org.apache.avalon.cornerstone.blocks.sockets
Class TLSSocketFactory
java.lang.Object
org.apache.avalon.framework.logger.AbstractLogEnabled
org.apache.avalon.cornerstone.blocks.sockets.AbstractTLSSocketFactory
org.apache.avalon.cornerstone.blocks.sockets.TLSSocketFactory
- All Implemented Interfaces:
- Configurable, Contextualizable, Initializable, LogEnabled, SocketFactory
- public class TLSSocketFactory
- extends AbstractTLSSocketFactory
- implements SocketFactory, Contextualizable, Configurable, Initializable
Manufactures TLS client sockets. Configuration element inside a
SocketManager would look like:
<factory name="secure"
class="org.apache.avalon.cornerstone.blocks.sockets.TLSSocketFactory" >
<ssl-factory /> <!-- see SSLFactoryBuilder
-->
<timeout> 0 </timeout>
<!-- if the value is greater than zero, a read() call on the
InputStream associated with this Socket will block for only this
amount of time in milliseconds. Default value is 0. -->
<verify-server-identity>true|false</verify-server-identity>
<!-- whether or not the server identity should be verified.
Defaults to false. -->
</factory>
Server identity verification currently includes only comparing the
certificate Common Name received with the host name in the
passed address. Identity verification requires that SSL
handshake is completed for the socket, so it takes longer
to get a verified socket (and won't play well with non-blocking
application like SEDA).
Another thing to keep in mind when using identity verification is
that InetAddress objects for the remote hosts should be
built using InetAddress.getByName(java.lang.String)
with
the host name (matching the certificate CN) as the
argument. Failure to do so may cause relatively costly DNS lookups
and false rejections caused by inconsistencies between forward and
reverse resolution.
- Author:
- Peter Donald, Federico Barbieri, Charles Benett, Harish Prabandham, Costin Manolache, Craig McClanahan, Andrei Ivanov, Greg Steuck
Method Summary |
void |
configure(Configuration configuration)
Configures the factory. |
java.net.Socket |
createSocket(java.net.InetAddress address,
int port)
Creates a socket connected to the specified remote address. |
java.net.Socket |
createSocket(java.net.InetAddress address,
int port,
java.net.InetAddress localAddress,
int localPort)
Creates a socket and connected to the specified remote address
originating from specified local address. |
protected void |
visitBuilder(SSLFactoryBuilder builder)
The child factories have to use an instance of
SSLFactoryBuilder to obtain their factories. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TLSSocketFactory
public TLSSocketFactory()
configure
public void configure(Configuration configuration)
throws ConfigurationException
- Configures the factory.
- Specified by:
configure
in interface Configurable
- Overrides:
configure
in class AbstractTLSSocketFactory
- Parameters:
configuration
- the Configuration
- Throws:
ConfigurationException
- if an error occurs
visitBuilder
protected void visitBuilder(SSLFactoryBuilder builder)
- Description copied from class:
AbstractTLSSocketFactory
- The child factories have to use an instance of
SSLFactoryBuilder to obtain their factories. So they
are given an instance when it's ready. Another alternative was
to have the SSLFactoryBuilder export buildContext method, but
that would mean SSLContext which is deep in Sun guts will be
aired in 3-4 classes instead of 1.
- Specified by:
visitBuilder
in class AbstractTLSSocketFactory
createSocket
public java.net.Socket createSocket(java.net.InetAddress address,
int port)
throws java.io.IOException
- Creates a socket connected to the specified remote address.
- Specified by:
createSocket
in interface SocketFactory
- Parameters:
address
- the remote addressport
- the remote port
- Returns:
- the socket
- Throws:
java.io.IOException
- if an error occurs
createSocket
public java.net.Socket createSocket(java.net.InetAddress address,
int port,
java.net.InetAddress localAddress,
int localPort)
throws java.io.IOException
- Creates a socket and connected to the specified remote address
originating from specified local address.
- Specified by:
createSocket
in interface SocketFactory
- Parameters:
address
- the remote addressport
- the remote portlocalAddress
- the local addresslocalPort
- the local port
- Returns:
- the socket
- Throws:
java.io.IOException
- if an error occurs
Copyright © 1997-2005 The Apache Software Foundation. All Rights Reserved.