KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mortbay > http > SunJsseListener


1 // ========================================================================
2 // $Id: SunJsseListener.java,v 1.20 2005/08/13 00:01:24 gregwilkins Exp $
3 // Copyright 2000-2004 Mort Bay Consulting Pty. Ltd.
4 // ------------------------------------------------------------------------
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 // ========================================================================
15
16 package org.mortbay.http;
17
18 import java.io.File JavaDoc;
19 import java.io.FileInputStream JavaDoc;
20 import java.security.KeyStore JavaDoc;
21 import java.security.SecureRandom JavaDoc;
22 import java.security.Security JavaDoc;
23
24 import javax.net.ssl.SSLServerSocketFactory;
25
26 import org.apache.commons.logging.Log;
27 import org.mortbay.log.LogFactory;
28 import org.mortbay.util.InetAddrPort;
29 import org.mortbay.util.Password;
30
31 import com.sun.net.ssl.KeyManager;
32 import com.sun.net.ssl.KeyManagerFactory;
33 import com.sun.net.ssl.SSLContext;
34 import com.sun.net.ssl.TrustManager;
35 import com.sun.net.ssl.TrustManagerFactory;
36
37
38 /* ------------------------------------------------------------ */
39 /** SSL Socket Listener for Sun's JSSE.
40  *
41  * This specialization of JsseListener is an specific listener
42  * using the Sun reference implementation.
43  *
44  * This is heavily based on the work from Court Demas, which in
45  * turn is based on the work from Forge Research.
46  *
47  * @version $Id: SunJsseListener.java,v 1.20 2005/08/13 00:01:24 gregwilkins Exp $
48  * @deprecated Use org.mortbay.http.SslListener
49  * @author Greg Wilkins (gregw@mortbay.com)
50  * @author Court Demas (court@kiwiconsulting.com)
51  * @author Forge Research Pty Ltd ACN 003 491 576
52  **/
53 public class SunJsseListener extends JsseListener
54 {
55     private static Log log = LogFactory.getLog(SunJsseListener.class);
56
57     private String JavaDoc _keystore=DEFAULT_KEYSTORE ;
58     private transient Password _password;
59     private transient Password _keypassword;
60     private String JavaDoc _keystore_type = DEFAULT_KEYSTORE_TYPE;
61     private String JavaDoc _keystore_provider_name = DEFAULT_KEYSTORE_PROVIDER_NAME;
62     private String JavaDoc _keystore_provider_class = DEFAULT_KEYSTORE_PROVIDER_CLASS;
63     private boolean _useDefaultTrustStore = false;
64
65     /* ------------------------------------------------------------ */
66     static
67     {
68         Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
69     }
70
71     /* ------------------------------------------------------------ */
72     public void setKeystore(String JavaDoc keystore)
73     {
74         _keystore = keystore;
75     }
76     
77     /* ------------------------------------------------------------ */
78     public String JavaDoc getKeystore()
79     {
80         return _keystore;
81     }
82     
83     /* ------------------------------------------------------------ */
84     public void setPassword(String JavaDoc password)
85     {
86         _password = Password.getPassword(PASSWORD_PROPERTY,password,null);
87     }
88
89     /* ------------------------------------------------------------ */
90     public void setKeyPassword(String JavaDoc password)
91     {
92         _keypassword = Password.getPassword(KEYPASSWORD_PROPERTY,password,null);
93     }
94     
95     
96     /* ------------------------------------------------------------ */
97     public void setKeystoreType(String JavaDoc keystore_type)
98     {
99         _keystore_type = keystore_type;
100     }
101     
102     /* ------------------------------------------------------------ */
103     public String JavaDoc getKeystoreType()
104     {
105         return _keystore_type;
106     }
107
108     /* ------------------------------------------------------------ */
109     public void setKeystoreProviderName(String JavaDoc name)
110     {
111         _keystore_provider_name = name;
112     }
113
114     /* ------------------------------------------------------------ */
115     public String JavaDoc getKeystoreProviderName()
116     {
117         return _keystore_provider_name;
118     }
119
120     /* ------------------------------------------------------------ */
121     public String JavaDoc getKeystoreProviderClass()
122     {
123         return _keystore_provider_class;
124     }
125
126     /* ------------------------------------------------------------ */
127     public void setKeystoreProviderClass(String JavaDoc classname)
128     {
129         _keystore_provider_class = classname;
130     }
131
132     /* ------------------------------------------------------------ */
133     /**
134      * Gets the default trust store flag.
