net.jini.jeri.ssl
Class SslServerEndpointImpl

java.lang.Object
  extended by net.jini.jeri.ssl.Utilities
      extended by net.jini.jeri.ssl.SslServerEndpointImpl
Direct Known Subclasses:
HttpsServerEndpoint.HttpsServerEndpointImpl

 class SslServerEndpointImpl
extends Utilities

Provides the implementation of SslServerEndpoint so that the implementation can be inherited by HttpsServerEndpoint without revealing the inheritance in the public API.

Author:
Sun Microsystems, Inc.

Nested Class Summary
(package private)  class SslServerEndpointImpl.SslListenCookie
          Implements ListenCookie
(package private)  class SslServerEndpointImpl.SslListenEndpoint
          Implements ListenEndpoint
(package private)  class SslServerEndpointImpl.SslListenHandle
          Implements ListenHandle
(package private)  class SslServerEndpointImpl.SslServerConnection
          Implements ServerConnection
 
Nested classes/interfaces inherited from class net.jini.jeri.ssl.Utilities
Utilities.SSLContextInfo
 
Field Summary
private  ServerAuthManager authManager
          The authentication manager for the SSLContext for this endpoint -- set by sslInit.
private static ServerConnManager defaultServerConnectionManager
          The default server connection manager.
private  ServerEndpoint.ListenEndpoint listenEndpoint
          The listen endpoint.
(package private)  Permission[] listenPermissions
          The permissions needed to authenticate when listening on this endpoint, or null if the server is anonymous.
(package private) static Logger logger
          Server logger
(package private) static long maxServerSessionDuration
          The maximum time a session should be used before expiring -- non-final to facilitate testing.
(package private)  int port
          The server port
(package private)  ServerConnManager serverConnectionManager
          The server connection manager.
(package private)  ServerEndpoint serverEndpoint
          The associated server endpoint.
(package private)  String serverHost
          The host name that clients should use to connect to this server, or null if enumerateListenEndpoints should compute the default.
(package private)  Set serverPrincipals
          The principals to use for authentication, or null if the server is anonymous.
(package private)  ServerSocketFactory serverSocketFactory
          The server socket factory.
(package private)  Subject serverSubject
          The server subject, or null if the server is anonymous.
(package private)  SocketFactory socketFactory
          The socket factory for use in the associated Endpoint.
private  SSLSocketFactory sslSocketFactory
          The factory for creating JSSE sockets -- set by sslInit
(package private) static Executor systemExecutor
          Executes a Runnable in a system thread -- used for listener accept threads.
 
Fields inherited from class net.jini.jeri.ssl.Utilities
ANY_KEY_ALGORITHM, clientLogger, DSA_KEY_ALGORITHM, getSubjectPermission, initLogger, INTEGRITY_PREFERRED, INTEGRITY_REQUIRED, RSA_KEY_ALGORITHM, serverLogger, UNKNOWN_PRINCIPAL
 
Constructor Summary
SslServerEndpointImpl(ServerEndpoint serverEndpoint, Subject serverSubject, X500Principal[] serverPrincipals, String serverHost, int port, SocketFactory socketFactory, ServerSocketFactory serverSocketFactory)
          Creates an instance of this class.
 
Method Summary
(package private)  InvocationConstraints checkConstraints(InvocationConstraints constraints)
           
private  SslServerEndpointImpl.SslListenCookie checkCookie(ServerEndpoint.ListenCookie cookie)
          Checks that the argument is a valid listen cookie for this server endpoint.
(package private)  void checkListenPermissions(boolean checkSocket)
          Check for permission to listen on this endpoint, but only checking socket permissions if checkSocket is true.
private static Set checkPrincipals(X500Principal[] principals)
          Checks that principals is not empty and contains no nulls, and returns it as a set.
private static Set computePrincipals(Subject subject)
          Computes the principals in the subject available for authentication
(package private)  Endpoint createEndpoint(String serverHost, SslServerEndpointImpl.SslListenCookie cookie)
          Creates an endpoint for this server endpoint corresponding to the specified server host and listen cookie.
(package private)  ServerEndpoint.ListenEndpoint createListenEndpoint()
          Creates a listen endpoint for this server endpoint.
(package private)  Endpoint enumerateListenEndpoints(ServerEndpoint.ListenContext listenContext)
           
 boolean equals(Object object)
          Two instances of this class are equal if they have the same actual class; have server subjects that compare equal using ==; have server principals that are either both null or are equal when compared as the elements of a Set; have the same server host and port; have socket factories that are either both null, or have the same actual class and are equal; and have server socket factories that are either both null, or have the same actual class and are equal.
(package private)  String fieldsToString()
          Returns a string representation of the fields of this object.
(package private)  ServerAuthManager getAuthManager()
          Returns the ServerAuthManager, calling sslInit if needed.
(package private)  SSLSocketFactory getSSLSocketFactory()
          Returns the SSLSocketFactory, calling sslInit if needed.
(package private) static InvocationConstraints getUnfulfilledConstraints(String cipherSuite, Principal client, Principal server, InvocationConstraints constraints)
          Returns null if the constraints are not supported, else any integrity constraints required or preferred by the arguments.
 int hashCode()
          Returns a hash code value for this object.
private  boolean hasListenPermissions()
          Returns true if the caller has AuthenticationPermission for listen on this endpoint.
private  void sslInit()
          Initializes the sslSocketFactory and authManager fields.
 String toString()
          Returns a string representation of this object.
 
Methods inherited from class net.jini.jeri.ssl.Utilities
checkValidity, contains, doesEncryption, doesServerAuthentication, equals, firstX509Cert, getCertFactory, getCipherAlgorithm, getClassName, getClientPrincipals, getClientPrincipals, getClientSSLContextInfo, getKeyAlgorithm, getKeyExchangeAlgorithm, getPermittedKeyAlgorithms, getServerPrincipals, getServerSSLContextInfo, getSupportedCipherSuites, hasStrongCipherAlgorithm, logThrow, maintainsIntegrity, permittedKeyAlgorithm, position, releaseClientSSLContextInfo, safeEquals, subjectString, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

logger

static final Logger logger
Server logger


maxServerSessionDuration

static long maxServerSessionDuration
The maximum time a session should be used before expiring -- non-final to facilitate testing. Use 24 hours to allow the client, which uses 23.5 hours, to renegotiate a new session before the server timeout.


systemExecutor

static final Executor systemExecutor
Executes a Runnable in a system thread -- used for listener accept threads.


defaultServerConnectionManager

private static final ServerConnManager defaultServerConnectionManager
The default server connection manager.


serverEndpoint

final ServerEndpoint serverEndpoint
The associated server endpoint.


serverSubject

final Subject serverSubject
The server subject, or null if the server is anonymous.


serverPrincipals

final Set serverPrincipals
The principals to use for authentication, or null if the server is anonymous.


serverHost

final String serverHost
The host name that clients should use to connect to this server, or null if enumerateListenEndpoints should compute the default.


port

final int port
The server port


socketFactory

final SocketFactory socketFactory
The socket factory for use in the associated Endpoint.


serverSocketFactory

final ServerSocketFactory serverSocketFactory
The server socket factory.


listenPermissions

Permission[] listenPermissions
The permissions needed to authenticate when listening on this endpoint, or null if the server is anonymous.


listenEndpoint

private final ServerEndpoint.ListenEndpoint listenEndpoint
The listen endpoint.


sslSocketFactory

private SSLSocketFactory sslSocketFactory
The factory for creating JSSE sockets -- set by sslInit


authManager

private ServerAuthManager authManager
The authentication manager for the SSLContext for this endpoint -- set by sslInit.


serverConnectionManager

ServerConnManager serverConnectionManager
The server connection manager.

Constructor Detail

SslServerEndpointImpl

SslServerEndpointImpl(ServerEndpoint serverEndpoint,
                      Subject serverSubject,
                      X500Principal[] serverPrincipals,
                      String serverHost,
                      int port,
                      SocketFactory socketFactory,
                      ServerSocketFactory serverSocketFactory)
Creates an instance of this class.

Method Detail

computePrincipals

private static Set computePrincipals(Subject subject)
Computes the principals in the subject available for authentication


hasListenPermissions

private boolean hasListenPermissions()
Returns true if the caller has AuthenticationPermission for listen on this endpoint.


checkPrincipals

private static Set checkPrincipals(X500Principal[] principals)
Checks that principals is not empty and contains no nulls, and returns it as a set. Returns null if no principals are specified.


sslInit

private void sslInit()
Initializes the sslSocketFactory and authManager fields. Wait to do this until needed, because creating the SSLContext requires initializing the secure random number generator, which can be time consuming.


getSSLSocketFactory

final SSLSocketFactory getSSLSocketFactory()
Returns the SSLSocketFactory, calling sslInit if needed.


getAuthManager

final ServerAuthManager getAuthManager()
Returns the ServerAuthManager, calling sslInit if needed.


hashCode

public int hashCode()
Returns a hash code value for this object.

Overrides:
hashCode in class Object

equals

public boolean equals(Object object)
Two instances of this class are equal if they have the same actual class; have server subjects that compare equal using ==; have server principals that are either both null or are equal when compared as the elements of a Set; have the same server host and port; have socket factories that are either both null, or have the same actual class and are equal; and have server socket factories that are either both null, or have the same actual class and are equal.

Overrides:
equals in class Object

toString

public String toString()
Returns a string representation of this object.

Overrides:
toString in class Object

fieldsToString

final String fieldsToString()
Returns a string representation of the fields of this object.


checkConstraints

final InvocationConstraints checkConstraints(InvocationConstraints constraints)
                                      throws UnsupportedConstraintException
Throws:
UnsupportedConstraintException

getUnfulfilledConstraints

static InvocationConstraints getUnfulfilledConstraints(String cipherSuite,
                                                       Principal client,
                                                       Principal server,
                                                       InvocationConstraints constraints)
Returns null if the constraints are not supported, else any integrity constraints required or preferred by the arguments.


enumerateListenEndpoints

final Endpoint enumerateListenEndpoints(ServerEndpoint.ListenContext listenContext)
                                 throws IOException
Throws:
IOException

createListenEndpoint

ServerEndpoint.ListenEndpoint createListenEndpoint()
Creates a listen endpoint for this server endpoint.


createEndpoint

Endpoint createEndpoint(String serverHost,
                        SslServerEndpointImpl.SslListenCookie cookie)
Creates an endpoint for this server endpoint corresponding to the specified server host and listen cookie.


checkCookie

private SslServerEndpointImpl.SslListenCookie checkCookie(ServerEndpoint.ListenCookie cookie)
Checks that the argument is a valid listen cookie for this server endpoint.


checkListenPermissions

final void checkListenPermissions(boolean checkSocket)
Check for permission to listen on this endpoint, but only checking socket permissions if checkSocket is true.



Copyright 2007-2010, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.