AsTlsClientEnvSetter


1   /*
2    * The contents of this file are subject to the terms 
3    * of the Common Development and Distribution License 
4    * (the License).  You may not use this file except in
5    * compliance with the License.
6    * 
7    * You can obtain a copy of the license at 
8    * https://glassfish.dev.java.net/public/CDDLv1.0.html or
9    * glassfish/bootstrap/legal/CDDLv1.0.txt.
10   * See the License for the specific language governing 
11   * permissions and limitations under the License.
12   * 
13   * When distributing Covered Code, include this CDDL 
14   * Header Notice in each file and include the License file 
15   * at glassfish/bootstrap/legal/CDDLv1.0.txt.  
16   * If applicable, add the following below the CDDL Header, 
17   * with the fields enclosed by brackets [] replaced by
18   * you own identifying information: 
19   * "Portions Copyrighted [year] [name of copyright owner]"
20   * 
21   * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
22   */
23  
24  /*
25   * AsTlsClientEnvSetter.java
26   * Indentation Information:
27   * 0. Please (try to) preserve these settings.
28   * 1. No tabs are used, all spaces.
29   * 2. In vi/vim -
30   *      :set tabstop=4 :set shiftwidth=4 :set softtabstop=4
31   * 3. In S1 Studio -
32   *      1. Tools->Options->Editor Settings->Java Editor->Tab Size = 4
33   *      2. Tools->Options->Indentation Engines->Java Indentation Engine->Expand Tabs to Spaces = True.
34   *      3. Tools->Options->Indentation Engines->Java Indentation Engine->Number of Spaces per Tab = 4.
35   * Unit Testing Information:
36   * 0. Is Standard Unit Test Written (y/n): No
37   * 1. Unit Test Location: (The instructions should be in the Unit Test Class itself).
38   */
39  
40  package com.sun.enterprise.admin.server.core.jmx.ssl;
41  import javax.net.ssl.HandshakeCompletedListener;
42  import javax.net.ssl.TrustManager;
43  /* from admin-core/mbeanapi -- for RMI/TLS communication */
44  import com.sun.enterprise.admin.jmx.remote.https.SunOneBasicX509TrustManager;
45  import com.sun.appserv.management.client.AdminRMISSLClientSocketFactory;
46  import com.sun.appserv.management.client.AdminRMISSLClientSocketFactoryEnvImpl;
47  import com.sun.appserv.management.client.HandshakeCompletedListenerImpl;
48  //caution
49  //import com.sun.appserv.management.client.TrustAnyTrustManager;
50  /* from admin-core/mbeanapi -- for RMI/TLS communication */
51  
52  /** This class is meant specifically for the setup of client side environment when
53   * the server end of system jmx connector is started with TLS on. This means that
54   * the custom RMI/SSL socket factory is going to be downloaded to the node agent
55   * VM and then the client socket creation will happen. 
56   * <p>
57   * Really speaking RMI Custom Socket Factory provision has some loopholes in it in that if the factory stub is 
58   * downloaded from server, then there is no way to "configure" it from the standpoint
59   * of HandshakeCompletedListener and TrustManager provision. (Unless there were
60   * some standard classes to do it).
61   * <p>
62   * Hence the downloading of stub does not work here in its true spirit, because the
63   * stub class is actually going to be available to node agent in its system class 
64   * path and hence the configuration of the same is possible.
65   * <p>
66   * What is not possible is connecting to RMI/TLS server end of system-jmx-connector
67   * by a client that does not have appserver classses in class path. But node agent
68   * is one of the internal clients to system-jmx-connector and hence there is
69   * no problem as such. But since we are really not using the "downloaded" stub, the
70   * true spirit of custom rmi client socket factories is not used.
71   * <p>
72   * The reason that this is a separate class is that the NodeAgent class that uses
73   * this one is a really large class and I did not want to add more to it. Also, since
74   * as of $Date: 2005/12/25 04:14:26 $ node agent runs the synchronization in a separate VM, this separate
75   * VM also needs to set this environment. It is not sufficient to set this environment
76   * only in Node agent. I am choosing this package for the lack of better one.
77   * <p>
78   * For the sake of uniformity, this class uses the {@link SunOneBasicX509TrustManager} which
79   * knows how to check the "server" certificate by looking into .asadmintruststore.
80   * <p>
81   * @author  Kedar.Mhaswade@sun.com
82   * @since Sun Java System Application Server 8.1ee
83   */
84  public class AsTlsClientEnvSetter {
85   
86      final AdminRMISSLClientSocketFactoryEnvImpl env;
87  
88      public AsTlsClientEnvSetter() {
89          this.env = AdminRMISSLClientSocketFactoryEnvImpl.getInstance();
90          //System.out.println("Doing RMI/TLS Client setup in this VM");
91      }
92      public void setup() {
93          //debugging is disabled
94          //enableTrace();
95          enableTrustManagement();
96          enableHandshake();
97      }
98      private void enableTrace() {
99          env.setTrace(true);
100     }
101     private void enableTrustManagement() {
102         final TrustManager[] tms = getTrustManagers();
103         env.setTrustManagers(tms);
104     }
105     private void enableHandshake() {
106         env.setHandshakeCompletedListener(new HandshakeCompletedListenerImpl());
107     }
108 
109     private TrustManager[] getTrustManagers() {
110         //return ( TrustAnyTrustManager.getInstanceArray() );
111         return ( new TrustManager[]{new SunOneBasicX509TrustManager()} );
112     }
113 }
114
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags