Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

com.ca.commons.jndi
Class JndiSocketFactory

java.lang.Object
  |
  +--javax.net.SocketFactory
        |
        +--javax.net.ssl.SSLSocketFactory
              |
              +--com.ca.commons.jndi.JndiSocketFactory
public class JndiSocketFactory
extends javax.net.ssl.SSLSocketFactory

Socket factory for SSL jndi links that returns an SSL socket. It incorporates a keystore, which must contain the certs used to authenticate the client.

This code is based on sample code made freely available by author Spencer W. Thomas on his web site http://hubris.engin.umich.edu/java/ On Wed 24 May, 2000.

Warning

This class relies heavily on an internal, single, static SSLSocketFactory. multiple objects of this type in fact will use the same internal SSLSocketFactory. (This is why a single static init() method sets up everything for the entire class.) The reason for this structure is that JndiSocketFactory is dynmaically invoked by the jndi connection, and we have no other chance to initialise the object.

Constructor Summary
JndiSocketFactory()
          Constructor
 
Method Summary
 java.net.Socket createSocket(java.net.InetAddress host, int port)
          Return an SSLSocket (upcast to Socket) given host and port.
 java.net.Socket createSocket(java.net.InetAddress host, int port, java.net.InetAddress client_host, int client_port)
          Return an SSLSocket (upcast to Socket) given host and port.
 java.net.Socket createSocket(java.net.Socket socket, java.lang.String host, int port, boolean autoclose)
          Return an SSLSocket layered on top of the given Socket.
 java.net.Socket createSocket(java.lang.String host, int port)
          Return an SSLSocket (upcast to Socket) given host and port.
 java.net.Socket createSocket(java.lang.String host, int port, java.net.InetAddress client_host, int client_port)
          Return an SSLSocket (upcast to Socket) given host and port.
static java.security.KeyStore getClientKeyStore()
           
static javax.net.SocketFactory getDefault()
          Return an instance of this class.
 java.lang.String[] getDefaultCipherSuites()
          Return default cipher suites.
 java.lang.String[] getSupportedCipherSuites()
          Return supported cipher suites.
static void init(java.lang.String caKeystoreFile, java.lang.String clientKeystoreFile, char[] caPassphrase, char[] clientPassphrase, java.lang.String caKeystoreType, java.lang.String clientKeystoreType)
          Initialize the socket factory with a particular key store(s) and security provider.
static void setClassLoader(java.lang.ClassLoader newLoader)
          Register a custom class loader to be used by the class when getting security providers.
static void setDebugOn()
          Enable debugging...
 
Methods inherited from class javax.net.SocketFactory
createSocket
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

JndiSocketFactory

public JndiSocketFactory()
Constructor

Method Detail

setClassLoader

public static void setClassLoader(java.lang.ClassLoader newLoader)
Register a custom class loader to be used by the class when getting security providers.

setDebugOn

public static void setDebugOn()
Enable debugging...

init

public static void init(java.lang.String caKeystoreFile,
                        java.lang.String clientKeystoreFile,
                        char[] caPassphrase,
                        char[] clientPassphrase,
                        java.lang.String caKeystoreType,
                        java.lang.String clientKeystoreType)
                 throws java.lang.Exception

Initialize the socket factory with a particular key store(s) and security provider. The minimum requirement is for a keystore containing trusted directory servers (the 'castore', or trusted certificate authority store, since the servers are usually signed by a common CA, whose cert would be held in this file).

Further options include a private key store (the 'clientstore') that allows for client-authenticated ssl and SASL).

Finally, it is possible to configure a non-standard keystore type and security provider. The keystore type defaults to Sun's JKS (at time of writting, the only keystore type that the default Sun security provider will handle).

Nb. - it is possible to set a custom class loader (using 'registerClassLoader()' ) in which case this loader can be used to load the security provider.

Parameters:
caKeystoreFile - A keystore file name of public certificates (trusted CA signs)
clientKeystoreFile - A keystore file name of the client's certificates, containing private keys. (may be null if only simple, 'server authenticated' ssl is being used).
caPassphrase - A password for the caKeystoreFile certificate. (may be null if only simple, 'server authenticated' ssl is being used, and keystore type is 'JKS'). Calling Program must manually clear passphrase after init() call.
clientPassphrase - A password for the clientKeystoreFile certificate. (may be null if only simple, 'server authenticated' ssl is being used). Calling Program must manually clear passphrase after init() call.
caKeystoreType - The type of cakeystore file. (null => 'JKS')
clientKeystoreType - The type of clientkeystore file. (null => 'JKS')
java.lang.Exception

getDefault

public static javax.net.SocketFactory getDefault()
Return an instance of this class.

Returns:
An instance of JndiSocketFactory.

getClientKeyStore

public static java.security.KeyStore getClientKeyStore()

createSocket

public java.net.Socket createSocket(java.lang.String host,
                                    int port)
                             throws java.io.IOException,
                                    java.net.UnknownHostException
Return an SSLSocket (upcast to Socket) given host and port.

Specified by:
createSocket in class javax.net.SocketFactory
Parameters:
host - Name of the host to which the socket will be opened.
port - Port to connect to.
Returns:
An SSLSocket instance (as a Socket).
Throws:
java.io.IOException - If the connection can't be established.
java.net.UnknownHostException - If the host is not known.

createSocket

public java.net.Socket createSocket(java.net.InetAddress host,
                                    int port)
                             throws java.io.IOException,
                                    java.net.UnknownHostException
Return an SSLSocket (upcast to Socket) given host and port.

Specified by:
createSocket in class javax.net.SocketFactory
Parameters:
host - Address of the server host.
port - Port to connect to.
Returns:
An SSLSocket instance (as a Socket).
Throws:
java.io.IOException - If the connection can't be established.
java.net.UnknownHostException - If the host is not known.

createSocket

public java.net.Socket createSocket(java.net.InetAddress host,
                                    int port,
                                    java.net.InetAddress client_host,
                                    int client_port)
                             throws java.io.IOException,
                                    java.net.UnknownHostException
Return an SSLSocket (upcast to Socket) given host and port. The client is bound to the specified network address and port.

Specified by:
createSocket in class javax.net.SocketFactory
Parameters:
host - Address of the server host.
port - Port to connect to.
client_host - Address of this (client) host.
Returns:
An SSLSocket instance (as a Socket).
Throws:
java.io.IOException - If the connection can't be established.
java.net.UnknownHostException - If the host is not known.

createSocket

public java.net.Socket createSocket(java.lang.String host,
                                    int port,
                                    java.net.InetAddress client_host,
                                    int client_port)
                             throws java.io.IOException,
                                    java.net.UnknownHostException
Return an SSLSocket (upcast to Socket) given host and port. The client is bound to the specified network address and port.

Specified by:
createSocket in class javax.net.SocketFactory
Parameters:
host - Address of the server host.
port - Port to connect to.
client_host - Address of this (client) host.
Returns:
An SSLSocket instance (as a Socket).
Throws:
java.io.IOException - If the connection can't be established.
java.net.UnknownHostException - If the host is not known.

createSocket

public java.net.Socket createSocket(java.net.Socket socket,
                                    java.lang.String host,
                                    int port,
                                    boolean autoclose)
                             throws java.io.IOException,
                                    java.net.UnknownHostException
Return an SSLSocket layered on top of the given Socket.

Specified by:
createSocket in class javax.net.ssl.SSLSocketFactory
java.io.IOException
java.net.UnknownHostException

getDefaultCipherSuites

public java.lang.String[] getDefaultCipherSuites()
Return default cipher suites.

Specified by:
getDefaultCipherSuites in class javax.net.ssl.SSLSocketFactory

getSupportedCipherSuites

public java.lang.String[] getSupportedCipherSuites()
Return supported cipher suites.

Specified by:
getSupportedCipherSuites in class javax.net.ssl.SSLSocketFactory
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD