Class AuthSSLProtocolSocketFactory
- All Implemented Interfaces:
org.apache.commons.httpclient.protocol.ProtocolSocketFactory
,org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
Mutual Authentication against an Alfresco repository. AuthSSLProtocolSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates and to authenticate to the HTTPS server using a private key.
Adapted from code here: http://svn.apache.org/viewvc/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLX509TrustManager.java?revision=608014&view=co
AuthSSLProtocolSocketFactory will enable server authentication when supplied with
a truststore
file containing one or several trusted certificates.
The client secure socket will reject the connection during the SSL session handshake
if the target HTTPS server attempts to authenticate itself with a non-trusted
certificate.
AuthSSLProtocolSocketFactory will enable client authentication when supplied with
a keystore
file containg a private key/public certificate pair.
The client secure socket will use the private key to authenticate itself to the target
HTTPS server during the SSL session handshake if requested to do so by the server.
The target HTTPS server will in its turn verify the certificate presented by the client
in order to establish client's authenticity
- Since:
- 4.0
-
Constructor Summary
ConstructorsConstructorDescriptionAuthSSLProtocolSocketFactory
(AlfrescoKeyStore sslKeyStore, AlfrescoKeyStore sslTrustStore, KeyResourceLoader keyResourceLoader) Constructor for AuthSSLProtocolSocketFactory. -
Method Summary
Modifier and TypeMethodDescriptioncreateSocket
(String host, int port) createSocket
(String host, int port, InetAddress clientHost, int clientPort) createSocket
(String host, int port, InetAddress localAddress, int localPort, org.apache.commons.httpclient.params.HttpConnectionParams params) Attempts to get a new socket connection to the given host within the given time limit.createSocket
(Socket socket, String host, int port, boolean autoClose)
-
Constructor Details
-
AuthSSLProtocolSocketFactory
public AuthSSLProtocolSocketFactory(AlfrescoKeyStore sslKeyStore, AlfrescoKeyStore sslTrustStore, KeyResourceLoader keyResourceLoader) Constructor for AuthSSLProtocolSocketFactory. Either a keystore or truststore file must be given. Otherwise SSL context initialization error will result.- Parameters:
sslKeyStore
- SSL parameters to use.keyResourceLoader
- loads key resources from an arbitrary source e.g. classpath
-
-
Method Details
-
createSocket
public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, org.apache.commons.httpclient.params.HttpConnectionParams params) throws IOException, UnknownHostException, org.apache.commons.httpclient.ConnectTimeoutException Attempts to get a new socket connection to the given host within the given time limit.To circumvent the limitations of older JREs that do not support connect timeout a controller thread is executed. The controller thread attempts to create a new socket within the given limit of time. If socket constructor does not return until the timeout expires, the controller terminates and throws an
ConnectTimeoutException
- Specified by:
createSocket
in interfaceorg.apache.commons.httpclient.protocol.ProtocolSocketFactory
- Parameters:
host
- the host name/IPport
- the port on the hostlocalAddress
- the local host name/IP to bind the socket tolocalPort
- the port on the local machineparams
-Http connection parameters
- Returns:
- Socket a new socket
- Throws:
IOException
- if an I/O error occurs while creating the socketUnknownHostException
- if the IP address of the host cannot be determinedorg.apache.commons.httpclient.ConnectTimeoutException
-
createSocket
public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException - Specified by:
createSocket
in interfaceorg.apache.commons.httpclient.protocol.ProtocolSocketFactory
- Throws:
IOException
UnknownHostException
- See Also:
-
ProtocolSocketFactory.createSocket(java.lang.String,int,java.net.InetAddress,int)
-
createSocket
- Specified by:
createSocket
in interfaceorg.apache.commons.httpclient.protocol.ProtocolSocketFactory
- Throws:
IOException
UnknownHostException
- See Also:
-
ProtocolSocketFactory.createSocket(java.lang.String,int)
-
createSocket
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException - Specified by:
createSocket
in interfaceorg.apache.commons.httpclient.protocol.SecureProtocolSocketFactory
- Throws:
IOException
UnknownHostException
- See Also:
-
SecureProtocolSocketFactory.createSocket(java.net.Socket,java.lang.String,int,boolean)
-