de.tu_darmstadt.sp.ssl
Class SSLeayServerSocketFactory

java.lang.Object
  |
  +--javax.net.ServerSocketFactory
        |
        +--javax.net.ssl.SSLServerSocketFactory
              |
              +--de.tu_darmstadt.sp.ssl.SSLeayServerSocketFactory
Direct Known Subclasses:
RMISSLServerSocketFactory

public class SSLeayServerSocketFactory
extends SSLServerSocketFactory
implements java.io.Serializable

Class SSLeayServerSocketFactory creates SSLeayServerSockets. Each SSLeayServerSocketFactory uses exaclty one SSLeaySessionContext. Every socket created using this factory will use this SSLeaySessionContext for the sessions corresponding to its own connection. The default ciphers which are going to be used by the sockets created by this factory are actually default ciphers of the SSLeaySessionContext of this factory.

Session Context Instantition

The SSLeaySessionContext is instantiated "lazy", namely in the first call of one of the following methods:

This property is very useful when serializing and deserializing SSLeaySocketFactory objects. If the context would have been initialized upon creation, the deserialization of a factory would work only in the presence of cryptographic information, like certificate files. Using "lazy" instantiation for the used context means the context (and thus the capability of produces sockets) will be created only when somebody realy wants to use a factory object for socket creation.

The methods specified above will fail by throwing a SSLException if the necessary information for setting up the context is not there. Possible fail reasons:

  1. The CA information is not present or incomplete, so the created socket is could not verify its peer.
  2. If the system property iti.ssl.serverIdentityRequired is true, but neither of the environment variables or system properties controlling the user identity are defined (See SSLeaySessionContext). In this case, a SSLeayIdentity will be thrown. For any other value of the property, no exception will be raised. By default, the iti.ssl.serverIdentityRequired property has the value true. This means server socket factories require the user's identity by default.

    Secure connections can be created even if this information is not available, but the peer will not be able to check our identity. This exception is catchable; the new socket factory will create sockets. false.

The createServerSocket methods do not create connections between sockets. You have to use the accept method of the created server sockets to create SSL connections.

Extending and customizing SSLeayServerFactory

Using the setSSLPolicy method you can specify the modes of the connections obtained through the accept method. This method is a template method, which you can redefine in subclasses of this class in order to specify different policies for the server sockets of this factory. setSSLPolicy is called after creating and server socket in all createSocket methods.

The setSocketPrototypeClass specifies the type of server sockets created by the createServerSocket methods.

Version:
$Revision: 1.6 $
Author:
Andrei Popovici
See Also:
Serialized Form

Field Summary
protected  SSLeaySessionContext context
           
protected  java.lang.Class socketType
           
 
Fields inherited from class javax.net.ssl.SSLServerSocketFactory
defaultInstance
 
Fields inherited from class javax.net.ServerSocketFactory
defaultInstance
 
Constructor Summary
SSLeayServerSocketFactory()
          Create a new SSLeayServerSocketFactory using a new SSLeaySessionContext.The instantiation of the factory will be performed lazy, upon the first call of a communication method.
SSLeayServerSocketFactory(SSLeaySessionContext context)
          Create a new SSLeayServerSocketFactory using context as the SSLeaySessionContext for all connection initiated by the server sockets created by this factory.
 
Method Summary
 java.net.ServerSocket createServerSocket(int port)
           
 java.net.ServerSocket createServerSocket(int port, int backlog)
           
 java.net.ServerSocket createServerSocket(int port, int backlog, java.net.InetAddress bindAddr)
           
 java.lang.String[] getDefaultCipherSuites()
           
 java.lang.Class getServerSocketClass()
          Return the type of sockets created by this factory.
 java.lang.String[] getSupportedCipherSuites()
           
 void setDefaultCipherSuites(java.lang.String[] ciphers)
           
protected  void setServerSocketClass(java.lang.Class cls)
          Specify the type of sockets (class) returned by the createServerSocket methods.
protected  void setSSLPolicy(SSLeayServerSocket s)
          This is a template method called in the createSocket methods after creating and binding a SSLeayServerSocket.
 
Methods inherited from class javax.net.ssl.SSLServerSocketFactory
getDefault, setDefault
 
Methods inherited from class javax.net.ServerSocketFactory
setDefault
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

context

protected transient SSLeaySessionContext context

socketType

protected java.lang.Class socketType
Constructor Detail

SSLeayServerSocketFactory

public SSLeayServerSocketFactory()
Create a new SSLeayServerSocketFactory using a new SSLeaySessionContext.The instantiation of the factory will be performed lazy, upon the first call of a communication method.
Throws:
SSLeayRuntimeException - no identity information
java.lang.Error - no CA information

SSLeayServerSocketFactory

public SSLeayServerSocketFactory(SSLeaySessionContext context)
Create a new SSLeayServerSocketFactory using context as the SSLeaySessionContext for all connection initiated by the server sockets created by this factory.
Parameters:
context - the SessionConxtext of all connections of this factory
Method Detail

createServerSocket

public java.net.ServerSocket createServerSocket(int port)
                                         throws java.io.IOException
Overrides:
createServerSocket in class SSLServerSocketFactory

createServerSocket

public java.net.ServerSocket createServerSocket(int port,
                                                int backlog)
                                         throws java.io.IOException
Overrides:
createServerSocket in class SSLServerSocketFactory

createServerSocket

public java.net.ServerSocket createServerSocket(int port,
                                                int backlog,
                                                java.net.InetAddress bindAddr)
                                         throws java.io.IOException
Overrides:
createServerSocket in class SSLServerSocketFactory

getDefaultCipherSuites

public java.lang.String[] getDefaultCipherSuites()
Overrides:
getDefaultCipherSuites in class SSLServerSocketFactory

getSupportedCipherSuites

public java.lang.String[] getSupportedCipherSuites()
Overrides:
getSupportedCipherSuites in class SSLServerSocketFactory

setDefaultCipherSuites

public void setDefaultCipherSuites(java.lang.String[] ciphers)

setSSLPolicy

protected void setSSLPolicy(SSLeayServerSocket s)
This is a template method called in the createSocket methods after creating and binding a SSLeayServerSocket.

Subclasses of SSLeayServerSocketFactory can redefine this method to specify alternative SSL configuration policies for the SSLeayServersockets and thus for the server side sockets. can be specified using methods of SSLSocket i.e.


setServerSocketClass

protected void setServerSocketClass(java.lang.Class cls)
Specify the type of sockets (class) returned by the createServerSocket methods. The class has to be a subclass of SSLeayServerSocket. The constructors of cls have to be a superset of the SSLeaySocket's constructors.
Parameters:
cls - the class of the sockets to create
Throws:
java.lang.IllegalArgumentException - cls is not a subclass of SSLeaySocket or constructor mismatch between cls and SSLeaySocket.

getServerSocketClass

public java.lang.Class getServerSocketClass()
Return the type of sockets created by this factory. The returned Class object will be a subclass of SSLeayServerSocket.
Returns:
the class of the objects returned by createSocket