Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.mortbay.jetty.security
Class SslSocketConnector

java.lang.Object
  extended byorg.mortbay.component.AbstractLifeCycle
      extended byorg.mortbay.jetty.AbstractConnector
          extended byorg.mortbay.jetty.bio.SocketConnector
              extended byorg.mortbay.jetty.security.SslSocketConnector
All Implemented Interfaces:
Buffers, Connector, LifeCycle
public class SslSocketConnector
extends SocketConnector

JSSE Socket Listener. This specialization of HttpListener is an abstract listener that can be used as the basis for a specific JSSE listener. This is heavily based on the work from Court Demas, which in turn is based on the work from Forge Research.

Author:
Greg Wilkins (gregw@mortbay.com), Court Demas (court@kiwiconsulting.com), Forge Research Pty Ltd ACN 003 491 576, Jan Hlavatý

Nested Class Summary
 
Nested classes inherited from class org.mortbay.jetty.bio.SocketConnector
SocketConnector.Connection
 
Field Summary
static String DEFAULT_KEYSTORE
          Default value for the keystore location path.
static String KEYPASSWORD_PROPERTY
          String name of key password property.
static String PASSWORD_PROPERTY
          String name of keystore password property.
 
Fields inherited from class org.mortbay.jetty.bio.SocketConnector
_serverSocket
 
Fields inherited from class org.mortbay.jetty.AbstractConnector
_lowResourceMaxIdleTime, _maxIdleTime, _soLingerTime
 
Constructor Summary
SslSocketConnector()
          Constructor.
 
Method Summary
protected  void configure(Socket socket)
           
protected  SSLServerSocketFactory createFactory()
           
 void customize(EndPoint endpoint, Request request)
          Allow the Listener a chance to customise the request.
 String getAlgorithm()
           
 String[] getCipherSuites()
           
 String getKeystore()
           
 String getKeystoreType()
           
 boolean getNeedClientAuth()
           
 String getProtocol()
           
 String getProvider()
           
 boolean getWantClientAuth()
           
 boolean isConfidential(Request request)
          By default, we're confidential, given we speak SSL.
 boolean isIntegral(Request request)
          By default, we're integral, given we speak SSL.
protected  ServerSocket newServerSocket(String host, int port, int backlog)
           
 void setAlgorithm(String algorithm)
           
 void setCipherSuites(String[] cipherSuites)
           
 void setKeyPassword(String password)
           
 void setKeystore(String keystore)
           
 void setKeystoreType(String keystoreType)
           
 void setNeedClientAuth(boolean needClientAuth)
          Set the value of the needClientAuth property
 void setPassword(String password)
           
 void setProtocol(String protocol)
           
 void setProvider(String _provider)
           
 void setWantClientAuth(boolean wantClientAuth)
          Set the value of the _wantClientAuth property.
 
Methods inherited from class org.mortbay.jetty.bio.SocketConnector
accept, close, getConnection, getLocalPort, newBuffer, open
 
Methods inherited from class org.mortbay.jetty.AbstractConnector
connectionClosed, connectionOpened, doStart, doStop, getAcceptors, getAcceptQueueSize, getBuffer, getConfidentialPort, getConfidentialScheme, getConnections, getConnectionsDurationAve, getConnectionsDurationMax, getConnectionsDurationMin, getConnectionsDurationTotal, getConnectionsOpen, getConnectionsOpenMax, getConnectionsOpenMin, getConnectionsRequestsAve, getConnectionsRequestsMax, getConnectionsRequestsMin, getHeaderBufferSize, getHost, getIntegralPort, getIntegralScheme, getLowResourceMaxIdleTime, getMaxIdleTime, getName, getPort, getRequestBufferSize, getRequests, getResolveNames, getResponseBufferSize, getServer, getSoLingerTime, getStatsOn, getStatsOnMs, getThreadPool, join, newContinuation, returnBuffer, setAcceptors, setAcceptQueueSize, setConfidentialPort, setConfidentialScheme, setHeaderBufferSize, setHost, setIntegralPort, setIntegralScheme, setLowResourceMaxIdleTime, setMaxIdleTime, setName, setPort, setRequestBufferSize, setResolveNames, setResponseBufferSize, setServer, setSoLingerTime, setStatsOn, setThreadPool, statsReset, toString
 
Methods inherited from class org.mortbay.component.AbstractLifeCycle
isFailed, isRunning, isStarted, isStarting, isStopping, start, stop
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
 
Methods inherited from interface org.mortbay.component.LifeCycle
isFailed, isRunning, isStarted, isStarting, isStopping, start, stop
 

Field Detail

DEFAULT_KEYSTORE

public static final String DEFAULT_KEYSTORE
Default value for the keystore location path.

