HttpsUrlConnector


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  
24  /* CVS information
25   * $Header: /cvs/glassfish/jmx-remote/rjmx-impl/src/java/com/sun/enterprise/admin/jmx/remote/https/HttpsUrlConnector.java,v 1.4 2005/12/25 04:26:32 tcfujii Exp $
26   * $Revision: 1.4 $
27   * $Date: 2005/12/25 04:26:32 $
28   */
29  
30  package com.sun.enterprise.admin.jmx.remote.https;
31  
32  import java.util.logging.Logger  ;
33  import java.util.Map  ;
34  import javax.management.remote.JMXServiceURL  ;
35  
36  import com.sun.enterprise.admin.jmx.remote.DefaultConfiguration;
37  import com.sun.enterprise.admin.jmx.remote.UrlConnector;
38  import com.sun.enterprise.admin.jmx.remote.https.SunOneBasicX509TrustManager;
39  import com.sun.enterprise.admin.jmx.remote.https.SunOneBasicHostNameVerifier;
40  
41  import java.lang.reflect.Constructor  ;
42  import java.security.SecureRandom  ;
43  import java.security.GeneralSecurityException  ;
44  import javax.net.ssl.HttpsURLConnection;
45  import javax.net.ssl.SSLContext;
46  import javax.net.ssl.SSLSocketFactory;
47  import javax.net.ssl.X509TrustManager;
48  import javax.net.ssl.X509KeyManager;
49  import javax.net.ssl.HostnameVerifier;
50  
51  /** A Concrete implementation of UrlConnector that uses {@link java.net.URLConnection.openConnection} and
52   * {@link javax.net.ssl.HttpsURLConnection} to communicate with the server. Sets up
53   * the {@link SSLSocketFactory} and/or {@link SSLContext} and so that Trust Manager(s), Key Manager(s)
54   * and Hostname Verifier can be customized. Refer to <a href = "http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html">
55   * JSSE Guide </a> for more details.
56   * <P>
57   * The SSLContext is configurued for "SSLv3" protocol and the server is expected
58   * to support that as the <a HREF="http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html#AppA">
59   * appendix to JSSE guide </a> suggests that this is a standard protocol.
60   *<P>
61   * Following are additional configurations:
62   * <ul>
63   * <li> Default Trust Manager used is {@link SunOneBasicX509TrustManager} which checks the server's validity. </li>
64   * <li> Key Manager allows selection of client's credentials to be sent tot he server. </li>
65   * <li> Default Hostname Vetifier is {@link SunOneBasicHostNameVerifier} which has basic defense against spoofing attack. </li> * </ul>
66   * @author Kedar Mhaswade
67   * @since S1AS8.0
68   * @version 1.0
69   */
70  
71  public class HttpsUrlConnector extends UrlConnector {
72      
73      private HostnameVerifier hv = null;
74      private X509TrustManager[] tms = null;
75      private X509KeyManager[] kms = null;
76      private SSLSocketFactory ssf = null;
77      
78      public HttpsUrlConnector(JMXServiceURL   serviceUrl, Map   environment) {
79          super(serviceUrl, environment);
80          
81          hv = (HostnameVerifier)environment.get(
82                  DefaultConfiguration.HOSTNAME_VERIFIER_PROPERTY_NAME);
83          if (hv == null) 
84              hv = new SunOneBasicHostNameVerifier(serviceUrl.getHost());
85  
86          //fetching any custom SSLSocketFactory passed through environment
87          ssf = (SSLSocketFactory)environment.get(
88                  DefaultConfiguration.SSL_SOCKET_FACTORY);
89          
90          //No custom SSLScoketFactory passed. So now fetch the X509 based managers
91          //to get the SSLSocketFactory configured using SSLContext
92          if (ssf == null) {
93              //fetching any trustmanagers passed through environment - default is 
94              //SunOneBasicX509TrustManager
95              Object   tmgr = environment.get(DefaultConfiguration.TRUST_MANAGER_PROPERTY_NAME);
96              if (tmgr instanceof X509TrustManager[]) 
97                  tms = (X509TrustManager[])tmgr;
98              else if (tmgr instanceof X509TrustManager)
99                  tms = new X509TrustManager[] { (X509TrustManager)tmgr };
100             else if (tmgr == null) {
101                 /*Class cls = Class.forName(DefaultConfiguration.DEFAULT_TRUST_MANAGER);        
102                 Constructor ctr = cls.getConstructor(new Class[] { String.class });
103                 X509TrustManager tm = (X509TrustManager) 
104                     ctr.newInstance(new Object[] {serviceUrl} );
105                 tms = new X509TrustManager[] { tm };*/
106                 tms = new X509TrustManager[] { new SunOneBasicX509TrustManager(serviceUrl, environment) };
107             }
108 
109             //fetching any keymanagers passed through environment - no defaults
110             Object   kmgr = environment.get(DefaultConfiguration.KEY_MANAGER_PROPERTY_NAME);
111             if (kmgr instanceof X509KeyManager[]) 
112                 kms = (X509KeyManager[])kmgr;
113             else if (kmgr instanceof X509KeyManager) 
114                 kms = new X509KeyManager[] { (X509KeyManager)kmgr };
115         }
116 
117         initialize();
118     }
119     
120     protected void validateJmxServiceUrl() throws RuntimeException   {
121         //additional validation
122     }
123     
124     protected void validateEnvironment() throws RuntimeException   {
125         super.validateEnvironment();
126     }
127     
128     private void initialize() {
129         if (ssf == null) {
130             SSLContext sslContext = null;
131             try {
132                 sslContext = SSLContext.getInstance("SSLv3");
133                 sslContext.init(kms, tms, new SecureRandom  ());
134             } catch(GeneralSecurityException   e) {
135                 throw new RuntimeException  (e);
136             }
137 
138             if( sslContext != null ) 
139                 HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
140             
141         } else HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
142         
143         HttpsURLConnection.setDefaultHostnameVerifier( hv );
144     }
145 }
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags