Package org.jboss.net.ssl

Source Code of org.jboss.net.ssl.JBossSocketFactory

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
/*
* JBoss, Home of Professional Open Source.
* Copyright 2008, Red Hat Middleware LLC, and individual contributors
* as indicated by the @author tags. See the copyright.txt file in the
* distribution for a full listing of individual contributors.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.net.ssl;

import java.io.IOException;
import java.security.KeyStore;

import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.KeyManagerFactory;

import org.jboss.security.SecurityDomain;
import org.apache.tomcat.util.net.jsse.JSSESocketFactory;
import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
import javax.net.ssl.X509KeyManager;

/**
* Extends the tomcat JSSE14SocketFactory to obtain the server key and trust
* stores from the SecurityDomain defined by the securityDomain attribute
* of the connector.
*
*/
public class JBossSocketFactory
   extends JSSESocketFactory
{
   private SecurityDomain securityDomain;

   public JBossSocketFactory()
   {
   }

   public void setAttribute(String name, Object value)
   {
      if (name.equalsIgnoreCase("securityDomain"))
      {
         try
         {
            setSecurityDomainName((String) value);
         }
         catch (Exception e)
         {
            IllegalArgumentException ex =
               new IllegalArgumentException("Failed to set security domain");
            ex.initCause(e);
            throw ex;
         }
      }
      super.setAttribute(name, value);
   }

   /**
    * Set the SecurityDomain to use for the key/trust stores
    *
    * @param jndiName - the jndi name of the SecurityDomain binding
    * @throws NamingException
    * @throws IOException
    */
   public void setSecurityDomainName(String jndiName)
      throws NamingException, IOException
   {
      InitialContext iniCtx = new InitialContext();
      securityDomain = (SecurityDomain) iniCtx.lookup(jndiName);
   }

   /**
    * Gets the SSL server's keystore from the SecurityDomain.
    *
    * @param type - ignored, this comes from the security domain config
    * @param pass - ignore, this comes from the security domain config
    * @return the KeyStore for the server cert
    * @throws IOException
    */
   protected KeyStore getKeystore(String type, String pass)
      throws IOException
   {
      verifySecurityDomain();
      return securityDomain.getKeyStore();
   }

   /*
    * Gets the SSL server's truststore from the SecurityDomain.
   
    * @param type - ignored, this comes from the security domain config
    * @return the KeyStore for the trusted signers store
    */
   protected KeyStore getTrustStore(String type) throws IOException
   {
      verifySecurityDomain();
      return securityDomain.getTrustStore();
   }

   /**
    * Override to obtain the TrustManagers from the security domain.
    *
    * @param keystoreType - ignored, this comes from the security domain
    * @param algorithm - ignored, this comes from the security domain
    * @return the array of TrustManagers from the security domain
    * @throws Exception
    */
   protected TrustManager[] getTrustManagers(String keystoreType, String algorithm)
      throws Exception
   {
      verifySecurityDomain();
      TrustManagerFactory tmf = securityDomain.getTrustManagerFactory();
      TrustManager[] trustMgrs = null;

      if( tmf != null )
      {
          trustMgrs = tmf.getTrustManagers();
      }
      return trustMgrs;
   }

   /**
    * Override to obtain the KeyManagers from the security domain.
    *
    * @param keystoreType - ignored, this comes from the security domain
    * @param algorithm - ignored, this comes from the security domain
    * @param keyAlias - ignored
    * @return the array of KeyManagers from the security domain
    * @throws Exception
    */
   protected KeyManager[] getKeyManagers(String keystoreType, String algorithm,
      String keyAlias)
      throws Exception
   {
      verifySecurityDomain();
      KeyManagerFactory kmf = securityDomain.getKeyManagerFactory();
      KeyManager[] keyMgrs = null;
      if( kmf != null )
      {
         keyMgrs = kmf.getKeyManagers();
         /* from tomcat JSSESocketFactory.java */
         if (keyAlias != null)
         {
            if ("JKS".equals(keystoreType))
            {
               keyAlias = keyAlias.toLowerCase();
            }
            for(int i=0; i<keyMgrs.length; i++)
            {
               keyMgrs[i] = new JSSEKeyManager((X509KeyManager)keyMgrs[i], keyAlias);
            }
         }     
      }
      return keyMgrs;
   }

   @Override
   protected KeyManager[] getKeyManagers(String keystoreType, String keystoreProvider, String algorithm, String keyAlias)
         throws Exception
   {
      return getKeyManagers(keystoreType, algorithm, keyAlias);
   }
  
  

   @Override
   protected TrustManager[] getTrustManagers(String keystoreType, String keystoreProvider, String algorithm)
         throws Exception
   {
      return getTrustManagers(keystoreType, algorithm);
   }

   private void verifySecurityDomain()
   {
      String str = "securityDomain is null." +
            "Set it as an attribute in the connector setting";
     
      if(this.securityDomain == null)
         throw new IllegalStateException(str);
   }
}
TOP

Related Classes of org.jboss.net.ssl.JBossSocketFactory

  • org.apache.tomcat.util.net.jsse.JSSEKeyManager
  • javax.net.ssl.KeyManagerFactory
  • javax.net.ssl.TrustManagerFactory
  • javax.naming.InitialContext
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.