KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > axis > components > net > SunJSSESocketFactory


1 /*
2  * Copyright 2001-2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */

16 package org.apache.axis.components.net;
17
18 import java.io.FileInputStream JavaDoc;
19 import java.io.FileNotFoundException JavaDoc;
20 import java.io.IOException JavaDoc;
21 import java.io.InputStream JavaDoc;
22 import java.security.KeyStore JavaDoc;
23 import java.security.Security JavaDoc;
24 import java.util.Hashtable JavaDoc;
25
26 import com.sun.net.ssl.SSLContext;
27
28 /**
29  * SSL socket factory. It _requires_ a valid RSA key and
30  * JSSE. (borrowed code from tomcat)
31  *
32  * @author Davanum Srinivas (dims@yahoo.com)
33  */

34 public class SunJSSESocketFactory extends JSSESocketFactory implements SecureSocketFactory {
35
36     /** Field keystoreType */
37     private String JavaDoc keystoreType;
38
39     /** Field defaultKeystoreType */
40     static String JavaDoc defaultKeystoreType = "JKS";
41
42     /** Field defaultProtocol */
43     static String JavaDoc defaultProtocol = "TLS";
44
45     /** Field defaultAlgorithm */
46     static String JavaDoc defaultAlgorithm = "SunX509";
47
48     /** Field defaultClientAuth */
49     static boolean defaultClientAuth = false;
50
51     /** Field clientAuth */
52     private boolean clientAuth = false;
53
54     /** Field defaultKeystoreFile */
55     static String JavaDoc defaultKeystoreFile =
56         System.getProperty("user.home") + "/.keystore";
57
58     /** Field defaultKeyPass */
59     static String JavaDoc defaultKeyPass = "changeit";
60
61     /**
62      * Constructor JSSESocketFactory
63      *
64      * @param attributes
65      */

66     public SunJSSESocketFactory(Hashtable JavaDoc attributes) {
67         super(attributes);
68     }
69
70     /**
71      * Read the keystore, init the SSL socket factory
72      *
73      * @throws IOException
74      */

75     protected void initFactory() throws IOException JavaDoc {
76
77         try {
78             Security.addProvider(new sun.security.provider.Sun());
79             Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
80
81             //Configuration specified in wsdd.
82
SSLContext context = getContext();
83             sslFactory = context.getSocketFactory();
84         } catch (Exception JavaDoc e) {
85             if (e instanceof IOException JavaDoc) {
86                 throw (IOException JavaDoc) e;
87             }
88             throw new IOException JavaDoc(e.getMessage());
89         }
90     }
91
92     /**
93      * gets a SSL Context
94      *
95      * @return SSLContext
96      * @throws Exception
97      */

98     protected SSLContext getContext() throws Exception JavaDoc {
99         
100         if(attributes == null) {
101             SSLContext context =
102                     com.sun.net.ssl.SSLContext.getInstance("SSL"); // SSL
103
// init context with the key managers
104
context.init(null, null, null);
105             return context;
106         }
107         
108         // Please don't change the name of the attribute - other
109
// software may depend on it ( j2ee for sure )
110
String JavaDoc keystoreFile = (String JavaDoc) attributes.get("keystore");
111         if (keystoreFile == null) {
112             keystoreFile = defaultKeystoreFile;
113         }
114
115         keystoreType = (String JavaDoc) attributes.get("keystoreType");
116         if (keystoreType == null) {
117             keystoreType = defaultKeystoreType;
118         }
119
120         // determine whether we want client authentication
121
// the presence of the attribute enables client auth
122
clientAuth = null != (String JavaDoc) attributes.get("clientauth");
123         String JavaDoc keyPass = (String JavaDoc) attributes.get("keypass");
124         if (keyPass == null) {
125             keyPass = defaultKeyPass;
126         }
127
128         String JavaDoc keystorePass = (String JavaDoc) attributes.get("keystorePass");
129         if (keystorePass == null) {
130             keystorePass = keyPass;
131         }
132
133         // protocol for the SSL ie - TLS, SSL v3 etc.
134
String JavaDoc protocol = (String JavaDoc) attributes.get("protocol");
135         if (protocol == null) {
136             protocol = defaultProtocol;
137         }
138
139         // Algorithm used to encode the certificate ie - SunX509
140
String JavaDoc algorithm = (String JavaDoc) attributes.get("algorithm");
141         if (algorithm == null) {
142             algorithm = defaultAlgorithm;
143         }
144
145         // You can't use ssl without a server certificate.
146
// Create a KeyStore ( to get server certs )
147
KeyStore JavaDoc kstore = initKeyStore(keystoreFile, keystorePass);
148
149         // Key manager will extract the server key
150
com.sun.net.ssl.KeyManagerFactory kmf =
151                 com.sun.net.ssl.KeyManagerFactory.getInstance(algorithm);
152
153         kmf.init(kstore, keyPass.toCharArray());
154
155         // If client authentication is needed, set up TrustManager
156
com.sun.net.ssl.TrustManager[] tm = null;
157
158         if (clientAuth) {
159             com.sun.net.ssl.TrustManagerFactory tmf =
160                     com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509");
161
162             tmf.init(kstore);
163             tm = tmf.getTrustManagers();
164         }
165
166         // Create a SSLContext ( to create the ssl factory )
167
// This is the only way to use server sockets with JSSE 1.0.1
168
SSLContext context =
169                 com.sun.net.ssl.SSLContext.getInstance(protocol); // SSL
170

171         // init context with the key managers
172
context.init(kmf.getKeyManagers(), tm,
173                 new java.security.SecureRandom JavaDoc());
174         return context;
175     }
176
177     /**
178      * intializes a keystore.
179      *
180      * @param keystoreFile
181      * @param keyPass
182      *
183      * @return keystore
184      * @throws IOException
185      */

186     private KeyStore JavaDoc initKeyStore(String JavaDoc keystoreFile, String JavaDoc keyPass)
187             throws IOException JavaDoc {
188         try {
189             KeyStore JavaDoc kstore = KeyStore.getInstance(keystoreType);
190
191             InputStream JavaDoc istream = new FileInputStream JavaDoc(keystoreFile);
192             kstore.load(istream, keyPass.toCharArray());
193             return kstore;
194         } catch (FileNotFoundException JavaDoc fnfe) {
195             throw fnfe;
196         } catch (IOException JavaDoc ioe) {
197             throw ioe;
198         } catch (Exception JavaDoc ex) {
199             ex.printStackTrace();
200             throw new IOException JavaDoc("Exception trying to load keystore "
201                     + keystoreFile + ": " + ex.getMessage());
202         }
203     }
204 }
205
Popular Tags