|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.jsslutils.extra.apachehttpclient.SslContextedSecureProtocolSocketFactory
public class SslContextedSecureProtocolSocketFactory
This is a SecureProtocolSocketFactory for with the SSLContext can be configured. It is based on Sebastian Hauer's StrictSSLProtocolSocketFactory, available in the contribution directory of the Apache HTTP client library 3.1. The main difference is that the SSLContext can be set, which means that the use of client certificates or CRLs may be configured this way. The intent was to use it in conjunction with jSSLutils, but it is not a dependency. If no SSLContext is set up, the default SSLSocketFactory is used.
DISCLAIMER: HttpClient developers DO NOT actively support this component. The component is provided as a reference material, which may be inappropriate for use without additional customization.
Constructor Summary | |
---|---|
SslContextedSecureProtocolSocketFactory()
Constructor for SslContextedSecureProtocolSocketFactory. |
|
SslContextedSecureProtocolSocketFactory(boolean verifyHostname)
Constructor for SslContextedSecureProtocolSocketFactory. |
|
SslContextedSecureProtocolSocketFactory(javax.net.ssl.SSLContext sslContext)
Constructor for SslContextedSecureProtocolSocketFactory. |
|
SslContextedSecureProtocolSocketFactory(javax.net.ssl.SSLContext sslContext,
boolean verifyHostname)
Constructor for SslContextedSecureProtocolSocketFactory. |
Method Summary | |
---|---|
java.net.Socket |
createSocket(java.net.Socket socket,
java.lang.String host,
int port,
boolean autoClose)
|
java.net.Socket |
createSocket(java.lang.String host,
int port)
|
java.net.Socket |
createSocket(java.lang.String host,
int port,
java.net.InetAddress clientHost,
int clientPort)
|
java.net.Socket |
createSocket(java.lang.String host,
int port,
java.net.InetAddress localAddress,
int localPort,
org.apache.commons.httpclient.params.HttpConnectionParams params)
Attempts to get a new socket connection to the given host within the given time limit. |
boolean |
getHostnameVerification()
Gets the status of the host name verification flag. |
protected javax.net.ssl.SSLSocketFactory |
getSslSocketFactory()
Returns the SSLSocketFactory to use to create the sockets. |
void |
setHostnameVerification(boolean verifyHostname)
Set the host name verification flag. |
void |
setSSLContext(javax.net.ssl.SSLContext sslContext)
Sets the SSLContext to use. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public SslContextedSecureProtocolSocketFactory(javax.net.ssl.SSLContext sslContext, boolean verifyHostname)
sslContext
- The SSLContext to use for building the SSLSocketFactory. If
this is null, then the default SSLSocketFactory is used.verifyHostname
- The host name verification flag. If set to true
the SSL sessions server host name will be compared to the host
name returned in the server certificates "Common Name" field
of the "SubjectDN" entry. If these names do not match a
Exception is thrown to indicate this. Enabling host name
verification will help to prevent from man-in-the-middle
attacks. If set to false
host name verification
is turned off.
Code sample:
Protocol stricthttps = new Protocol( "https", new SslContextedSecureProtocolSocketFactory(sslContext,true), 443); HttpClient client = new HttpClient(); client.getHostConfiguration().setHost("localhost", 443, stricthttps);
public SslContextedSecureProtocolSocketFactory(javax.net.ssl.SSLContext sslContext)
sslContext
- The SSLContext to use for building the SSLSocketFactory. If
this is null, then the default SSLSocketFactory is used.public SslContextedSecureProtocolSocketFactory(boolean verifyHostname)
verifyHostname
- The host name verification flag. If set to true
the SSL sessions server host name will be compared to the host
name returned in the server certificates "Common Name" field
of the "SubjectDN" entry. If these names do not match a
Exception is thrown to indicate this. Enabling host name
verification will help to prevent from man-in-the-middle
attacks. If set to false
host name verification
is turned off.public SslContextedSecureProtocolSocketFactory()
Method Detail |
---|
public void setHostnameVerification(boolean verifyHostname)
verifyHostname
- The host name verification flag. If set to true
the SSL sessions server host name will be compared to the host
name returned in the server certificates "Common Name" field
of the "SubjectDN" entry. If these names do not match a
Exception is thrown to indicate this. Enabling host name
verification will help to prevent from man-in-the-middle
attacks. If set to false
host name verification
is turned off.public boolean getHostnameVerification()
true
if host
name verification is turned on, or false
if host
name verification is turned off.public java.net.Socket createSocket(java.lang.String host, int port, java.net.InetAddress clientHost, int clientPort) throws java.io.IOException, java.net.UnknownHostException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
java.io.IOException
java.net.UnknownHostException
ProtocolSocketFactory.createSocket(java.lang.String,int,java.net.InetAddress,int)
public java.net.Socket createSocket(java.lang.String host, int port, java.net.InetAddress localAddress, int localPort, org.apache.commons.httpclient.params.HttpConnectionParams params) throws java.io.IOException, java.net.UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException
This method employs several techniques to circumvent the limitations of
older JREs that do not support connect timeout. When running in JRE 1.4
or above reflection is used to call Socket#connect(SocketAddress
endpoint, int timeout) method. When executing in older JREs a controller
thread is executed. The controller thread attempts to create a new socket
within the given limit of time. If socket constructor does not return
until the timeout expires, the controller terminates and throws an
ConnectTimeoutException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
host
- the host name/IPport
- the port on the hostclientHost
- the local host name/IP to bind the socket toclientPort
- the port on the local machineparams
- Http connection parameters
java.io.IOException
- if an I/O error occurs while creating the socket
java.net.UnknownHostException
- if the IP address of the host cannot be determined
org.apache.commons.httpclient.ConnectTimeoutException
public java.net.Socket createSocket(java.lang.String host, int port) throws java.io.IOException, java.net.UnknownHostException
createSocket
in interface org.apache.commons.httpclient.protocol.ProtocolSocketFactory
java.io.IOException
java.net.UnknownHostException
ProtocolSocketFactory.createSocket(java.lang.String,int)
public java.net.Socket createSocket(java.net.Socket socket, java.lang.String host, int port, boolean autoClose) throws java.io.IOException, java.net.UnknownHostException
createSocket
in interface org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
java.io.IOException
java.net.UnknownHostException
SecureProtocolSocketFactory.createSocket(java.net.Socket,java.lang.String,int,boolean)
protected javax.net.ssl.SSLSocketFactory getSslSocketFactory()
public void setSSLContext(javax.net.ssl.SSLContext sslContext)
sslContext
- SSLContext to use.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |