User: starksm
Date: 01/11/09 02:18:14
Modified: src/main/org/jboss/security/ssl Tag: Branch_2_4
DomainServerSocketFactory.java
Added: src/main/org/jboss/security/ssl Tag: Branch_2_4
RMISSLClientSocketFactory.java
RMISSLServerSocketFactory.java
Log:
Update the SSL support for the RMI socket factories and add support
for binding to a specific interface.
Revision Changes Path
No revision
No revision
1.1.2.2 +46 -7
jbosssx/src/main/org/jboss/security/ssl/Attic/DomainServerSocketFactory.java
Index: DomainServerSocketFactory.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/ssl/Attic/DomainServerSocketFactory.java,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- DomainServerSocketFactory.java 2001/09/26 06:14:46 1.1.2.1
+++ DomainServerSocketFactory.java 2001/11/09 10:18:14 1.1.2.2
@@ -4,6 +4,7 @@
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
+import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
@@ -11,8 +12,6 @@
import javax.net.ServerSocketFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
-import javax.net.ssl.HandshakeCompletedListener;
-import javax.net.ssl.HandshakeCompletedEvent;
import com.sun.net.ssl.KeyManager;
import com.sun.net.ssl.KeyManagerFactory;
@@ -21,6 +20,7 @@
import com.sun.net.ssl.TrustManagerFactory;
import org.apache.log4j.Category;
+
import org.jboss.security.SecurityDomain;
/** An implementation of ServerSocketFactory that creates SSL server sockets
@@ -33,14 +33,24 @@
@see org.jboss.security.SecurityDomain
@author [EMAIL PROTECTED]
-@version $Revision: 1.1.2.1 $
+@version $Revision: 1.1.2.2 $
*/
public class DomainServerSocketFactory extends ServerSocketFactory
{
private static Category log =
Category.getInstance(DomainServerSocketFactory.class);
- private SecurityDomain securityDomain;
+ private transient SecurityDomain securityDomain;
+ private transient InetAddress bindAddress;
- /** Creates new DomainSocketFactory */
+ /** A default constructor for use when created by Class.newInstance. The
+ factory is not usable until its SecurityDomain has been established.
+ */
+ public DomainServerSocketFactory()
+ {
+ System.out.println("DomainServerSocketFactory, this="+this);
+ }
+ /** Create a sockate factory instance that uses the given SecurityDomain
+ as the source for the SSL KeyManagerFactory and TrustManagerFactory.
+ */
public DomainServerSocketFactory(SecurityDomain securityDomain) throws
IOException
{
if( securityDomain == null )
@@ -48,14 +58,36 @@
this.securityDomain = securityDomain;
}
+ public String getBindAddress()
+ {
+ String address = null;
+ if( bindAddress != null )
+ address = bindAddress.getHostAddress();
+ return address;
+ }
+ public void setBindAddress(String host) throws UnknownHostException
+ {
+ bindAddress = InetAddress.getByName(host);
+ }
+
+ public SecurityDomain getSecurityDomain()
+ {
+ return securityDomain;
+ }
+ public void setSecurityDomain(SecurityDomain securityDomain)
+ {
+ this.securityDomain = securityDomain;
+ }
+
+// --- Begin ServerSocketFactory interface methods
public ServerSocket createServerSocket(int port) throws IOException
{
- return createServerSocket(port, 50, null);
+ return createServerSocket(port, 50, bindAddress);
}
public ServerSocket createServerSocket(int port, int backlog)
throws IOException
{
- return createServerSocket(port, backlog, null);
+ return createServerSocket(port, backlog, bindAddress);
}
/**
* Returns a server socket which uses only the specified network
@@ -107,6 +139,9 @@
return socket;
}
+ /** The default ServerSocketFactory which looks to the java:/jaas/other
+ security domain configuration.
+ */
public static ServerSocketFactory getDefault()
{
DomainServerSocketFactory ssf = null;
@@ -118,7 +153,11 @@
}
catch(Exception e)
{
+ log.error("Failed to create default ServerSocketFactory", e);
}
return ssf;
}
+
+// --- End ServerSocketFactory interface methods
+
}
No revision
No revision
1.2.2.1 +57 -6
jbosssx/src/main/org/jboss/security/ssl/RMISSLClientSocketFactory.java
Index: RMISSLClientSocketFactory.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/ssl/RMISSLClientSocketFactory.java,v
retrieving revision 1.2
retrieving revision 1.2.2.1
diff -u -r1.2 -r1.2.2.1
--- RMISSLClientSocketFactory.java 2001/10/15 04:32:53 1.2
+++ RMISSLClientSocketFactory.java 2001/11/09 10:18:14 1.2.2.1
@@ -10,14 +10,65 @@
import java.io.Serializable;
import java.net.Socket;
import java.rmi.server.RMIClientSocketFactory;
+import javax.net.ssl.HandshakeCompletedEvent;
+import javax.net.ssl.HandshakeCompletedListener;
+import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.SSLSocket;
-public class RMISSLClientSocketFactory implements RMIClientSocketFactory,
Serializable {
+import org.apache.log4j.Category;
- public Socket createSocket(String host, int port) throws IOException {
- SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
- SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
- return socket;
- }
+/** An implementation of RMIClientSocketFactory that uses the JSSE
+ default SSLSocketFactory to create a client SSLSocket.
