Examples of org.jboss.netty.handler.ssl.SslHandler

• org.jboss.netty.handler.ssl.SslHandler
  kipedia.org/wiki/Transport_Layer_Security">SSL · TLS and StartTLS support to a {@link Channel}. Please refer to the "SecureChat" example in the distribution or the web site for the detailed usage.

  Beginning the handshake

  A user should make sure not to write a message while the {@linkplain #handshake(Channel) handshake} is in progress unless it is arenegotiation. You will be notified by the {@link ChannelFuture} which isreturned by the {@link #handshake(Channel)} method when the handshakeprocess succeeds or fails.

  Renegotiation

  Once the initial handshake is done successfully. You can always call {@link #handshake(Channel)} again to renegotiate the SSL session parameters.

  Closing the session

  To close the SSL session, the {@link #close(Channel)} method should becalled to send the {@code close_notify} message to the remote peer. Oneexception is when you close the {@link Channel} - {@link SslHandler}intercepts the close request and send the {@code close_notify} messagebefore the channel closure automatically. Once the SSL session is closed, it is not reusable, and consequently you should create a new {@link SslHandler} with a new {@link SSLEngine} as explained in thefollowing section.

  Restarting the session

  To restart the SSL session, you must remove the existing closed {@link SslHandler} from the {@link ChannelPipeline}, insert a new {@link SslHandler} with a new {@link SSLEngine} into the pipeline,and start the handshake process as described in the first section. @author The Netty Project (netty-dev@lists.jboss.org) @author Trustin Lee (tlee@redhat.com) @version $Rev: 981 $, $Date: 2009-03-04 23:11:54 +0900 (Wed, 04 Mar 2009) $ @apiviz.landmark @apiviz.uses org.jboss.netty.handler.ssl.SslBufferPool

  public void channelConnected(ChannelHandlerContext ctx,
      final ChannelStateEvent e) throws Exception {
    ChannelListener listener = this.listenerFactory.createChannelListener(new ObjectChannelImpl(e.getChannel()));
    this.listeners.put(e.getChannel(), listener);
    maxChannels = Math.max(maxChannels, this.listeners.size());
    SslHandler sslHandler = ctx.getPipeline().get(SslHandler.class);
    if (sslHandler != null) {
          sslHandler.handshake().addListener(new ChannelFutureListener() {
            public void operationComplete(ChannelFuture arg0)
                throws Exception {
              onConnection(e.getChannel());
            }
          });

  public ChannelPipeline getPipeline() throws Exception {
    ChannelPipeline pipeline = new DefaultChannelPipeline();

    SSLEngine engine = config.getServerSSLEngine();
      if (engine != null) {
          pipeline.addLast("ssl", new SslHandler(engine)); //$NON-NLS-1$
      }
      pipeline.addLast("decoder", new ObjectDecoder(1 << 20, classLoader, storageManager)); //$NON-NLS-1$
      pipeline.addLast("chunker", new ChunkedWriteHandler()); //$NON-NLS-1$
      pipeline.addLast("encoder", new ObjectEncoder()); //$NON-NLS-1$
      pipeline.addLast("handler", this); //$NON-NLS-1$

      public ChannelPipeline getPipeline() throws Exception {
        ChannelPipeline pipeline = new DefaultChannelPipeline();

        SSLEngine engine = config.getServerSSLEngine();
          if (engine != null) {
              pipeline.addLast("ssl", new SslHandler(engine)); //$NON-NLS-1$
          }
          pipeline.addLast("odbcFrontendProtocol", new PgFrontendProtocol(1 << 20)); //$NON-NLS-1$
          pipeline.addLast("odbcBackendProtocol", new PgBackendProtocol(maxLobSize)); //$NON-NLS-1$
          pipeline.addLast("handler", this); //$NON-NLS-1$
          return pipeline;

        final ChannelPipeline pipeline = pipeline();

        if (config.sslContext() != null) {
            SSLEngine e = config.sslContext().createSSLEngine();
            config.sslContextListener().onPostCreate(e);
            pipeline.addLast("ssl", new SslHandler(e));
        }

        pipeline.addLast("decoder", new HttpRequestDecoder());

        if (config.aggregateRequestBodyInMemory()) {

          logger.info("SSLEngine protocols enabled: " +
              Arrays.asList(sslEngine.getEnabledProtocols()));
          // addFirst() will make SSL handling the first stage of decoding
          // and the last stage of encoding this must be added after
          // adding compression handling above
          pipeline.addFirst("ssl", new SslHandler(sslEngine));
        }

        return super.newChannel(pipeline);
      } catch (Exception ex) {
        logger.error("Cannot create SSL channel", ex);

    @Override
    public ChannelPipeline getPipeline() throws Exception {
      ChannelPipeline pipeline = Channels.pipeline();
      SSLEngine sslEngine = createServerSSLContext().createSSLEngine();
      sslEngine.setUseClientMode(false);
      pipeline.addLast("ssl", new SslHandler(sslEngine));
      return pipeline;
    }

                        null);
        SSLEngine sslEngine = sslContext.createSSLEngine();
        sslEngine.setUseClientMode(true);
        // addFirst() will make SSL handling the first stage of decoding
        // and the last stage of encoding
        pipeline.addFirst("ssl", new SslHandler(sslEngine));
        return super.newChannel(pipeline);
      } catch (Exception ex) {
        throw new RuntimeException("Cannot create SSL channel", ex);
      }
    }

        logger.info("SSLEngine protocols enabled: " +
            Arrays.asList(sslEngine.getEnabledProtocols()));
        // addFirst() will make SSL handling the first stage of decoding
        // and the last stage of encoding this must be added after
        // adding compression handling above
        pipeline.addFirst("ssl", new SslHandler(sslEngine));
      }

      if (enableIpFilter) {

        logger.info("Setting up ipFilter with the following rule definition: " +

    public ChannelPipeline getPipeline() throws Exception {
        // create a new pipeline
        ChannelPipeline channelPipeline = Channels.pipeline();

        SslHandler sslHandler = configureClientSSLOnDemand();
        if (sslHandler != null) {
            // must close on SSL exception
            sslHandler.setCloseOnSSLException(true);
            LOG.debug("Client SSL handler configured and added to the ChannelPipeline: {}", sslHandler);
            addToPipeline("ssl", channelPipeline, sslHandler);
        }

        List<ChannelHandler> decoders = producer.getConfiguration().getDecoders();

            if (producer.getConfiguration().getSslContextParameters() == null) {
                // just set the enabledProtocols if the SslContextParameter doesn't set
                engine.setEnabledProtocols(producer.getConfiguration().getEnabledProtocols().split(","));
            }
            engine.setUseClientMode(true);
            return new SslHandler(engine);
        }

        return null;
    }