|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--de.tu_darmstadt.sp.ssl.SSLeaySessionContext
Class SSLeaySessionContext is a grouping of SSLSessions associated with a single entity. For example, it could be associated with a server or client who participates in many sessions concurrently. This interface provides methods for retrieving a SSLSession based on its ID, and allows such IDs to be listed.
SSLeaySessionContext
is just a proxy for the real session
cache of the underlying SSLeay layer. At a certain point , its
contents (list of sessions) may not be consistent with the existing sessions
in the underlying SSLeay layer. It rather offers a snapshot of the
existing sessions and their respective session Id's at a given point time in the past.
The update
method is used to re-read the session
information of the SSL_CTX structure. After a call to update
,
the information stored in this object and the one in the SSLeay layer are
consistent. Note that while navigating through the sessions in the
Session Context, new connections may be issued in the underlying layer.
The getIds
method always updates the session cache view.
Field Summary | |
protected int |
context
the opaque pointer of this object |
protected java.util.Hashtable |
sessionHash
The variable holding the view over the underlying session hash |
Constructor Summary | |
|
SSLeaySessionContext()
Create a new SSLeay Session object together with the corresponding SSL_CTX structure in the underlying
SSLeay layer. |
protected |
SSLeaySessionContext(int context)
Create a proxy of the real SSLeay Session context. |
Method Summary | |
void |
addTrustedCACerts(java.lang.String ca_file,
java.lang.String ca_path)
Add the CA certificates in the specified ca_file or
ca_path to the
list of trusted ca's. |
protected void |
doSetUserIdentity(java.lang.String cert_file,
java.lang.String key_file)
Set the identity of the current user in the underlying SSLeay layer. |
protected void |
finalize()
Free the underlying structures |
java.lang.String[] |
getDefaultCipherSuites()
Return the cipher suites which will be used by default by all connections created in this context. |
java.util.Enumeration |
getIds()
Returns an Enumeration of all session id's. |
SSLSession |
getSession(byte[] sessionId)
Returns the SSLSession bound to the specified session id, or null if the specified session id does not refer to a valid SSLSession. |
protected int[] |
getSessionOpaquePointers()
Return a array consisting of the opaque pointers for all the existing sessions in the underlying SSL_CTX structure. |
java.lang.String[] |
getSupportedCipherSuites()
Return the cipher suites the current implementation supports. |
void |
setDefaultCipherSuites(java.lang.String[] ciphers)
Set which cipher suites should be enabled by default for the connections created in this context. |
void |
setUserIdentity()
Initialize the context with the identity of the user. |
void |
update()
|
Methods inherited from class java.lang.Object |
clone,
equals,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
Field Detail |
protected int context
protected java.util.Hashtable sessionHash
Constructor Detail |
public SSLeaySessionContext() throws SSLException
SSL_CTX
structure in the underlying
SSLeay layer.
The initialization is performed using the following properties
or environment variables.
SSL_CIPHERS
and the
system property de.tu_darmstadt.sp.ssl.ssl_ciphers
control the
default cipher suites of this context object. If both are null
the SSLeay defaults will be used.
CA_FILE
and the
system property iti.ssl.ca_file
control the location
of the Certification Agency file. This information not mandatory.
CA_PATH
and the
system property iti.ssl.ca_path
control the location
of the Certification Agency Pem-Format directory. This information not mandatory.
For all cases described above, the property (if existent)
will override the environment variable. If all 4 values
are null
or corresponding files are inexistent,
this context won't have an initial CA information, this is, sockets
created with it won't be able to verify peers. However, the socket
factory which created this context can specify the CA loations
using the addTrustedCACerts
method.
protected SSLeaySessionContext(int context)
context
opaque pointer.context
- opaque pointer, hiding a SSL_CTX*
Method Detail |
public void setUserIdentity() throws SSLeayIdentityException
CERT_FILE
and the
system property iti.ssl.cert_file
control the
location of the certificate of the user. If both variables are
null
or if the specified file does not exist,
a SSLeayIdentityException
will be thrown.
This exception should be caught if the context is used
for connection which do not authenticate themselves.
KEY_FILE
and the
system property iti.ssl.key_file
control the
location of the private key of the user. If both variables are
null
or if the specified file does not exist,
a SSLeayIdentityException
will be thrown.
This exception should be caught if the context is used
for connection which do not authenticate themselves.
For all cases described above, the property (if existent) will override the environment variable.
protected void doSetUserIdentity(java.lang.String cert_file, java.lang.String key_file) throws SSLeayIdentityException
SSLeay
layer. This identity
will be used in all connections/sessions managed by this context.cert_file
- the certificate file to be used. If null
,
the value of the CERT_FILE
environment variable
will be used instead.key_file
- the private key of the user to be used. If null
,
the value of the KEY_FILE
environment variable
will be used instead.public java.util.Enumeration getIds()
getSession
Method.byte[]
object.public SSLSession getSession(byte[] sessionId)
null
if the specified session id does not refer to a valid SSLSession.
This method would reflect the context state corresponding to the last
call of either getIds
or update
sessionId
- a session IdSSLeaySession
object, the session corresponding
to the specified session idprotected int[] getSessionOpaquePointers()
SSL_CTX
structure.public void update()
public java.lang.String[] getDefaultCipherSuites()
public java.lang.String[] getSupportedCipherSuites()
public void setDefaultCipherSuites(java.lang.String[] ciphers)
ciphers
- the cipher suites to be enabled by default for all
connections created via this context. If null
,
throw a IllegalArgumentException
ciphers
- a list of strings, each string being a cipher namenull
public void addTrustedCACerts(java.lang.String ca_file, java.lang.String ca_path) throws java.io.IOException
ca_file
or
ca_path
to the
list of trusted ca's. The contents of the
ca_file
/will
be looked up lazy, upon certificate verification.ca_file
- a file containg a list of trusted certificatesca_path
- a directory in pem-format containg a list of trusted
certificates.ca_file
and ca_path
do not existprotected void finalize()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |