Examples of javax.net.ssl.SSLParameters

• javax.net.ssl.SSLParameters
  Encapsulates parameters for an SSL/TLS connection. The parameters are the list of ciphersuites to be accepted in an SSL/TLS handshake, the list of protocols to be allowed, and whether SSL/TLS servers should request or require client authentication.

  SSLParameters can be created via the constructors in this class. Objects can also be obtained using the getSSLParameters() methods in {@link SSLSocket#getSSLParameters SSLSocket} and{@link SSLEngine#getSSLParameters SSLEngine} or the{@link SSLContext#getDefaultSSLParameters getDefaultSSLParameters()} and{@link SSLContext#getSupportedSSLParameters getSupportedSSLParameters()}methods in SSLContext.

  SSLParameters can be applied to a connection via the methods {@link SSLSocket#setSSLParameters SSLSocket.setSSLParameters()} and{@link SSLEngine#setSSLParameters SSLEngine.getSSLParameters()}. @see SSLSocket @see SSLEngine @see SSLContext @since 1.6

        public void operationComplete(ChannelFuture future)
                throws Exception
        {
            CallbackConnectionListener callbackConnectionListener = new CallbackConnectionListener(remoteAddress, connectionCallback, openChannels);
            if (future.isSuccess()) {
                SSLParameters sslParameters = new SSLParameters();
                sslParameters.setEndpointIdentificationAlgorithm("HTTPS");

                SSLEngine sslEngine = SSLContext.getDefault().createSSLEngine(remoteAddress.getHostString(), remoteAddress.getPort());
                sslEngine.setSSLParameters(sslParameters);
                sslEngine.setUseClientMode(true);

            final SSLContext context = securityRealm.getSSLContext();
            secureHttpServer.setHttpsConfigurator(new HttpsConfigurator(context) {

                @Override
                public void configure(HttpsParameters params) {
                    SSLParameters sslparams = context.getDefaultSSLParameters();

                    switch (certAuthMode) {
                        case NEED:
                            sslparams.setNeedClientAuth(true);
                            break;
                        case WANT:
                            sslparams.setWantClientAuth(true);
                            break;
                    }

                    params.setSSLParameters(sslparams);

        return newSSLEngine(hostName, address.getPort());
    }

    public void customize(SSLEngine sslEngine)
    {
        SSLParameters sslParams = sslEngine.getSSLParameters();
        sslParams.setEndpointIdentificationAlgorithm(_endpointIdentificationAlgorithm);
        sslEngine.setSSLParameters(sslParams);

        if (getWantClientAuth())
            sslEngine.setWantClientAuth(getWantClientAuth());
        if (getNeedClientAuth())

                    // get the remote address if needed
                    InetSocketAddress remote = params.getClientAddress();
                    SSLContext c = getSSLContext();

                    // get the default parameters
                    SSLParameters sslparams = c.getDefaultSSLParameters();

                    params.setSSLParameters(sslparams);
                    // statement above could throw IAE if any params invalid.
                    // eg. if app has a UI and parameters supplied by a user.
                }

            if (context != null) {
                secureHttpServer.setHttpsConfigurator(new HttpsConfigurator(context) {

                    @Override
                    public void configure(HttpsParameters params) {
                        SSLParameters sslparams = context.getDefaultSSLParameters();

                        switch (certAuthMode) {
                            case NEED:
                                sslparams.setNeedClientAuth(true);
                                break;
                            case WANT:
                                sslparams.setWantClientAuth(true);
                                break;
                        }

                        params.setSSLParameters(sslparams);

                        // TODO - Add propper capture of these values.

                        System.out.println(" * SSLContext * ");

                        SSLContext sslContext = getSSLContext();
                        SSLParameters sslParams = sslContext.getDefaultSSLParameters();
                        String[] cipherSuites = sslParams.getCipherSuites();
                        for (String current : cipherSuites) {
                            System.out.println("Cipher Suite - " + current);
                        }
                        System.out.println("Need Client Auth " + sslParams.getNeedClientAuth());
                        String[] protocols = sslParams.getProtocols();
                        for (String current : protocols) {
                            System.out.println("Protocol " + current);
                        }
                        System.out.println("Want Client Auth " + sslParams.getWantClientAuth());
                    }

                    System.out.println(" * HTTPSParameters * ");
                    {
                        System.out.println("Client Address " + params.getClientAddress());

        }
    }

    @Override
    protected SSLParameters engineGetDefaultSSLParameters() {
        return new SSLParameters(new String[] { "Default_SSL_Parameters_For_Test1" },
                new String[] { "TLSv1" });
    }

                new String[] { "TLSv1" });
    }

    @Override
    protected SSLParameters engineGetSupportedSSLParameters() {
        return new SSLParameters(new String[] { "Default_SSL_Parameters_For_Test1",
                "Default_SSL_Parameters_For_Test2" }, new String[] { "TLSv1", "SSLv3" });
    }

        SSLContext[] sslContexts = createSSLCon();
        assertNotNull("SSLContext objects were not created", sslContexts);

        for (int i = 0; i < sslContexts.length; i++) {
            sslContexts[i].init(null, null, null);
            SSLParameters defaultSSLParameters = sslContexts[i]
                    .getDefaultSSLParameters();
            SSLSocket sslSocket = (SSLSocket) (sslContexts[i]
                    .getSocketFactory().createSocket());

            String[] enabledCipherSuites = sslSocket.getEnabledCipherSuites();
            String[] enabledProtocols = sslSocket.getEnabledProtocols();

            for (int j = 0; j < enabledCipherSuites.length; j++)
                assertEquals((defaultSSLParameters.getCipherSuites())[j],
                        enabledCipherSuites[j]);
            for (int k = 0; k < enabledProtocols.length; k++)
                assertEquals((defaultSSLParameters.getProtocols())[k],
                        enabledProtocols[k]);
        }
    }

        SSLContext[] sslContexts = createSSLCon();
        assertNotNull("SSLContext objects were not created", sslContexts);

        for (int i = 0; i < sslContexts.length; i++) {
            sslContexts[i].init(null, null, null);
            SSLParameters defaultSSLParameters = sslContexts[i]
                    .getSupportedSSLParameters();
            SSLSocket sslSocket = (SSLSocket) (sslContexts[i]
                    .getSocketFactory().createSocket());
            String[] supportedCipherSuites = sslSocket.getSupportedCipherSuites();
            String[] supportedProtocols = sslSocket.getSupportedProtocols();

            for (int j = 0; j < supportedCipherSuites.length; j++)
                assertEquals((defaultSSLParameters.getCipherSuites())[j],
                        supportedCipherSuites[j]);
            for (int k = 0; k < supportedProtocols.length; k++)
                assertEquals((defaultSSLParameters.getProtocols())[k],
                        supportedProtocols[k]);
        }
    }