Package net.jini.jeri.ssl

Provides implementations of Endpoint and ServerEndpoint that use TLS/SSL and HTTPS (HTTP over TLS/SSL) to support invocation constraints.

See:
          Description

Class Summary
AuthManager Implements X509KeyManager by getting its key and credential information from a JAAS subject, and X509TrustManager by using FilterX509TrustManager.
CallContext Records information needed to make a remote call.
ClientAuthManager An AuthManager for clients.
ConfidentialityStrength Represents a constraint that, if confidentiality of message contents is ensured, the specified strength of confidentiality be used.
ConnectionContext Records information about a connection used for a remote call and determines whether the connection could support specific constraints.
FilterX509TrustManager Implements an X509TrustManager that only trusts certificate chains whose first certificate identifies one of a set of principals.
HttpsEndpoint An implementation of Endpoint that uses HTTPS (HTTP over TLS/SSL) to support invocation constraints for communication through firewalls.
HttpsEndpoint.EndpointInfo Manages the open connections associated with endpoints equal to a representative endpoint.
HttpsEndpoint.HttpClient Subclass of HttpClientConnection that closes the associated connection when it shuts down and moves it to the idle list when it becomes idle.
HttpsEndpoint.HttpsConnection  
HttpsEndpoint.HttpsEndpointImpl Implementation delegate
HttpsEndpoint.HttpsOutboundRequest Implements OutboundRequest using the specified OutboundRequest, HttpsConnection, and OutboundRequestHandle.
HttpsEndpoint.Reaper Records idle times in connections and shuts them down if they have been idle for at least IDLE_TIMEOUT milliseconds.
HttpsServerEndpoint An implementation of ServerEndpoint that uses HTTPS (HTTP over TLS/SSL) to support invocation constraints for communication through firewalls.
HttpsServerEndpoint.HttpsServerEndpointImpl Implementation delegate.
HttpsServerEndpoint.HttpsServerEndpointImpl.HttpServer An HTTP server connection that gets its client host from the HTTPS connection and closes the HTTPS connection when it shuts down.
HttpsServerEndpoint.HttpsServerEndpointImpl.HttpsInboundRequest Implements InboundRequest
HttpsServerEndpoint.HttpsServerEndpointImpl.HttpsRequestDispatcher Implements RequestDispatcher using the specified RequestDispatcher and ServerConnection.
ServerAuthManager An AuthManager for servers.
SslConnection Implementation of Connection used by SslEndpoint.
SslEndpoint An implementation of Endpoint that uses TLS/SSL to support invocation constraints for direct communication over TCP sockets.
SslEndpoint.SslEndpointInternals Support EndpointInternals, for use by discovery providers
SslEndpointImpl Provides the implementation of SslEndpoint so that the implementation can be inherited by HttpsEndpoint without revealing the inheritance in the public API.
SslEndpointImpl.ComparableConnectionContext Used for sorting ConnectionContexts by preferences and suite order.
SslEndpointImpl.ConnectionContextCache Defines a structure to cache a ConnectionContexts for specific constraints and client principals.
SslEndpointImpl.ConnectionsIterator Defines an iterator over active and idle connections which performs error checking on connections.
SslEndpointImpl.CopyOnRemoveList A List that supports removing items by making a copy of the underlying list.
SslEndpointImpl.ExceptionOutboundRequestIterator An outbound request iterator that throws an IOException or a SecurityException.
SslServerEndpoint An implementation of ServerEndpoint that uses TLS/SSL to support invocation constraints for direct communication over TCP sockets.
SslServerEndpointImpl Provides the implementation of SslServerEndpoint so that the implementation can be inherited by HttpsServerEndpoint without revealing the inheritance in the public API.
SslTrustVerifier Trust verifier for the SslEndpoint, HttpsEndpoint, and ConfidentialityStrength classes.
SubjectCredentials Provides methods for retrieving credentials from a Subject.
SubjectCredentials.CertificateMatcher Provides utilities for converting between X.509 certificates and unique certificate names.
SubjectCredentials.GetAllPrivateCredentialsAction A privileged action that returns all the X.500 private credentials for a subject as an X500PrivateCredential array.
SubjectCredentials.GetPrivateCredentialAction A privileged action that gets the private credentials for an X.509 certificate.
Utilities Provides miscellaneous utilities for the classes in this package.
Utilities.ClientKey WeakKey for looking up a client SSLContext.
Utilities.ServerKey WeakKey for looking up a server SSLContext.
Utilities.SSLContextInfo Used to pass an SSLContext and AuthManager pair.
Utilities.Value Used to store a soft reference to a SSLContext and the associated AuthManager in the SSL context map.
 

Package net.jini.jeri.ssl Description

Provides implementations of Endpoint and ServerEndpoint that use TLS/SSL and HTTPS (HTTP over TLS/SSL) to support invocation constraints.

The package includes two ServerEndpoint classes to support the server side of remote connections, SslServerEndpoint for direct communication over TCP sockets using TLS/SSL (Secure Socket Layer), and HttpsServerEndpoint for communication through firewalls using HTTPS (Hypertext Transfer Protocol encapsulated in the TLS/SSL protocol), with the associated Endpoint classes, SslEndpoint and HttpsEndpoint.

The package includes the ConfidentialityStrength constraint, supported by the endpoints in the package, for specifying requirements or preferences for weak or strong confidentiality on remote connections.