+ *
+ * @author [EMAIL PROTECTED]
+ * @version $Revision: 1.2.2.1 $
+ */
+public class RMISSLClientSocketFactory implements HandshakeCompletedListener,
+ RMIClientSocketFactory, Serializable
+{
+ private static final long serialVersionUID = -6412485012870705607L;
+
+ /** Creates new RMISSLClientSocketFactory */
+ public RMISSLClientSocketFactory()
+ {
+ }
+
+ /** Create a client socket connected to the specified host and port.
+ * @param host - the host name
+ * @param port - the port number
+ * @return a socket connected to the specified host and port.
+ * @exception IOException if an I/O error occurs during socket creation.
+ */
+ public java.net.Socket createSocket(String host, int port)
+ throws IOException
+ {
+ SSLSocketFactory factory = (SSLSocketFactory) SSLSocketFactory.getDefault();
+ SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
+ socket.addHandshakeCompletedListener(this);
+ return socket;
+ }
+
+ public boolean equals(Object obj)
+ {
+ return obj instanceof RMISSLClientSocketFactory;
+ }
+ public int hashCode()
+ {
+ return getClass().getName().hashCode();
+ }
+
+ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
+ {
+ Category log = Category.getInstance(RMISSLClientSocketFactory.class);
+ if( log.isDebugEnabled() )
+ {
+ String cipher = handshakeCompletedEvent.getCipherSuite();
+ SSLSession session = handshakeCompletedEvent.getSession();
+ String peerHost = session.getPeerHost();
+ log.debug("SSL handshakeCompleted, cipher="+cipher
+ +", peerHost="+peerHost);
+ }
+ }
+
}
1.2.2.1 +66 -39
jbosssx/src/main/org/jboss/security/ssl/RMISSLServerSocketFactory.java
Index: RMISSLServerSocketFactory.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/ssl/RMISSLServerSocketFactory.java,v
retrieving revision 1.2
retrieving revision 1.2.2.1
diff -u -r1.2 -r1.2.2.1
--- RMISSLServerSocketFactory.java 2001/10/15 04:32:53 1.2
+++ RMISSLServerSocketFactory.java 2001/11/09 10:18:14 1.2.2.1
@@ -6,47 +6,74 @@
*/
package org.jboss.security.ssl;
-import java.io.FileInputStream;
import java.io.IOException;
import java.io.Serializable;
import java.net.ServerSocket;
+import java.net.UnknownHostException;
import java.rmi.server.RMIServerSocketFactory;
-import javax.net.ssl.SSLServerSocketFactory;
-import java.security.KeyStore;
-import java.security.Security;
-import com.sun.net.ssl.KeyManagerFactory;
-import com.sun.net.ssl.SSLContext;
-
-
-public class RMISSLServerSocketFactory implements RMIServerSocketFactory,
Serializable {
-
- static {
- // Security provider for JSSE 1.0.2
- Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
- }
-
-
- public ServerSocket createServerSocket(int port) throws IOException {
- SSLServerSocketFactory ssf = null;
- try {
- // set up key manager to do server authentication
- SSLContext ctx;
- KeyManagerFactory kmf;
- KeyStore ks;
- char[] passphrase = "passphrase".toCharArray();
-
- ctx = SSLContext.getInstance("TLS");
- kmf = KeyManagerFactory.getInstance("SunX509");
- ks = KeyStore.getInstance("JKS");
-
- ks.load(new FileInputStream("privatekeys"), passphrase);
- kmf.init(ks, passphrase);
- ctx.init(kmf.getKeyManagers(), null, null);
-
- ssf = ctx.getServerSocketFactory();
- } catch (Exception e) {
- e.printStackTrace();
- }
- return ssf.createServerSocket(port);
- }
+
+import org.jboss.security.SecurityDomain;
+
+/** An implementation of RMIServerSocketFactory that uses a
+ DomainServerSocketFactory for its implementation. This class is just an
+ adaptor from the RMIServerSocketFactory to the DomainServerSocketFactory.
+
+ This class is not suitable for RMI object that require a Serializable socket
+ factory like activatable services. The reason for this limitation is that
+ a SecurityDomain is not serializable due to its association with a local
+ KeyStore.
+
+@author [EMAIL PROTECTED]
+@version $Revision: 1.2.2.1 $
+*/
+public class RMISSLServerSocketFactory implements RMIServerSocketFactory
+{
+ private DomainServerSocketFactory domainFactory;
+
+ /** Creates new RMISSLServerSocketFactory */
+ public RMISSLServerSocketFactory()
+ {
+ domainFactory = new DomainServerSocketFactory();
+ }
+
+ public String getBindAddress()
+ {
+ return domainFactory.getBindAddress();
+ }
+ public void setBindAddress(String host) throws UnknownHostException
+ {
+ domainFactory.setBindAddress(host);
+ }
+
+ public SecurityDomain getSecurityDomain()
+ {
+ return domainFactory.getSecurityDomain();
+ }
+ public void setSecurityDomain(SecurityDomain securityDomain)
+ {
+ domainFactory.setSecurityDomain(securityDomain);
+ }
+
+ /**
+ * Create a server socket on the specified port (port 0 indicates
+ * an anonymous port).
+ * @param port the port number
+ * @return the server socket on the specified port
+ * @exception IOException if an I/O error occurs during server socket
+ * creation
+ */
+ public ServerSocket createServerSocket(int port)
+ throws IOException
+ {
+ return domainFactory.createServerSocket(port);
+ }
+
+ public boolean equals(Object obj)
+ {
+ return obj instanceof RMISSLServerSocketFactory;
+ }
+ public int hashCode()
+ {
+ return getClass().getName().hashCode();
+ }
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
