books.netty.ssl.SecureChatServerInitializer.java Source code

Java tutorial

Introduction

Here is the source code for books.netty.ssl.SecureChatServerInitializer.java

Source

/*
 * Copyright 2012 The Netty Project
 *
 * The Netty Project licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package books.netty.ssl;

import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.codec.DelimiterBasedFrameDecoder;
import io.netty.handler.codec.Delimiters;
import io.netty.handler.codec.string.StringDecoder;
import io.netty.handler.codec.string.StringEncoder;
import io.netty.handler.ssl.SslHandler;

import javax.net.ssl.SSLEngine;

/**
 * Creates a newly configured {@link ChannelPipeline} for a new channel.
 */
public class SecureChatServerInitializer extends ChannelInitializer<SocketChannel> {

    private String tlsMode;

    public SecureChatServerInitializer(String TLS_MODE) {
        tlsMode = TLS_MODE;
    }

    @Override
    public void initChannel(SocketChannel ch) throws Exception {
        ChannelPipeline pipeline = ch.pipeline();

        // Add SSL handler first to encrypt and decrypt everything.
        // In this example, we use a bogus certificate in the server side
        // and accept any invalid certificates in the client side.
        // You will need something more complicated to identify both
        // and server in the real world.
        //
        // Read SecureChatSslContextFactory
        // if you need client certificate authentication.

        SSLEngine engine = null;
        if (SSLMODE.CA.toString().equals(tlsMode)) {
            engine = SecureChatSslContextFactory
                    .getServerContext(tlsMode,
                            System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/client/sChat.jks", null)
                    .createSSLEngine();
        } else if (SSLMODE.CSA.toString().equals(tlsMode)) {
            engine = SecureChatSslContextFactory
                    .getServerContext(tlsMode,
                            System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks",
                            System.getProperty("user.dir") + "/src/com/phei/netty/ssl/conf/twoway/sChat.jks")
                    .createSSLEngine();

            // engine = SecureChatSslContextFactory
            // .getServerContext(
            // tlsMode,
            // System.getProperty("user.dir")
            // + "/src/com/phei/netty/ssl/conf/client/sChat.jks",
            // System.getProperty("user.dir")
            // + "/src/com/phei/netty/ssl/conf/client/sChat.jks")
            // .createSSLEngine();
        } else {
            System.err.println("ERROR : " + tlsMode);
            System.exit(-1);
        }
        engine.setUseClientMode(false);

        // Client auth
        if (SSLMODE.CSA.toString().equals(tlsMode))
            engine.setNeedClientAuth(true);
        pipeline.addLast("ssl", new SslHandler(engine));

        // On top of the SSL handler, add the text line codec.
        pipeline.addLast("framer", new DelimiterBasedFrameDecoder(8192, Delimiters.lineDelimiter()));
        pipeline.addLast("decoder", new StringDecoder());
        pipeline.addLast("encoder", new StringEncoder());

        // and then business logic.
        pipeline.addLast("handler", new SecureChatServerHandler());
    }
}