SslTransportFactory


1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.activemq.transport.tcp;
18  
19  import org.apache.activemq.wireformat.WireFormat;
20  import org.apache.activemq.openwire.OpenWireFormat;
21  import org.apache.activemq.transport.InactivityMonitor;
22  import org.apache.activemq.transport.Transport;
23  import org.apache.activemq.transport.TransportLogger;
24  import org.apache.activemq.transport.TransportServer;
25  import org.apache.activemq.transport.WireFormatNegotiator;
26  import org.apache.activemq.util.IOExceptionSupport;
27  import org.apache.activemq.util.IntrospectionSupport;
28  import org.apache.activemq.util.URISupport;
29  import org.apache.commons.logging.Log;
30  import org.apache.commons.logging.LogFactory;
31  
32  import java.io.IOException  ;
33  import java.net.URI  ;
34  import java.net.URISyntaxException  ;
35  import java.net.UnknownHostException  ;
36  import java.security.KeyManagementException  ;
37  import java.security.NoSuchAlgorithmException  ;
38  import java.security.SecureRandom  ;
39  import java.util.HashMap  ;
40  import java.util.Iterator  ;
41  import java.util.Map  ;
42  
43  import javax.net.ServerSocketFactory;
44  import javax.net.SocketFactory;
45  import javax.net.ssl.SSLContext;
46  import javax.net.ssl.KeyManager;
47  import javax.net.ssl.SSLServerSocketFactory;
48  import javax.net.ssl.SSLSocketFactory;
49  import javax.net.ssl.TrustManager;
50  
51  /**
52   * An implementation of the TcpTransportFactory using SSL.
53   * 
54   * The major contribution from this class is that it is aware of SslTransportServer and SslTransport classes.
55   * All Transports and TransportServers created from this factory will have their needClientAuth option set to false.
56   * 
57   * @author sepandm@gmail.com (Sepand)
58   * @version $Revision: $
59   */
60  public class SslTransportFactory extends TcpTransportFactory {
61      // The context used to creat ssl sockets.
62      private SSLContext sslContext = null;
63      
64      // The log this uses.,
65      private static final Log log = LogFactory.getLog(SslTransportFactory.class);
66      
67      /**
68       * Constructor. Nothing special.
69       *
70       */
71      public SslTransportFactory() {
72      }
73      
74      /**
75       * Overriding to use SslTransportServer and allow for proper reflection.
76       */
77      public TransportServer doBind(String   brokerId, final URI   location) throws IOException   {
78          try {
79              Map   options = new HashMap  (URISupport.parseParamters(location));
80  
81              ServerSocketFactory serverSocketFactory = createServerSocketFactory();
82              SslTransportServer server =
83                  new SslTransportServer(this, location, (SSLServerSocketFactory)serverSocketFactory);  
84              server.setWireFormatFactory(createWireFormatFactory(options));
85              IntrospectionSupport.setProperties(server, options);
86              Map   transportOptions = IntrospectionSupport.extractProperties(options, "transport.");
87              server.setTransportOption(transportOptions);
88              server.bind();
89              
90              return server;
91          }
92          catch (URISyntaxException   e) {
93              throw IOExceptionSupport.create(e);
94          }
95      }
96      
97      /**
98       * Overriding to allow for proper configuration through reflection.
99       */
100     public Transport compositeConfigure(Transport transport, WireFormat format, Map   options) {
101         
102         SslTransport sslTransport = (SslTransport) transport.narrow(SslTransport.class);
103         IntrospectionSupport.setProperties(sslTransport, options);
104         
105         Map   socketOptions = IntrospectionSupport.extractProperties(options, "socket.");
106         
107         sslTransport.setSocketOptions(socketOptions);
108 
109         if (sslTransport.isTrace()) {
110             transport = new TransportLogger(transport);
111         }
112 
113         transport = new InactivityMonitor(transport);
114 
115         // Only need the WireFormatNegotiator if using openwire
116         if (format instanceof OpenWireFormat) {
117             transport = new WireFormatNegotiator(transport, (OpenWireFormat)format, sslTransport.getMinmumWireFormatVersion());
118         }
119         
120         return transport;
121     }
122     
123     /**
124      * Overriding to use SslTransports.
125      */
126     protected Transport createTransport(URI   location,WireFormat wf) throws UnknownHostException  ,IOException  {
127         URI   localLocation = null;
128         String   path = location.getPath();
129         // see if the path is a local URI location
130         if (path != null && path.length() > 0) {
131             int localPortIndex = path.indexOf(':');
132             try {
133                 Integer.parseInt(path.substring((localPortIndex + 1), path.length()));
134                 String   localString = location.getScheme() + ":/" + path;
135                 localLocation = new URI  (localString);
136             }
137             catch (Exception   e) {
138                 log.warn("path isn't a valid local location for SslTransport to use", e);
139             }
140         }
141         SocketFactory socketFactory = createSocketFactory();
142         return new SslTransport(wf, (SSLSocketFactory)socketFactory, location, localLocation, false);
143     }
144     
145     /**
146      * Sets the key and trust managers used in constructed socket factories.
147      * 
148      * Passes given arguments to SSLContext.init(...).
149      * 
150      * @param km The sources of authentication keys or null.
151      * @param tm The sources of peer authentication trust decisions or null.
152      * @param random The source of randomness for this generator or null.
153      */
154     public void setKeyAndTrustManagers(KeyManager[] km, TrustManager[] tm, SecureRandom   random) throws KeyManagementException   {
155         // Killing old context and making a new one just to be safe.
156         try {
157             sslContext = SSLContext.getInstance("TLS");
158         } catch (NoSuchAlgorithmException   e) {
159             // This should not happen unless this class is improperly modified.
160             throw new RuntimeException  ("Unknown SSL algorithm encountered.", e);
161         }
162         sslContext.init(km, tm, random);
163     }
164     
165     /**
166      * Creates a new SSL ServerSocketFactory.
167      * 
168      * The given factory will use user-provided key and trust managers (if the user provided them).
169      * 
170      * @return Newly created (Ssl)ServerSocketFactory.
171      */
172     protected ServerSocketFactory createServerSocketFactory() {
173         if (sslContext == null) {
174             return SSLServerSocketFactory.getDefault();
175         }
176         else
177             return sslContext.getServerSocketFactory();
178     }
179 
180     /**
181      * Creates a new SSL SocketFactory.
182      * 
183      * The given factory will use user-provided key and trust managers (if the user provided them).
184      * 
185      * @return Newly created (Ssl)SocketFactory.
186      */
187     protected SocketFactory createSocketFactory() {
188         if ( sslContext == null ) {
189             return SSLSocketFactory.getDefault();
190         }
191         else
192             return sslContext.getSocketFactory();
193     }
194     
195 
196 }
197
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags