net.jini.jeri.ssl
Class SslEndpointImpl

java.lang.Object
  extended by net.jini.jeri.ssl.Utilities
      extended by net.jini.jeri.ssl.SslEndpointImpl
All Implemented Interfaces:
ConnectionEndpoint
Direct Known Subclasses:
HttpsEndpoint.HttpsEndpointImpl

 class SslEndpointImpl
extends Utilities
implements ConnectionEndpoint

Provides the implementation of SslEndpoint so that the implementation can be inherited by HttpsEndpoint without revealing the inheritance in the public API.

Author:
Sun Microsystems, Inc.

Nested Class Summary
private static class SslEndpointImpl.ComparableConnectionContext
          Used for sorting ConnectionContexts by preferences and suite order.
private static class SslEndpointImpl.ConnectionContextCache
          Defines a structure to cache a ConnectionContexts for specific constraints and client principals.
private static class SslEndpointImpl.ConnectionsIterator
          Defines an iterator over active and idle connections which performs error checking on connections.
private static class SslEndpointImpl.CopyOnRemoveList
          A List that supports removing items by making a copy of the underlying list.
private static class SslEndpointImpl.ExceptionOutboundRequestIterator
          An outbound request iterator that throws an IOException or a SecurityException.
 
Nested classes/interfaces inherited from class net.jini.jeri.ssl.Utilities
Utilities.SSLContextInfo
 
Field Summary
private static int CACHE_SIZE
          The size of the connection context cache.
private  int cacheNext
          Next index for a connectionContextCache miss; counts down, not up.
private  SslEndpointImpl.ConnectionContextCache[] connectionContextCache
          A cache for recently computed connection contexts.
(package private)  ConnManager connectionManager
          The connection manager for this endpoint or null if not yet set.
private static ConnManagerFactory connectionManagerFactory
          The factory for default connection managers.
private static Map connectionMgrs
          Weak key map that maps connection endpoints to weak references to the associated ConnManager.
(package private)  boolean disableSocketConnect
          Whether to disable calling Socket.connect -- set when used by discovery providers.
(package private)  Endpoint endpoint
          The associated endpoint.
(package private) static Logger logger
          Client logger
(package private)  int port
          The server port.
(package private)  String serverHost
          The name of the server host.
(package private)  SocketFactory socketFactory
          The factory for creating sockets, or null to use default sockets.
 
Fields inherited from class net.jini.jeri.ssl.Utilities
ANY_KEY_ALGORITHM, clientLogger, DSA_KEY_ALGORITHM, getSubjectPermission, initLogger, INTEGRITY_PREFERRED, INTEGRITY_REQUIRED, RSA_KEY_ALGORITHM, serverLogger, UNKNOWN_PRINCIPAL
 
Constructor Summary
SslEndpointImpl(Endpoint endpoint, String serverHost, int port, SocketFactory socketFactory)
          Creates an instance of this class.
 
Method Summary
private static List checkAuthenticationPermissions(List contexts)
          Removes the contexts for which the client does not have authentication permission.
private  void checkResolvePermission()
           
private static List checkSubject(List contexts, Subject clientSubject, boolean constrainedServer, InvocationConstraints constraints)
          Returns a list of the contexts which are supported by principals and credentials in the Subject.
private static List computeConnectionContexts(String[] suites, Set clients, Set servers, InvocationConstraints constraints)
          Computes a list of ConnectionContexts for the specified set of suites, client and server principals, and constraints, sorted by preferences and suite order.
 Connection connect(OutboundRequestHandle handle)
          Creates a new connection.
 Connection connect(OutboundRequestHandle handle, Collection active, Collection idle)
          Chooses a connection from existing connections.
private  CallContext createCallContext(List contexts, Subject clientSubject)
          Convert connection contexts to a call context
 boolean equals(Object object)
          Two instances of this class are equal if they have the same actual class; have the same values for server host and port; and have socket factories that are either both null, or have the same actual class and are equal.
(package private)  String fieldsToString()
          Returns a string representation of the fields of this object.
private  CallContext getCallContext(InvocationConstraints constraints)
          Returns a context for making a remote call with the specified constraints and the current subject.
private  List getConnectionContexts(InvocationConstraints constraints, Set clientPrincipals)
          Gets an unmodifiable list of the ConnectionContexts for the specified constraints and client principals.
private  ConnManager getConnectionManager()
          Returns the connection manager for this endpoint.
private static Map getPublicCredentials(Subject subject)
          Returns a map that maps each principal in the subject to a set of the associated X.500 public credentials.
private static Boolean getSubjectPermitted()
          Checks if the caller has permission to get the current subject, returning Boolean.TRUE or FALSE.
 int hashCode()
          Returns a hash code value for this object.
(package private)  OutboundRequestIterator newRequest(CallContext callContext)
          Implements Endpoint.newRequest when the constraints are supported.
(package private)  OutboundRequestIterator newRequest(InvocationConstraints constraints)
          Implements Endpoint.newRequest
 String toString()
          Returns a string representation of this object.
 
Methods inherited from class net.jini.jeri.ssl.Utilities
checkValidity, contains, doesEncryption, doesServerAuthentication, equals, firstX509Cert, getCertFactory, getCipherAlgorithm, getClassName, getClientPrincipals, getClientPrincipals, getClientSSLContextInfo, getKeyAlgorithm, getKeyExchangeAlgorithm, getPermittedKeyAlgorithms, getServerPrincipals, getServerSSLContextInfo, getSupportedCipherSuites, hasStrongCipherAlgorithm, logThrow, maintainsIntegrity, permittedKeyAlgorithm, position, releaseClientSSLContextInfo, safeEquals, subjectString, toString
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Field Detail

logger

static final Logger logger
Client logger


connectionMgrs

private static final Map connectionMgrs
Weak key map that maps connection endpoints to weak references to the associated ConnManager. The weak values insure that the keys will not be strongly held, since the connection manager has a strong reference to the associated connection endpoint.


CACHE_SIZE

private static final int CACHE_SIZE
The size of the connection context cache.

See Also:
Constant Field Values

connectionManagerFactory

private static final ConnManagerFactory connectionManagerFactory
The factory for default connection managers.


endpoint

final Endpoint endpoint
The associated endpoint.


serverHost

final String serverHost
The name of the server host.


port

final int port
The server port.


socketFactory

final SocketFactory socketFactory
The factory for creating sockets, or null to use default sockets.


disableSocketConnect

boolean disableSocketConnect
Whether to disable calling Socket.connect -- set when used by discovery providers.


connectionContextCache

private SslEndpointImpl.ConnectionContextCache[] connectionContextCache
A cache for recently computed connection contexts.


cacheNext

private int cacheNext
Next index for a connectionContextCache miss; counts down, not up.


connectionManager

ConnManager connectionManager
The connection manager for this endpoint or null if not yet set.

Constructor Detail

SslEndpointImpl

SslEndpointImpl(Endpoint endpoint,
                String serverHost,
                int port,
                SocketFactory socketFactory)
Creates an instance of this class.

Method Detail

toString

public String toString()
Returns a string representation of this object.

Overrides:
toString in class Object

fieldsToString

final String fieldsToString()
Returns a string representation of the fields of this object.


hashCode

public int hashCode()
Returns a hash code value for this object.

Overrides:
hashCode in class Object

equals

public boolean equals(Object object)
Two instances of this class are equal if they have the same actual class; have the same values for server host and port; and have socket factories that are either both null, or have the same actual class and are equal.

Overrides:
equals in class Object

newRequest

final OutboundRequestIterator newRequest(InvocationConstraints constraints)
Implements Endpoint.newRequest


newRequest

OutboundRequestIterator newRequest(CallContext callContext)
Implements Endpoint.newRequest when the constraints are supported.


getConnectionManager

private ConnManager getConnectionManager()
Returns the connection manager for this endpoint.


getCallContext

private CallContext getCallContext(InvocationConstraints constraints)
                            throws UnsupportedConstraintException
Returns a context for making a remote call with the specified constraints and the current subject. This method does not perform communication with the remote server. Throws a SecurityException if lack of authentication permissions needed for requirements prevent the use of all contexts. Throws UnsupportedConstraintException if some requirements cannot be satisfied. Returns a CallContext if throwing an exception or returning null would reveal information about the current subject that the caller does not have permission to know.

Throws:
UnsupportedConstraintException

createCallContext

private CallContext createCallContext(List contexts,
                                      Subject clientSubject)
Convert connection contexts to a call context


checkSubject

private static List checkSubject(List contexts,
                                 Subject clientSubject,
                                 boolean constrainedServer,
                                 InvocationConstraints constraints)
                          throws UnsupportedConstraintException
Returns a list of the contexts which are supported by principals and credentials in the Subject. Throws an UnsupportedConstraintException if none of the contexts are supported, otherwise returns a non-empty list.

Throws:
UnsupportedConstraintException

getSubjectPermitted

private static Boolean getSubjectPermitted()
Checks if the caller has permission to get the current subject, returning Boolean.TRUE or FALSE.


checkAuthenticationPermissions

private static List checkAuthenticationPermissions(List contexts)
Removes the contexts for which the client does not have authentication permission. Throws SecurityException if lack of permission prevents any contexts from being used.


getPublicCredentials

private static Map getPublicCredentials(Subject subject)
Returns a map that maps each principal in the subject to a set of the associated X.500 public credentials.


getConnectionContexts

private List getConnectionContexts(InvocationConstraints constraints,
                                   Set clientPrincipals)
Gets an unmodifiable list of the ConnectionContexts for the specified constraints and client principals.


computeConnectionContexts

private static List computeConnectionContexts(String[] suites,
                                              Set clients,
                                              Set servers,
                                              InvocationConstraints constraints)
Computes a list of ConnectionContexts for the specified set of suites, client and server principals, and constraints, sorted by preferences and suite order.


connect

public Connection connect(OutboundRequestHandle handle)
                   throws IOException
Creates a new connection.

Specified by:
connect in interface ConnectionEndpoint
Parameters:
handle - the handle for the request
Returns:
a new connection that can be used to send a request for the specified handle
Throws:
IOException - if an I/O exception occurs

connect

public Connection connect(OutboundRequestHandle handle,
                          Collection active,
                          Collection idle)
Chooses a connection from existing connections.

Specified by:
connect in interface ConnectionEndpoint
Parameters:
handle - the handle for the request
active - the connections with requests in progress
idle - the connections with no requests in progress
Returns:
a connection that can be used to send an outbound request for the specified handle, or null

checkResolvePermission

private void checkResolvePermission()


Copyright 2007-2010, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.