Constructor Details

    • SslTransportServer

      public SslTransportServer(SslTransportFactory transportFactory, URI location, SSLServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException
      Creates a ssl transport server for the specified url using the provided serverSocketFactory
      Parameters:
      transportFactory - The factory used to create transports when connections arrive.
      location - The location of the broker to bind to.
      serverSocketFactory - The factory used to create this server.
      Throws:
      IOException - passed up from TcpTransportFactory.
      URISyntaxException - passed up from TcpTransportFactory.

  • Method Details

    • setNeedClientAuth

      public void setNeedClientAuth(boolean needAuth)
      Sets whether client authentication should be required Must be called before bind() Note: Calling this method clears the wantClientAuth flag in the underlying implementation.

    • getNeedClientAuth

      public boolean getNeedClientAuth()
      Returns whether client authentication should be required.

    • getWantClientAuth

      public boolean getWantClientAuth()
      Returns whether client authentication should be requested.

    • setWantClientAuth

      public void setWantClientAuth(boolean wantAuth)
      Sets whether client authentication should be requested. Must be called before bind() Note: Calling this method clears the needClientAuth flag in the underlying implementation.

    • bind

      public void bind() throws IOException
      Binds this socket to the previously specified URI. Overridden to allow for proper handling of needClientAuth.
      Overrides:
      bind in class TcpTransportServer
      Throws:
      IOException - passed up from TcpTransportServer.

    • createTransport

      protected Transport createTransport(Socket socket, WireFormat format) throws IOException
      Used to create Transports for this server. Overridden to allow the use of SslTransports (instead of TcpTransports).
      Overrides:
      createTransport in class TcpTransportServer
      Parameters:
      socket - The incoming socket that will be wrapped into the new Transport.
      format - The WireFormat being used.
      Returns:
      The newly return (SSL) Transport.
      Throws:
      IOException

    • isSslServer

      public boolean isSslServer()
      Description copied from interface: TransportServer
      For TransportServers that provide SSL connections to their connected peers they should return true here if and only if they populate the ConnectionInfo command presented to the Broker with the peers certificate chain so that the broker knows it can use that information to authenticate the connected peer.
      Specified by:
      isSslServer in interface TransportServer
      Overrides:
      isSslServer in class TcpTransportServer
      Returns:
      true if this transport server provides SSL level security over its connections.