List of usage examples for javax.net.ssl SSLEngine setWantClientAuth
public abstract void setWantClientAuth(boolean want);
From source file:com.eucalyptus.crypto.util.SslSetup.java
public static SSLEngine getServerEngine() {//TODO:GRZE: @Configurability final SSLEngine engine = SERVER_CONTEXT.createSSLEngine(); engine.setUseClientMode(false);//from ww w . j a va 2 s .c om engine.setWantClientAuth(false); engine.setNeedClientAuth(false); engine.setEnabledProtocols( SslUtils.getEnabledProtocols(SERVER_SSL_PROTOCOLS, engine.getSupportedProtocols())); engine.setEnabledCipherSuites( SslUtils.getEnabledCipherSuites(SERVER_SSL_CIPHERS, SERVER_SUPPORTED_CIPHERS)); return engine; }
From source file:org.siddhiesb.transport.http.conn.ServerSSLSetupHandler.java
public void initalize(final SSLEngine sslengine) throws SSLException { if (clientAuth != null) { switch (clientAuth) { case OPTIONAL: sslengine.setWantClientAuth(true); break; case REQUIRED: sslengine.setNeedClientAuth(true); }//from w w w . j a v a2 s . c o m } // set handshake protocols if they are specified in transport // configuration. if (httpsProtocols != null) { sslengine.setEnabledProtocols(httpsProtocols); } }
From source file:org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener.java
/** * Create the SSLIOSessionHandler to initialize the SSL session / engine, and request for * client authentication at the following levels, through an Axis2 transport configuration * parameter as follows://from w w w .j a v a 2s. com * SSLVerifyClient - none, optional, require * * @param transportIn the Axis2 transport configuration * @return the SSLIOSessionHandler to be used * @throws AxisFault if a configuration error occurs */ protected SSLIOSessionHandler getSSLIOSessionHandler(TransportInDescription transportIn) throws AxisFault { final Parameter clientAuth = transportIn.getParameter("SSLVerifyClient"); return new SSLIOSessionHandler() { public void initalize(SSLEngine sslengine, HttpParams params) { if (clientAuth != null) { if ("optional".equals(clientAuth.getValue())) { sslengine.setWantClientAuth(true); } else if ("require".equals(clientAuth.getValue())) { sslengine.setNeedClientAuth(true); } } } public void verify(SocketAddress removeAddress, SSLSession session) throws SSLException { } }; }
From source file:com.hypersocket.server.HypersocketServerImpl.java
public SSLEngine createSSLEngine(InetSocketAddress localAddress, InetSocketAddress remoteAddress) { SSLEngine engine = getSSLContext(localAddress, remoteAddress).createSSLEngine(); engine.setUseClientMode(false);/* w w w . ja v a 2 s . co m*/ engine.setWantClientAuth(false); if (enabledCipherSuites != null && enabledCipherSuites.length > 0) { engine.setEnabledCipherSuites(enabledCipherSuites); } if (enabledProtocols != null && enabledProtocols.length > 0) { engine.setEnabledProtocols(enabledProtocols); } return engine; }
From source file:org.apache.nifi.processor.util.listen.dispatcher.SocketChannelDispatcher.java
@Override public void run() { while (!stopped) { try {/*from w w w . j a v a 2s .co m*/ int selected = selector.select(); // if stopped the selector could already be closed which would result in a ClosedSelectorException if (selected > 0 && !stopped) { Iterator<SelectionKey> selectorKeys = selector.selectedKeys().iterator(); // if stopped we don't want to modify the keys because close() may still be in progress while (selectorKeys.hasNext() && !stopped) { SelectionKey key = selectorKeys.next(); selectorKeys.remove(); if (!key.isValid()) { continue; } if (key.isAcceptable()) { // Handle new connections coming in final ServerSocketChannel channel = (ServerSocketChannel) key.channel(); final SocketChannel socketChannel = channel.accept(); // Check for available connections if (currentConnections.incrementAndGet() > maxConnections) { currentConnections.decrementAndGet(); logger.warn("Rejecting connection from {} because max connections has been met", new Object[] { socketChannel.getRemoteAddress().toString() }); IOUtils.closeQuietly(socketChannel); continue; } logger.debug("Accepted incoming connection from {}", new Object[] { socketChannel.getRemoteAddress().toString() }); // Set socket to non-blocking, and register with selector socketChannel.configureBlocking(false); SelectionKey readKey = socketChannel.register(selector, SelectionKey.OP_READ); // Prepare the byte buffer for the reads, clear it out ByteBuffer buffer = bufferPool.poll(); buffer.clear(); buffer.mark(); // If we have an SSLContext then create an SSLEngine for the channel SSLSocketChannel sslSocketChannel = null; if (sslContext != null) { final SSLEngine sslEngine = sslContext.createSSLEngine(); sslEngine.setUseClientMode(false); switch (clientAuth) { case REQUIRED: sslEngine.setNeedClientAuth(true); break; case WANT: sslEngine.setWantClientAuth(true); break; case NONE: sslEngine.setNeedClientAuth(false); sslEngine.setWantClientAuth(false); break; } sslSocketChannel = new SSLSocketChannel(sslEngine, socketChannel); } // Attach the buffer and SSLSocketChannel to the key SocketChannelAttachment attachment = new SocketChannelAttachment(buffer, sslSocketChannel); readKey.attach(attachment); } else if (key.isReadable()) { // Clear out the operations the select is interested in until done reading key.interestOps(0); // Create a handler based on the protocol and whether an SSLEngine was provided or not final Runnable handler; if (sslContext != null) { handler = handlerFactory.createSSLHandler(key, this, charset, eventFactory, events, logger); } else { handler = handlerFactory.createHandler(key, this, charset, eventFactory, events, logger); } // run the handler executor.execute(handler); } } } // Add back all idle sockets to the select SelectionKey key; while ((key = keyQueue.poll()) != null) { key.interestOps(SelectionKey.OP_READ); } } catch (IOException e) { logger.error("Error accepting connection from SocketChannel", e); } } }
From source file:org.apache.synapse.transport.nhttp.HttpCoreNIOSSLListener.java
/** * Create the SSLIOSessionHandler to initialize the SSL session / engine, and request for * client authentication at the following levels, through an Axis2 transport configuration * parameter as follows:/*from www . j a v a2s . c o m*/ * SSLVerifyClient - none, optional, require * * @param transportIn the Axis2 transport configuration * @return the SSLIOSessionHandler to be used * @throws AxisFault if a configuration error occurs */ protected SSLSetupHandler getSSLIOSessionHandler(TransportInDescription transportIn) throws AxisFault { final Parameter clientAuth = transportIn.getParameter("SSLVerifyClient"); return new SSLSetupHandler() { public void initalize(SSLEngine sslengine) { if (clientAuth != null) { if ("optional".equals(clientAuth.getValue())) { sslengine.setWantClientAuth(true); } else if ("require".equals(clientAuth.getValue())) { sslengine.setNeedClientAuth(true); } } } public void verify(IOSession ioSession, SSLSession sslSession) throws SSLException { } }; }