The package also includes the SslTrustVerifier trust verifier for establishing trust in remote proxies that use instances of the endpoint and constraint classes supplied in this package, as well as principals of type X500Principal.

Supported Constraints

The endpoint classes in this package support at least the following constraints, possibly limited by the available cipher suites:

Note that ConnectionRelativeTime and DelegationRelativeTime constraints may be used on the client side at higher levels, but should be converted to the associated absolute time constraints for use by the Endpoint classes.

Subject Authentication

The endpoint classes authenticate as a single Principal if the following items are present in the Subject:

In addition, the newRequest methods for the client endpoint classes will only authenticate as a given principal if the caller has been granted AuthenticationPermission with that principal as the local principal, the principal representing the authenticated identity of the server as the peer principal, and the connect action.

Similarly, the server endpoint classes will only dispatch remote calls that authenticate as a given principal if the caller of listen on their ListenEndpoint has been granted AuthenticationPermission with that principal as the local principal, the principal representing the authenticated identity of the client for the call (if any) as the peer principal, and the accept action.

These endpoint classes support remote connections between authenticated servers and authenticated or anonymous clients, and between anonymous servers and anonymous clients. Connections between anonymous servers and authenticated clients are not supported. Because of the suites available in the TLS/SSL protocol, support for Confidentiality.NO requires the server to authenticate with an RSA public key.

If the server subject contains principals and credentials that would permit authentication of more than one X500Principal, the endpoint will make an arbitrary choice of the principal to use for authentication, and will continue to make the same choice so long as subject contents, validity of credentials, and security permissions do not change.

If there is a security manager, the OutboundRequestIterator.next methods defined on the iterators returned by calling the newRequest methods on the client endpoints call the security manager's checkConnect method with the endpoint's server host and port.

Similarly, if there is a security manager, the checkPermissions and listen methods defined on ListenEndpoint instances returned by the server endpoints call the security manager's checkListen method, as well as requiring the caller to have AuthenticationPermission with all the server principals specified in the server endpoint and the listen action.

The host name specified when creating SslServerEndpoint or HttpsServerEndpoint instances controls the host name that will be contained in associated Endpoint instances produced when ServerEndpoint.enumerateListenEndpoints is invoked to listen on the server endpoint; the host name does not affect the behavior of the listen operation itself, which listens on all of the local system's network addresses. If the host name in the server endpoint is null, then the host name in the endpoint instances that it produces will be the default server host name, which is the IP address string of the InetAddress returned by InetAddress.getLocalHost when enumerateListenEndpoints is invoked.

The client and server endpoint classes permit specifying a SocketFactory for creating the Socket instances that client endpoints use to make remote connections back to the server. The server endpoints permit specifying a ServerSocketFactory for creating the ServerSocket instances that the server endpoint uses to accept remote connections. These socket factories and sockets should not implement the TLS/SSL protocol; it is the responsibility of the implementation to establish TLS/SSL connections over the sockets it obtains from the socket factories. In particular, instances of SSLSocketFactory and SSLServerSocketFactory should not be used, and the factories used should not return instances of SSLSocket or SSLServerSocket.

A SocketFactory used with instances of the endpoint classes should be serializable, and must implement Object.equals to obey the guidelines that are specified for equals methods of Endpoint instances. A ServerSocketFactory used with instances of the server endpoint classes must implement Object.equals to obey the guidelines that are specified for equals methods of ListenEndpoint instances.

The HttpsEndpoint class recognizes the following system properties:

The SslEndpoint and SslServerEndpoint classes use the Jini extensible remote invocation (Jini ERI) multiplexing protocol to map outgoing requests to socket connections.

Since:
2.0
Version:
2.0
Implementation Specifics:
This implementation uses the Java(TM) Secure Socket Extension (JSSE).

This implementation uses the ConnectionManager and ServerConnectionManager classes to manage connections.

Loggers and Logging Levels

This implementation uses the following Logger instances in the net.jini.jeri.ssl namespace:

net.jini.jeri.ssl.init
Level Description
WARNING problems with initializing JSSE or with registering internal entry points with discovery providers

net.jini.jeri.ssl.client
Level Description
FAILED problems with outbound requests
HANDLED exceptions caught involving authentication
FINE authentication decisions; creating, choosing, expiring, or closing connections; or handling outbound requests
FINEST low level operation tracing

net.jini.jeri.ssl.server
Level Description
INFO problems with accepting or handling server connections, or with handling inbound requests
FAILED problems with checking constraints or permissions, with enumerating listen endpoints, or with security issues for inbound requests
HANDLED exceptions caught involving authentication
FINE creating server endpoints, enumerating listen endpoints, creating or closing connections or listen handles, or checking constraints for endpoints or inbound requests
FINEST low level operation tracing

See the LogManager class for one way to use the FAILED and HANDLED logging levels in standard logging configuration files.

Configuration

This implementation uses the following security providers:

See the documentation on installing security providers and configuring JSSE for information on configuring these providers.

The JSSE documentation also describes the system properties for configuring the location, type, and password of the truststore that the endpoints use, through JSSE, to make decisions about what certificate chains should be trusted.

Both the TLS/SSL and HTTPS implementations recognize the following system properties:

The following system properties are recognized by HTTPS implementation only:



Copyright 2007-2010, multiple authors.
Licensed under the Apache License, Version 2.0, see the NOTICE file for attributions.