|
1
7 package org.jboss.security.ssl;
8
9 import java.io.IOException  ;
10 import java.net.InetAddress ;
11 import java.net.Socket ;
12 import java.net.UnknownHostException ;
13 import java.util.Arrays ;
14 import javax.naming.InitialContext ;
15 import javax.net.SocketFactory;
16 import javax.net.ssl.HandshakeCompletedEvent;
17 import javax.net.ssl.HandshakeCompletedListener;
18 import javax.net.ssl.SSLContext;
19 import javax.net.ssl.SSLSession;
20 import javax.net.ssl.SSLSocket;
21 import javax.net.ssl.SSLSocketFactory;
22
23 import org.jboss.logging.Logger;
24 import org.jboss.security.SecurityDomain;
25
26
39 public class DomainSocketFactory
40 extends SSLSocketFactory
41 implements HandshakeCompletedListener
42 {
43 private static Logger log = Logger.getLogger(DomainSocketFactory.class);
44 private transient SecurityDomain securityDomain;
45 private transient SSLContext sslCtx = null;
46 private boolean wantsClientAuth = true;
47 private boolean needsClientAuth = false;
48
49
53 public DomainSocketFactory()
54 {
55 }
56
57
61 public DomainSocketFactory(SecurityDomain securityDomain)
62 throws IOException
63 {
64 if( securityDomain == null )
65 throw new IOException ("The securityDomain may not be null");
66 this.securityDomain = securityDomain;
67 }
68
69 public SecurityDomain getSecurityDomain()
70 {
71 return securityDomain;
72 }
73
74 public void setSecurityDomain(SecurityDomain securityDomain)
75 {
76 this.securityDomain = securityDomain;
77 }
78
79 public boolean isWantsClientAuth()
80 {
81 return wantsClientAuth;
82 }
83 public void setWantsClientAuth(boolean wantsClientAuth)
84 {
85 this.wantsClientAuth = wantsClientAuth;
86 }
87
88 public boolean isNeedsClientAuth()
89 {
90 return needsClientAuth;
91 }
92 public void setNeedsClientAuth(boolean needsClientAuth)
93 {
94 this.needsClientAuth = needsClientAuth;
95 }
96
97
99
107 public Socket createSocket(String serverHost, int serverPort)
108 throws IOException , UnknownHostException
109 {
110 InetAddress serverAddr = InetAddress.getByName(serverHost);
111 return this.createSocket(serverAddr, serverPort);
112 }
113
114 public Socket createSocket(String serverHost, int serverPort,
115 InetAddress clientAddr, int clientPort)
116 throws IOException , UnknownHostException
117 {
118 InetAddress serverAddr = InetAddress.getByName(serverHost);
119 return this.createSocket(serverAddr, serverPort, clientAddr, clientPort);
120 }
121
122 public Socket createSocket(InetAddress serverAddr, int serverPort)
123 throws IOException
124 {
125 return this.createSocket(serverAddr, serverPort, null, 0);
126 }
127
128 public Socket createSocket(InetAddress serverAddr, int serverPort,
129 InetAddress clientAddr, int clientPort)
130 throws IOException
131 {
132 initSSLContext();
133 SSLSocketFactory factory = sslCtx.getSocketFactory();
134 SSLSocket socket =
135 (SSLSocket)factory.createSocket(serverAddr, serverPort,
136 clientAddr, clientPort);
137 String [] supportedProtocols = socket.getSupportedProtocols();
138 log.debug("Supported protocols: " + Arrays.asList(supportedProtocols));
139 String [] protocols = supportedProtocols; socket.setEnabledProtocols(protocols);
141 socket.addHandshakeCompletedListener(this);
142 socket.setNeedClientAuth(needsClientAuth);
143 socket.setWantClientAuth(wantsClientAuth);
144 return socket;
145 }
146
147 public Socket createSocket(Socket s, String host,
148 int port, boolean autoClose)
149 throws IOException
150 {
151 initSSLContext();
152 SSLSocketFactory factory = sslCtx.getSocketFactory();
153 SSLSocket socket =
154 (SSLSocket)factory.createSocket(s, host, port, autoClose);
155 socket.addHandshakeCompletedListener(this);
156 return socket;
157 }
158
159 public String [] getDefaultCipherSuites()
160 {
161 String [] cipherSuites = {};
162 try
163 {
164 initSSLContext();
165 SSLSocketFactory factory = sslCtx.getSocketFactory();
166 cipherSuites = factory.getDefaultCipherSuites();
167 }
168 catch(IOException e)
169 {
170 log.error("Failed to get default SSLSocketFactory", e);
171 }
172 return cipherSuites;
173 }
174
175 public String [] getSupportedCipherSuites()
176 {
177 String [] cipherSuites = {};
178 try
179 {
180 initSSLContext();
181 SSLSocketFactory factory = sslCtx.getSocketFactory();
182 cipherSuites = factory.getSupportedCipherSuites();
183 }
184 catch(IOException e)
185 {
186 log.error("Failed to get default SSLSocketFactory", e);
187 }
188 return cipherSuites;
189 }
190
191
195 public static SocketFactory getDefault()
196 {
197 DomainSocketFactory ssf = null;
198 try
199 {
200 InitialContext iniCtx = new InitialContext ();
201 SecurityDomain sd = (SecurityDomain)iniCtx.lookup("java:/jaas/other");
202 ssf = new DomainSocketFactory(sd);
203 }
204 catch(Exception e)
205 {
206 log.error("Failed to create default SocketFactory", e);
207 }
208 return ssf;
209 }
210
211
213 public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
214 {
215 Logger log = Logger.getLogger(ClientSocketFactory.class);
216 if( log.isTraceEnabled() )
217 {
218 String cipher = handshakeCompletedEvent.getCipherSuite();
219 SSLSession session = handshakeCompletedEvent.getSession();
220 String peerHost = session.getPeerHost();
221 log.debug("SSL handshakeCompleted, cipher="+cipher
222 +", peerHost="+peerHost);
223 }
224 }
225
226
228 private void initSSLContext()
229 throws IOException
230 {
231 if( sslCtx != null )
232 return;
233 sslCtx = Context.forDomain(securityDomain);
234 }
235
236 }
237 |
Popular Tags |
Java API By Example, From Geeks To Geeks.