PASSWORD_PROPERTY

public static final String PASSWORD_PROPERTY
String name of keystore password property.

See Also:
Constant Field Values

KEYPASSWORD_PROPERTY

public static final String KEYPASSWORD_PROPERTY
String name of key password property.

See Also:
Constant Field Values
Constructor Detail

SslSocketConnector

public SslSocketConnector()
Constructor.

Method Detail

getCipherSuites

public String[] getCipherSuites()

setCipherSuites

public void setCipherSuites(String[] cipherSuites)

setPassword

public void setPassword(String password)

setKeyPassword

public void setKeyPassword(String password)

getAlgorithm

public String getAlgorithm()

setAlgorithm

public void setAlgorithm(String algorithm)

getProtocol

public String getProtocol()

setProtocol

public void setProtocol(String protocol)

setKeystore

public void setKeystore(String keystore)

getKeystore

public String getKeystore()

getKeystoreType

public String getKeystoreType()

setKeystoreType

public void setKeystoreType(String keystoreType)

getProvider

public String getProvider()

setProvider

public void setProvider(String _provider)

setWantClientAuth

public void setWantClientAuth(boolean wantClientAuth)
Set the value of the _wantClientAuth property. This property is used when opening server sockets.

Parameters:
wantClientAuth - true iff we want client certificate authentication.
See Also:
SSLServerSocket.setWantClientAuth(boolean)

getWantClientAuth

public boolean getWantClientAuth()

setNeedClientAuth

public void setNeedClientAuth(boolean needClientAuth)
Set the value of the needClientAuth property

Parameters:
needClientAuth - true iff we require client certificate authentication.

getNeedClientAuth

public boolean getNeedClientAuth()

isIntegral

public boolean isIntegral(Request request)
By default, we're integral, given we speak SSL. But, if we've been told about an integral port, and said port is not our port, then we're not. This allows separation of listeners providing INTEGRAL versus CONFIDENTIAL constraints, such as one SSL listener configured to require client certs providing CONFIDENTIAL, whereas another SSL listener not requiring client certs providing mere INTEGRAL constraints.

Specified by:
isIntegral in interface Connector
Overrides:
isIntegral in class AbstractConnector

isConfidential

public boolean isConfidential(Request request)
By default, we're confidential, given we speak SSL. But, if we've been told about an confidential port, and said port is not our port, then we're not. This allows separation of listeners providing INTEGRAL versus CONFIDENTIAL constraints, such as one SSL listener configured to require client certs providing CONFIDENTIAL, whereas another SSL listener not requiring client certs providing mere INTEGRAL constraints.

Specified by:
isConfidential in interface Connector
Overrides:
isConfidential in class AbstractConnector

createFactory

protected SSLServerSocketFactory createFactory()
                                        throws Exception
Throws:
Exception

newServerSocket

protected ServerSocket newServerSocket(String host,
                                       int port,
                                       int backlog)
                                throws IOException
Overrides:
newServerSocket in class SocketConnector
Parameters:
backlog - See ServerSocket.bind(java.net.SocketAddress, int)
Returns:
A new socket object bound to the supplied address with all other settings as per the current configuration of this connector.
Throws:
IOException
See Also:
setWantClientAuth(boolean), setNeedClientAuth(boolean), setCipherSuites(java.lang.String[])

configure

protected void configure(Socket socket)
                  throws IOException
Overrides:
configure in class AbstractConnector
Throws:
IOException

customize

public void customize(EndPoint endpoint,
                      Request request)
               throws IOException
Allow the Listener a chance to customise the request. before the server does its stuff.
This allows the required attributes to be set for SSL requests.
The requirements of the Servlet specs are:

Specified by:
customize in interface Connector
Overrides:
customize in class SocketConnector
Parameters:
endpoint - The Socket the request arrived on. This should be a SocketEndPoint wrapping a SSLSocket.
request - HttpRequest to be customised.
Throws:
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD