|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.opensaml.ws.soap.client.http.TLSProtocolSocketFactory
@ThreadSafe public class TLSProtocolSocketFactory
An SSL/TLS socket factory that uses KeyStoreFactory's to get its key and trust material.
Field Summary | |
---|---|
private HostnameVerifier |
hostnameVerifier
Hostname verifier used to validate the peer's certificate against the hostname. |
private X509KeyManager[] |
keyManagers
Managers used to retrieve client-cert authentication keys for a given host. |
private SecureRandom |
secureRandom
The randomness generator to use when creating SSL sockets. |
private SSLContext |
sslContext
Currently active SSL context. |
private X509TrustManager[] |
trustManagers
Managers used to validate the X.509 credentials of a given host. |
Constructor Summary | |
---|---|
TLSProtocolSocketFactory(X509KeyManager[] keyMgrs,
X509TrustManager[] trustMgrs,
HostnameVerifier verifier,
SecureRandom random)
Constructor. |
|
TLSProtocolSocketFactory(X509KeyManager keyMgr,
X509TrustManager trustMgr)
Constructor. |
|
TLSProtocolSocketFactory(X509KeyManager keyMgr,
X509TrustManager trustMgr,
HostnameVerifier verifier)
Constructor. |
Method Summary | |
---|---|
protected void |
cleanUpFailedSocket(SSLSocket sslSocket)
Do any cleanup necessary due to socket creation failure (e.g. |
Socket |
createSocket(Socket socket,
String host,
int port,
boolean autoClose)
|
Socket |
createSocket(String host,
int port)
|
Socket |
createSocket(String host,
int port,
InetAddress localHost,
int clientPort)
|
Socket |
createSocket(String host,
int port,
InetAddress localHost,
int localPort,
org.apache.commons.httpclient.params.HttpConnectionParams connParams)
|
boolean |
equals(Object obj)
|
int |
hashCode()
|
protected void |
init()
Do initialization that is common across constructors. |
protected void |
verifyHostname(Socket socket)
Verifies the peer's hostname using the configured HostnameVerifier . |
Methods inherited from class java.lang.Object |
---|
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
private X509KeyManager[] keyManagers
private X509TrustManager[] trustManagers
private SecureRandom secureRandom
private HostnameVerifier hostnameVerifier
private SSLContext sslContext
Constructor Detail |
---|
public TLSProtocolSocketFactory(X509KeyManager keyMgr, X509TrustManager trustMgr) throws IllegalArgumentException
keyMgr
- manager used to retrieve client-cert authentication keys for a given hosttrustMgr
- manager used to validate the X.509 credentials of a given host. May be null, in which case
the JSSE default trust manager lookup mechanism is used.
IllegalArgumentException
- thrown if the given key or trust manager can not be used to create the
SSLContext
used to create new socketspublic TLSProtocolSocketFactory(X509KeyManager keyMgr, X509TrustManager trustMgr, HostnameVerifier verifier) throws IllegalArgumentException
keyMgr
- manager used to retrieve client-cert authentication keys for a given host.trustMgr
- manager used to validate the X.509 credentials of a given host. May be null, in which case
the JSSE default trust manager lookup mechanism is used.verifier
- the hostname verifier used to verify the SSL/TLS's peer's hostname. May be null, in which case
no hostname verification is performed.
IllegalArgumentException
- thrown if the given key or trust manager can not be used to create the
SSLContext
used to create new socketspublic TLSProtocolSocketFactory(X509KeyManager[] keyMgrs, X509TrustManager[] trustMgrs, HostnameVerifier verifier, SecureRandom random) throws IllegalArgumentException
keyMgrs
- managers used to retrieve client-cert authentication keys for a given host.
May be null, in which case the JSSE default key manager lookup mechanism is used.trustMgrs
- manager used to validate the X.509 credentials of a given host.
May be null, in which case the JSSE default trust manager lookup mechanism is used.verifier
- the hostname verifier used to verify the SSL/TLS's peer's hostname.
May be null, in which case no hostname verification is performed.random
- the secure random instance used to create SSL sessions.
May be null, in which case the JSSE default secure random impl is used.
IllegalArgumentException
- thrown if the given key or trust manager can not be used to create the
SSLContext
used to create new socketsMethod Detail |
---|
protected void init() throws IllegalArgumentException
IllegalArgumentException
- thrown if the given key or trust manager can not be used to create the
SSLContext
used to create new socketspublic Socket createSocket(String host, int port) throws IOException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
IOException
public Socket createSocket(String host, int port, InetAddress localHost, int clientPort) throws IOException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
IOException
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException
createSocket
in interface org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
IOException
public Socket createSocket(String host, int port, InetAddress localHost, int localPort, org.apache.commons.httpclient.params.HttpConnectionParams connParams) throws IOException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
IOException
public boolean equals(Object obj)
equals
in class Object
public int hashCode()
hashCode
in class Object
protected void verifyHostname(Socket socket) throws SSLException
HostnameVerifier
.
socket
- the socket connected to the peer whose hostname is to be verified.
SSLException
- if the hostname does not verify against the peer's certificate,
or if there is an error in performing the evaluationprotected void cleanUpFailedSocket(SSLSocket sslSocket)
sslSocket
- the SSLSocket
to cleanup
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |