FileDocCategorySizeDatePackage
IBMJSSESocketFactory.javaAPI DocApache Axis 1.46803Sat Apr 22 18:57:28 BST 2006org.apache.axis.components.net

IBMJSSESocketFactory

public class IBMJSSESocketFactory extends JSSESocketFactory implements SecureSocketFactory
SSL socket factory. It _requires_ a valid RSA key and JSSE. (borrowed code from tomcat)
author
Davanum Srinivas (dims@yahoo.com)

Fields Summary
private String
keystoreType
Field keystoreType
static String
defaultKeystoreType
Field defaultKeystoreType
static String
defaultProtocol
Field defaultProtocol
static String
defaultAlgorithm
Field defaultAlgorithm
static boolean
defaultClientAuth
Field defaultClientAuth
private boolean
clientAuth
Field clientAuth
static String
defaultKeystoreFile
Field defaultKeystoreFile
static String
defaultKeyPass
Field defaultKeyPass
Constructors Summary
public IBMJSSESocketFactory(Hashtable attributes)
Constructor IBMJSSESocketFactory

param
attributes


             
       
        super(attributes);
Methods Summary
protected com.ibm.net.ssl.SSLContextgetContext()
gets a SSL Context

return
SSLContext
throws
Exception

        // Please don't change the name of the attribute - other
        // software may depend on it ( j2ee for sure )
        String keystoreFile = (String) attributes.get("keystore");
        if (keystoreFile == null) {
            keystoreFile = defaultKeystoreFile;
        }

        keystoreType = (String) attributes.get("keystoreType");
        if (keystoreType == null) {
            keystoreType = defaultKeystoreType;
        }

        // determine whether we want client authentication
        // the presence of the attribute enables client auth
        clientAuth = null != (String) attributes.get("clientauth");
        String keyPass = (String) attributes.get("keypass");
        if (keyPass == null) {
            keyPass = defaultKeyPass;
        }

        String keystorePass = (String) attributes.get("keystorePass");
        if (keystorePass == null) {
            keystorePass = keyPass;
        }

        // protocol for the SSL ie - TLS, SSL v3 etc.
        String protocol = (String) attributes.get("protocol");
        if (protocol == null) {
            protocol = defaultProtocol;
        }

        // Algorithm used to encode the certificate ie - SunX509
        String algorithm = (String) attributes.get("algorithm");
        if (algorithm == null) {
            algorithm = defaultAlgorithm;
        }

        // You can't use ssl without a server certificate.
        // Create a KeyStore ( to get server certs )
        KeyStore kstore = initKeyStore(keystoreFile, keystorePass);

        // Key manager will extract the server key
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(algorithm);

        kmf.init(kstore, keyPass.toCharArray());

        // If client authentication is needed, set up TrustManager
        TrustManager[] tm = null;

        if (clientAuth) {
            TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");

            tmf.init(kstore);
            tm = tmf.getTrustManagers();
        }

        // Create a SSLContext ( to create the ssl factory )
        // This is the only way to use server sockets with JSSE 1.0.1
        SSLContext context = SSLContext.getInstance(protocol);    // SSL

        // init context with the key managers
        context.init(kmf.getKeyManagers(), tm,
                new java.security.SecureRandom());
        return context;
protected voidinitFactory()
Read the keystore, init the SSL socket factory

throws
IOException


        try {
            Security.addProvider(new com.ibm.jsse.JSSEProvider());
            Security.addProvider(new com.ibm.crypto.provider.IBMJCE());

            if(attributes == null) {
                //No configuration specified. Get the default.
                sslFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            } else {
                //Configuration specified in wsdd.
                SSLContext context = getContext();
                sslFactory = context.getSocketFactory();
            }
        } catch (Exception e) {
            if (e instanceof IOException) {
                throw (IOException) e;
            }
            throw new IOException(e.getMessage());
        }
private java.security.KeyStoreinitKeyStore(java.lang.String keystoreFile, java.lang.String keyPass)
intializes a keystore.

param
keystoreFile
param
keyPass
return
keystore
throws
IOException

        try {
            KeyStore kstore = KeyStore.getInstance(keystoreType);

            InputStream istream = new FileInputStream(keystoreFile);
            kstore.load(istream, keyPass.toCharArray());
            return kstore;
        } catch (FileNotFoundException fnfe) {
            throw fnfe;
        } catch (IOException ioe) {
            throw ioe;
        } catch (Exception ex) {
            ex.printStackTrace();
            throw new IOException("Exception trying to load keystore "
                    + keystoreFile + ": " + ex.getMessage());
        }