trunk/activemq-core/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.apache.activemq.transport.tcp;

 import java.io.IOException;
 import java.net.Socket;
 import java.net.URI;
 import java.net.URISyntaxException;

 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
 import javax.net.ssl.SSLSocket;

 import org.apache.activemq.transport.Transport;
 import org.apache.activemq.wireformat.WireFormat;

 /**
  *  An SSL TransportServer.
  *
  *  Allows for client certificate authentication (refer to setNeedClientAuth for
  *      details).
  *  NOTE: Client certificate authentication is disabled by default.
  *
  */
 public class SslTransportServer extends TcpTransportServer {

     // Specifies if sockets created from this server should needClientAuth.
     private boolean needClientAuth;

     // Specifies if sockets created from this server should wantClientAuth.
     private boolean wantClientAuth;


     /**
      * Creates a ssl transport server for the specified url using the provided
      * serverSocketFactory
      *
      * @param transportFactory The factory used to create transports when connections arrive.
      * @param location The location of the broker to bind to.
      * @param serverSocketFactory The factory used to create this server.
      * @throws IOException passed up from TcpTransportFactory.
      * @throws URISyntaxException passed up from TcpTransportFactory.
      */
     public SslTransportServer(
             SslTransportFactory transportFactory,
             URI location,
             SSLServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
         super(transportFactory, location, serverSocketFactory);
     }

     /**
      * Sets whether client authentication should be required
      * Must be called before {@link #bind()}
      * Note: Calling this method clears the wantClientAuth flag
      * in the underlying implementation.
      */
     public void setNeedClientAuth(boolean needAuth) {
         this.needClientAuth = needAuth;
     }

     /**
      * Returns whether client authentication should be required.
      */
     public boolean getNeedClientAuth() {
         return this.needClientAuth;
     }

     /**
      * Returns whether client authentication should be requested.
      */
     public boolean getWantClientAuth() {
         return this.wantClientAuth;
     }

     /**
      * Sets whether client authentication should be requested.
      * Must be called before {@link #bind()}
      * Note: Calling this method clears the needClientAuth flag
      * in the underlying implementation.
      */
     public void setWantClientAuth(boolean wantAuth) {
         this.wantClientAuth = wantAuth;
     }

     /**
      * Binds this socket to the previously specified URI.
      *
      * Overridden to allow for proper handling of needClientAuth.
      *
      * @throws IOException passed up from TcpTransportServer.
      */
     public void bind() throws IOException {
         super.bind();
         if (needClientAuth) {
             ((SSLServerSocket)this.serverSocket).setNeedClientAuth(true);
         } else if (wantClientAuth) {
             ((SSLServerSocket)this.serverSocket).setWantClientAuth(true);
         }
     }

     /**
      * Used to create Transports for this server.
      *
      * Overridden to allow the use of SslTransports (instead of TcpTransports).
      *
      * @param socket The incoming socket that will be wrapped into the new Transport.
      * @param format The WireFormat being used.
      * @return The newly return (SSL) Transport.
      * @throws IOException
      */
     protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
         return new SslTransport(format, (SSLSocket)socket);
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.apache.activemq.transport.tcp;

	import java.io.IOException;
	import java.net.Socket;
	import java.net.URI;
	import java.net.URISyntaxException;

	import javax.net.ssl.SSLServerSocket;
	import javax.net.ssl.SSLServerSocketFactory;
	import javax.net.ssl.SSLSocket;

	import org.apache.activemq.transport.Transport;
	import org.apache.activemq.wireformat.WireFormat;

	/**
	* An SSL TransportServer.
	*
	* Allows for client certificate authentication (refer to setNeedClientAuth for
	* details).
	* NOTE: Client certificate authentication is disabled by default.
	*
	*/
	public class SslTransportServer extends TcpTransportServer {

	// Specifies if sockets created from this server should needClientAuth.
	private boolean needClientAuth;

	// Specifies if sockets created from this server should wantClientAuth.
	private boolean wantClientAuth;


	/**
	* Creates a ssl transport server for the specified url using the provided
	* serverSocketFactory
	*
	* @param transportFactory The factory used to create transports when connections arrive.
	* @param location The location of the broker to bind to.
	* @param serverSocketFactory The factory used to create this server.
	* @throws IOException passed up from TcpTransportFactory.
	* @throws URISyntaxException passed up from TcpTransportFactory.
	*/
	public SslTransportServer(
	SslTransportFactory transportFactory,
	URI location,
	SSLServerSocketFactory serverSocketFactory) throws IOException, URISyntaxException {
	super(transportFactory, location, serverSocketFactory);
	}

	/**
	* Sets whether client authentication should be required
	* Must be called before {@link #bind()}
	* Note: Calling this method clears the wantClientAuth flag
	* in the underlying implementation.
	*/
	public void setNeedClientAuth(boolean needAuth) {
	this.needClientAuth = needAuth;
	}

	/**
	* Returns whether client authentication should be required.
	*/
	public boolean getNeedClientAuth() {
	return this.needClientAuth;
	}

	/**
	* Returns whether client authentication should be requested.
	*/
	public boolean getWantClientAuth() {
	return this.wantClientAuth;
	}

	/**
	* Sets whether client authentication should be requested.
	* Must be called before {@link #bind()}
	* Note: Calling this method clears the needClientAuth flag
	* in the underlying implementation.
	*/
	public void setWantClientAuth(boolean wantAuth) {
	this.wantClientAuth = wantAuth;
	}

	/**
	* Binds this socket to the previously specified URI.
	*
	* Overridden to allow for proper handling of needClientAuth.
	*
	* @throws IOException passed up from TcpTransportServer.
	*/
	public void bind() throws IOException {
	super.bind();
	if (needClientAuth) {
	((SSLServerSocket)this.serverSocket).setNeedClientAuth(true);
	} else if (wantClientAuth) {
	((SSLServerSocket)this.serverSocket).setWantClientAuth(true);
	}
	}

	/**
	* Used to create Transports for this server.
	*
	* Overridden to allow the use of SslTransports (instead of TcpTransports).
	*
	* @param socket The incoming socket that will be wrapped into the new Transport.
	* @param format The WireFormat being used.
	* @return The newly return (SSL) Transport.
	* @throws IOException
	*/
	protected Transport createTransport(Socket socket, WireFormat format) throws IOException {
	return new SslTransport(format, (SSLSocket)socket);
	}
	}