KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sun > enterprise > admin > server > core > jmx > ssl > AsTlsClientEnvSetter


1 /*
2  * The contents of this file are subject to the terms
3  * of the Common Development and Distribution License
4  * (the License). You may not use this file except in
5  * compliance with the License.
6  *
7  * You can obtain a copy of the license at
8  * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9  * glassfish/bootstrap/legal/CDDLv1.0.txt.
10  * See the License for the specific language governing
11  * permissions and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL
14  * Header Notice in each file and include the License file
15  * at glassfish/bootstrap/legal/CDDLv1.0.txt.
16  * If applicable, add the following below the CDDL Header,
17  * with the fields enclosed by brackets [] replaced by
18  * you own identifying information:
19  * "Portions Copyrighted [year] [name of copyright owner]"
20  *
21  * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22  */

23
24 /*
25  * AsTlsClientEnvSetter.java
26  * Indentation Information:
27  * 0. Please (try to) preserve these settings.
28  * 1. No tabs are used, all spaces.
29  * 2. In vi/vim -
30  * :set tabstop=4 :set shiftwidth=4 :set softtabstop=4
31  * 3. In S1 Studio -
32  * 1. Tools->Options->Editor Settings->Java Editor->Tab Size = 4
33  * 2. Tools->Options->Indentation Engines->Java Indentation Engine->Expand Tabs to Spaces = True.
34  * 3. Tools->Options->Indentation Engines->Java Indentation Engine->Number of Spaces per Tab = 4.
35  * Unit Testing Information:
36  * 0. Is Standard Unit Test Written (y/n): No
37  * 1. Unit Test Location: (The instructions should be in the Unit Test Class itself).
38  */

39
40 package com.sun.enterprise.admin.server.core.jmx.ssl;
41 import javax.net.ssl.HandshakeCompletedListener;
42 import javax.net.ssl.TrustManager;
43 /* from admin-core/mbeanapi -- for RMI/TLS communication */
44 import com.sun.enterprise.admin.jmx.remote.https.SunOneBasicX509TrustManager;
45 import com.sun.appserv.management.client.AdminRMISSLClientSocketFactory;
46 import com.sun.appserv.management.client.AdminRMISSLClientSocketFactoryEnvImpl;
47 import com.sun.appserv.management.client.HandshakeCompletedListenerImpl;
48 //caution
49
//import com.sun.appserv.management.client.TrustAnyTrustManager;
50
/* from admin-core/mbeanapi -- for RMI/TLS communication */
51
52 /** This class is meant specifically for the setup of client side environment when
53  * the server end of system jmx connector is started with TLS on. This means that
54  * the custom RMI/SSL socket factory is going to be downloaded to the node agent
55  * VM and then the client socket creation will happen.
56  * <p>
57  * Really speaking RMI Custom Socket Factory provision has some loopholes in it in that if the factory stub is
58  * downloaded from server, then there is no way to "configure" it from the standpoint
59  * of HandshakeCompletedListener and TrustManager provision. (Unless there were
60  * some standard classes to do it).
61  * <p>
62  * Hence the downloading of stub does not work here in its true spirit, because the
63  * stub class is actually going to be available to node agent in its system class
64  * path and hence the configuration of the same is possible.
65  * <p>
66  * What is not possible is connecting to RMI/TLS server end of system-jmx-connector
67  * by a client that does not have appserver classses in class path. But node agent
68  * is one of the internal clients to system-jmx-connector and hence there is
69  * no problem as such. But since we are really not using the "downloaded" stub, the
70  * true spirit of custom rmi client socket factories is not used.
71  * <p>
72  * The reason that this is a separate class is that the NodeAgent class that uses
73  * this one is a really large class and I did not want to add more to it. Also, since
74  * as of $Date: 2005/12/25 04:14:26 $ node agent runs the synchronization in a separate VM, this separate
75  * VM also needs to set this environment. It is not sufficient to set this environment
76  * only in Node agent. I am choosing this package for the lack of better one.
77  * <p>
78  * For the sake of uniformity, this class uses the {@link SunOneBasicX509TrustManager} which
79  * knows how to check the "server" certificate by looking into .asadmintruststore.
80  * <p>
81  * @author Kedar.Mhaswade@sun.com
82  * @since Sun Java System Application Server 8.1ee
83  */

84 public class AsTlsClientEnvSetter {
85  
86     final AdminRMISSLClientSocketFactoryEnvImpl env;
87
88     public AsTlsClientEnvSetter() {
89         this.env = AdminRMISSLClientSocketFactoryEnvImpl.getInstance();
90         //System.out.println("Doing RMI/TLS Client setup in this VM");
91
}
92     public void setup() {
93         //debugging is disabled
94
//enableTrace();
95
enableTrustManagement();
96         enableHandshake();
97     }
98     private void enableTrace() {
99         env.setTrace(true);
100     }
101     private void enableTrustManagement() {
102         final TrustManager[] tms = getTrustManagers();
103         env.setTrustManagers(tms);
104     }
105     private void enableHandshake() {
106         env.setHandshakeCompletedListener(new HandshakeCompletedListenerImpl());
107     }
108
109     private TrustManager[] getTrustManagers() {
110         //return ( TrustAnyTrustManager.getInstanceArray() );
111
return ( new TrustManager[]{new SunOneBasicX509TrustManager()} );
112     }
113 }
114
Popular Tags