KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > security > ssl > DomainServerSocketFactory


1 /*
2 * JBoss, the OpenSource J2EE webOS
3 *
4 * Distributable under LGPL license.
5 * See terms of license at gnu.org.
6 */
7
8 package org.jboss.security.ssl;
9
10 import java.io.IOException JavaDoc;
11 import java.net.InetAddress JavaDoc;
12 import java.net.ServerSocket JavaDoc;
13 import java.net.UnknownHostException JavaDoc;
14 import java.util.Arrays JavaDoc;
15 import javax.naming.InitialContext JavaDoc;
16 import javax.net.ServerSocketFactory;
17 import javax.net.ssl.SSLContext;
18 import javax.net.ssl.SSLServerSocketFactory;
19 import javax.net.ssl.SSLServerSocket;
20
21 import org.jboss.logging.Logger;
22 import org.jboss.security.SecurityDomain;
23
24 /** An implementation of ServerSocketFactory that creates SSL server sockets
25  using the JSSE SSLContext and a JBossSX SecurityDomain for the KeyManagerFactory
26  and TrustManagerFactory objects.
27
28  @see javax.net.ssl.SSLContext
29  @see org.jboss.security.SecurityDomain
30
31 @author Scott.Stark@jboss.org
32 @version $Revision: 1.10.4.2 $
33 */
34 public class DomainServerSocketFactory extends SSLServerSocketFactory
35 {
36    private static Logger log = Logger.getLogger(DomainServerSocketFactory.class);
37    private transient SecurityDomain securityDomain;
38    private transient InetAddress JavaDoc bindAddress;
39    private transient SSLContext sslCtx = null;
40    private boolean wantsClientAuth = true;
41    private boolean needsClientAuth = false;
42
43    /** A default constructor for use when created by Class.newInstance. The
44     factory is not usable until its SecurityDomain has been established.
45     */
46    public DomainServerSocketFactory()
47    {
48    }
49    /** Create a socket factory instance that uses the given SecurityDomain
50     as the source for the SSL KeyManagerFactory and TrustManagerFactory.
51     */
52    public DomainServerSocketFactory(SecurityDomain securityDomain) throws IOException JavaDoc
53    {
54       if( securityDomain == null )
55          throw new IOException JavaDoc("The securityDomain may not be null");
56       this.securityDomain = securityDomain;
57    }
58
59    public String JavaDoc getBindAddress()
60    {
61       String JavaDoc address = null;
62       if( bindAddress != null )
63          address = bindAddress.getHostAddress();
64       return address;
65    }
66    public void setBindAddress(String JavaDoc host) throws UnknownHostException JavaDoc
67    {
68       bindAddress = InetAddress.getByName(host);
69    }
70
71    public SecurityDomain getSecurityDomain()
72    {
73       return securityDomain;
74    }
75    public void setSecurityDomain(SecurityDomain securityDomain)
76    {
77       this.securityDomain = securityDomain;
78    }
79
80    public boolean isWantsClientAuth()
81    {
82       return wantsClientAuth;
83    }
84    public void setWantsClientAuth(boolean wantsClientAuth)
85    {
86       this.wantsClientAuth = wantsClientAuth;
87    }
88
89    public boolean isNeedsClientAuth()
90    {
91       return needsClientAuth;
92    }
93    public void setNeedsClientAuth(boolean needsClientAuth)
94    {
95       this.needsClientAuth = needsClientAuth;
96    }
97
98 // --- Begin SSLServerSocketFactory interface methods
99 public ServerSocket JavaDoc createServerSocket(int port) throws IOException JavaDoc
100    {
101       return createServerSocket(port, 50, bindAddress);
102    }
103    public ServerSocket JavaDoc createServerSocket(int port, int backlog)
104       throws IOException JavaDoc
105    {
106       return createServerSocket(port, backlog, bindAddress);
107    }
108    /**
109     * Returns a server socket which uses only the specified network
110     * interface on the local host, is bound to a the specified port,
111     * and uses the specified connection backlog. The socket is configured
112     * with the socket options (such as accept timeout) given to this factory.
113     *
114     * @param port the port to listen to
115     * @param backlog how many connections are queued
116     * @param ifAddress the network interface address to use
117     *
118     * @exception IOException for networking errors
119     */
120    public ServerSocket JavaDoc createServerSocket(int port, int backlog, InetAddress JavaDoc ifAddress)
121       throws IOException JavaDoc
122    {
123       initSSLContext();
124       SSLServerSocketFactory factory = sslCtx.getServerSocketFactory();
125       SSLServerSocket socket = (SSLServerSocket) factory.createServerSocket(port, backlog, ifAddress);
126       String JavaDoc[] supportedProtocols = socket.getSupportedProtocols();
127       log.debug("Supported protocols: " + Arrays.asList(supportedProtocols));
128       String JavaDoc[] protocols = supportedProtocols; // {"SSLv3"};
129 socket.setEnabledProtocols(protocols);
130       socket.setNeedClientAuth(needsClientAuth);
131       socket.setWantClientAuth(wantsClientAuth);
132       return socket;
133    }
134
135    /** The default ServerSocketFactory which looks to the java:/jaas/other
136     security domain configuration.
137     */
138    public static ServerSocketFactory getDefault()
139    {
140       DomainServerSocketFactory ssf = null;
141       try
142       {
143          InitialContext JavaDoc iniCtx = new InitialContext JavaDoc();
144          SecurityDomain sd = (SecurityDomain) iniCtx.lookup("java:/jaas/other");
145          ssf = new DomainServerSocketFactory(sd);
146       }
147       catch(Exception JavaDoc e)
148       {
149          log.error("Failed to create default ServerSocketFactory", e);
150       }
151       return ssf;
152    }
153    
154    public String JavaDoc[] getDefaultCipherSuites()
155    {
156       String JavaDoc[] cipherSuites = {};
157       try
158       {
159          initSSLContext();
160          SSLServerSocketFactory factory = sslCtx.getServerSocketFactory();
161          cipherSuites = factory.getDefaultCipherSuites();
162       }
163       catch(IOException JavaDoc e)
164       {
165          log.error("Failed to get default SSLServerSocketFactory", e);
166       }
167       return cipherSuites;
168    }
169    
170    public String JavaDoc[] getSupportedCipherSuites()
171    {
172       String JavaDoc[] cipherSuites = {};
173       try
174       {
175          initSSLContext();
176          SSLServerSocketFactory factory = sslCtx.getServerSocketFactory();
177          cipherSuites = factory.getSupportedCipherSuites();
178       }
179       catch(IOException JavaDoc e)
180       {
181          log.error("Failed to get default SSLServerSocketFactory", e);
182       }
183       return cipherSuites;
184    }
185    
186 // --- End SSLServerSocketFactory interface methods
187
188    private void initSSLContext()
189       throws IOException JavaDoc
190    {
191       if( sslCtx != null )
192          return;
193       sslCtx = Context.forDomain(securityDomain);
194    }
195 }
196
Popular Tags