KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > activemq > transport > tcp > SslTransport


1 /**
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one or more
4  * contributor license agreements. See the NOTICE file distributed with
5  * this work for additional information regarding copyright ownership.
6  * The ASF licenses this file to You under the Apache License, Version 2.0
7  * (the "License"); you may not use this file except in compliance with
8  * the License. You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  */

18
19 package org.apache.activemq.transport.tcp;
20
21 import org.apache.activemq.command.Command;
22 import org.apache.activemq.command.ConnectionInfo;
23 import org.apache.activemq.wireformat.WireFormat;
24
25 import java.io.IOException JavaDoc;
26 import java.net.URI JavaDoc;
27 import java.net.UnknownHostException JavaDoc;
28 import java.security.cert.X509Certificate JavaDoc;
29
30 import javax.net.ssl.SSLPeerUnverifiedException;
31 import javax.net.ssl.SSLSession;
32 import javax.net.ssl.SSLSocket;
33 import javax.net.ssl.SSLSocketFactory;
34
35 /**
36  * A Transport class that uses SSL and client-side certificate authentication.
37  *
38  * Client-side certificate authentication must be enabled through the constructor.
39  * By default, this class will have the same client authentication behavior as the socket it is passed.
40  * This class will set ConnectionInfo's transportContext to the SSL certificates of the client.
41  * NOTE: Accessor method for needClientAuth was not provided on purpose. This is because needClientAuth's value must be
42  * set before the socket is connected. Otherwise, unexpected situations may occur.
43  *
44  */

45 public class SslTransport extends TcpTransport {
46     /**
47      * Connect to a remote node such as a Broker.
48      *
49      * @param wireFormat The WireFormat to be used.
50      * @param socketFactory The socket factory to be used. Forcing SSLSockets
51      * for obvious reasons.
52      * @param remoteLocation The remote location.
53      * @param localLocation The local location.
54      * @param needClientAuth If set to true, the underlying socket will need
55      * client certificate authentication.
56      * @throws UnknownHostException If TcpTransport throws.
57      * @throws IOException If TcpTransport throws.
58      */

59     public SslTransport(WireFormat wireFormat, SSLSocketFactory socketFactory, URI JavaDoc remoteLocation, URI JavaDoc localLocation, boolean needClientAuth) throws IOException JavaDoc {
60         super(wireFormat, socketFactory, remoteLocation, localLocation);
61         if (this.socket != null) {
62             ((SSLSocket)this.socket).setNeedClientAuth(needClientAuth);
63         }
64     }
65     
66     /**
67      * Initialize from a ServerSocket.
68      *
69      * No access to needClientAuth is given since it is already set within the
70      * provided socket.
71      *
72      * @param wireFormat The WireFormat to be used.
73      * @param socket The Socket to be used. Forcing SSL.
74      * @throws IOException If TcpTransport throws.
75      */

76     public SslTransport(WireFormat wireFormat, SSLSocket socket) throws IOException JavaDoc {
77         super(wireFormat, socket);
78     }
79     
80     /**
81      * Overriding in order to add the client's certificates to ConnectionInfo Commmands.
82      *
83      * @param command The Command coming in.
84      */

85     public void doConsume(Command command) {
86         // The instanceof can be avoided, but that would require modifying the
87
// Command clas tree and that would require too much effort right
88
// now.
89
if ( command instanceof ConnectionInfo ) {
90             ConnectionInfo connectionInfo = (ConnectionInfo)command;
91             
92             SSLSocket sslSocket = (SSLSocket)this.socket;
93             
94             SSLSession sslSession = sslSocket.getSession();
95             
96             X509Certificate JavaDoc[] clientCertChain;
97             try {
98                 clientCertChain =
99                     (X509Certificate JavaDoc[]) sslSession.getPeerCertificates();
100             } catch(SSLPeerUnverifiedException e) {
101                 clientCertChain = null;
102             }
103             
104             connectionInfo.setTransportContext(clientCertChain);
105         }
106
107         super.doConsume(command);
108     }
109
110     /**
111      * @return pretty print of 'this'
112      */

113     public String JavaDoc toString() {
114         return "ssl://"+socket.getInetAddress()+":"+socket.getPort();
115     }
116
117 }
118
119
Popular Tags