135      *
136      * @return true if the default truststore will be used to initialize the
137      * TrustManager, false otherwise.
138      */
139     public boolean getUseDefaultTrustStore()
140     {
141         return _useDefaultTrustStore;
142     }
143
144     /* ------------------------------------------------------------ */
145     /**
146      * Set a flag to determine if the default truststore should be used to
147      * initialize the TrustManager. The default truststore will typically be
148      * the ${JAVA_HOME}/jre/lib/security/cacerts.
149      *
150      * @param flag if true, the default truststore will be used. If false, the
151      * configured keystore will be used as the truststore.
152      */
153     public void setUseDefaultTrustStore(boolean flag)
154     {
155         _useDefaultTrustStore = flag;
156     }
157
158     /* ------------------------------------------------------------ */
159     /** Constructor.
160      */
161     public SunJsseListener()
162     {
163         super();
164     }
165
166     /* ------------------------------------------------------------ */
167     /** Constructor.
168      * @param p_address
169      */
170     public SunJsseListener(InetAddrPort p_address)
171     {
172         super( p_address);
173     }
174     
175     /* ------------------------------------------------------------ */
176     /*
177      * @return
178      * @exception Exception
179      */
180     protected SSLServerSocketFactory createFactory()
181         throws Exception JavaDoc
182     {
183         _keystore = System.getProperty( KEYSTORE_PROPERTY,_keystore);
184         
185         log.info(KEYSTORE_PROPERTY+"="+_keystore);
186
187         if (_password==null)
188             _password = Password.getPassword(PASSWORD_PROPERTY,null,null);
189         log.info(PASSWORD_PROPERTY+"="+_password.toStarString());
190         
191         if (_keypassword==null)
192             _keypassword = Password.getPassword(KEYPASSWORD_PROPERTY,
193                                                 null,
194                                                 _password.toString());
195         log.info(KEYPASSWORD_PROPERTY+"="+_keypassword.toStarString());
196
197
198         KeyStore JavaDoc ks = null;
199
200         log.info(KEYSTORE_TYPE_PROPERTY+"="+_keystore_type);
201         
202         if (_keystore_provider_class != null) {
203             // find provider.
204 // avoid creating another instance if already installed in Security.
205 java.security.Provider JavaDoc[] installed_providers = Security.getProviders();
206             java.security.Provider JavaDoc myprovider = null;
207             for (int i=0; i < installed_providers.length; i++) {
208                 if (installed_providers[i].getClass().getName().equals(_keystore_provider_class)) {
209                     myprovider = installed_providers[i];
210                     break;
211                 }
212             }
213             if (myprovider == null) {
214                 // not installed yet, create instance and add it
215 myprovider = (java.security.Provider JavaDoc) Class.forName(_keystore_provider_class).newInstance();
216                 Security.addProvider(myprovider);
217             }
218             log.info(KEYSTORE_PROVIDER_CLASS_PROPERTY+"="+_keystore_provider_class);
219             ks = KeyStore.getInstance(_keystore_type,myprovider.getName());
220         } else if (_keystore_provider_name != null) {
221             log.info(KEYSTORE_PROVIDER_NAME_PROPERTY+"="+_keystore_provider_name);
222             ks = KeyStore.getInstance(_keystore_type,_keystore_provider_name);
223         } else {
224             ks = KeyStore.getInstance(_keystore_type);
225             log.info(KEYSTORE_PROVIDER_NAME_PROPERTY+"=[DEFAULT]");
226         }
227         
228         ks.load( new FileInputStream JavaDoc( new File JavaDoc( _keystore ) ),
229                  _password.toString().toCharArray());
230         
231         KeyManagerFactory km = KeyManagerFactory.getInstance( "SunX509","SunJSSE");
232         km.init( ks, _keypassword.toString().toCharArray() );
233         KeyManager[] kma = km.getKeyManagers();
234         
235         TrustManagerFactory tm = TrustManagerFactory.getInstance("SunX509","SunJSSE");
236         if (_useDefaultTrustStore) {
237             tm.init( (KeyStore JavaDoc)null );
238         } else {
239             tm.init( ks );
240         }
241
242         TrustManager[] tma = tm.getTrustManagers();
243         
244         SSLContext sslc = SSLContext.getInstance( "SSL" );
245         sslc.init( kma, tma, SecureRandom.getInstance("SHA1PRNG"));
246         
247         SSLServerSocketFactory ssfc = sslc.getServerSocketFactory();
248         log.info("SSLServerSocketFactory="+ssfc);
249         return ssfc;
250     }
251 }
252
253
254
255
Popular Tags