trunk/activemq-core/src/main/java/org/apache/activemq/broker/SslBrokerService.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.activemq.broker;

 import java.io.IOException;
 import java.net.URI;
 import java.security.KeyManagementException;
 import java.security.SecureRandom;

 import javax.net.ssl.KeyManager;
 import javax.net.ssl.TrustManager;

 import org.apache.activemq.transport.TransportFactory;
 import org.apache.activemq.transport.TransportServer;
 import org.apache.activemq.transport.tcp.SslTransportFactory;

 /**
  * A BrokerService that allows access to the key and trust managers used by SSL
  * connections. There is no reason to use this class unless SSL is being used
  * AND the key and trust managers need to be specified from within code. In
  * fact, if the URI passed to this class does not have an "ssl" scheme, this
  * class will pass all work on to its superclass.
  *
  * @author sepandm@gmail.com (Sepand)
  */
 public class SslBrokerService extends BrokerService {
     /**
      * Adds a new transport connector for the given bind address. If the
      * transport created uses SSL, it will also use the key and trust managers
      * provided. Otherwise, this is the same as calling addConnector.
      *
      * @param bindAddress The address to bind to.
      * @param km The KeyManager to be used.
      * @param tm The trustmanager to be used.
      * @param random The source of randomness for the generator.
      * @return the newly connected and added transport connector.
      * @throws Exception
      */

     public TransportConnector addSslConnector(String bindAddress, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws Exception {
         return addSslConnector(new URI(bindAddress), km, tm, random);
     }

     /**
      * Adds a new transport connector for the given bind address. If the
      * transport created uses SSL, it will also use the key and trust managers
      * provided. Otherwise, this is the same as calling addConnector.
      *
      * @param bindAddress The URI to bind to.
      * @param km The KeyManager to be used.
      * @param tm The trustmanager to be used.
      * @param random The source of randomness for the generator.
      * @return the newly created and added transport connector.
      * @throws Exception
      */
     public TransportConnector addSslConnector(URI bindAddress, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws Exception {
         return addConnector(createSslTransportServer(bindAddress, km, tm, random));
     }

     /**
      * Creates a TransportServer that uses the given key and trust managers. The
      * last three parameters will be eventually passed to SSLContext.init.
      *
      * @param brokerURI The URI to bind to.
      * @param km The KeyManager to be used.
      * @param tm The trustmanager to be used.
      * @param random The source of randomness for the generator.
      * @return A new TransportServer that uses the given managers.
      * @throws IOException If cannot handle URI.
      * @throws KeyManagementException Passed on from SSL.
      */
     protected TransportServer createSslTransportServer(URI brokerURI, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws IOException, KeyManagementException {

         if (brokerURI.getScheme().equals("ssl")) {
             // If given an SSL URI, use an SSL TransportFactory and configure
             // it to use the given key and trust managers.
             SslTransportFactory transportFactory = new SslTransportFactory();

             SslContext ctx = new SslContext(km, tm, random);
             SslContext.setCurrentSslContext(ctx);
             try {
                 return transportFactory.doBind(brokerURI);
             } finally {
                 SslContext.setCurrentSslContext(null);
             }

         } else {
             // Else, business as usual.
             return TransportFactory.bind(this, brokerURI);
         }
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.activemq.broker;

	import java.io.IOException;
	import java.net.URI;
	import java.security.KeyManagementException;
	import java.security.SecureRandom;

	import javax.net.ssl.KeyManager;
	import javax.net.ssl.TrustManager;

	import org.apache.activemq.transport.TransportFactory;
	import org.apache.activemq.transport.TransportServer;
	import org.apache.activemq.transport.tcp.SslTransportFactory;

	/**
	* A BrokerService that allows access to the key and trust managers used by SSL
	* connections. There is no reason to use this class unless SSL is being used
	* AND the key and trust managers need to be specified from within code. In
	* fact, if the URI passed to this class does not have an "ssl" scheme, this
	* class will pass all work on to its superclass.
	*
	* @author sepandm@gmail.com (Sepand)
	*/
	public class SslBrokerService extends BrokerService {
	/**
	* Adds a new transport connector for the given bind address. If the
	* transport created uses SSL, it will also use the key and trust managers
	* provided. Otherwise, this is the same as calling addConnector.
	*
	* @param bindAddress The address to bind to.
	* @param km The KeyManager to be used.
	* @param tm The trustmanager to be used.
	* @param random The source of randomness for the generator.
	* @return the newly connected and added transport connector.
	* @throws Exception
	*/

	public TransportConnector addSslConnector(String bindAddress, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws Exception {
	return addSslConnector(new URI(bindAddress), km, tm, random);
	}

	/**
	* Adds a new transport connector for the given bind address. If the
	* transport created uses SSL, it will also use the key and trust managers
	* provided. Otherwise, this is the same as calling addConnector.
	*
	* @param bindAddress The URI to bind to.
	* @param km The KeyManager to be used.
	* @param tm The trustmanager to be used.
	* @param random The source of randomness for the generator.
	* @return the newly created and added transport connector.
	* @throws Exception
	*/
	public TransportConnector addSslConnector(URI bindAddress, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws Exception {
	return addConnector(createSslTransportServer(bindAddress, km, tm, random));
	}

	/**
	* Creates a TransportServer that uses the given key and trust managers. The
	* last three parameters will be eventually passed to SSLContext.init.
	*
	* @param brokerURI The URI to bind to.
	* @param km The KeyManager to be used.
	* @param tm The trustmanager to be used.
	* @param random The source of randomness for the generator.
	* @return A new TransportServer that uses the given managers.
	* @throws IOException If cannot handle URI.
	* @throws KeyManagementException Passed on from SSL.
	*/
	protected TransportServer createSslTransportServer(URI brokerURI, KeyManager[] km, TrustManager[] tm, SecureRandom random) throws IOException, KeyManagementException {

	if (brokerURI.getScheme().equals("ssl")) {
	// If given an SSL URI, use an SSL TransportFactory and configure
	// it to use the given key and trust managers.
	SslTransportFactory transportFactory = new SslTransportFactory();

	SslContext ctx = new SslContext(km, tm, random);
	SslContext.setCurrentSslContext(ctx);
	try {
	return transportFactory.doBind(brokerURI);
	} finally {
	SslContext.setCurrentSslContext(null);
	}

	} else {
	// Else, business as usual.
	return TransportFactory.bind(this, brokerURI);
	}
	}
	}