Java Code Examples for javax.net.ssl.SSLServerSocket#setWantClientAuth()

The following examples show how to use javax.net.ssl.SSLServerSocket#setWantClientAuth() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SocketFactory.java    From dacapobench with Apache License 2.0 6 votes vote down vote up
/**
 * Set the server socket configuration to our required
 * QOS values.
 *
 * A small experiment shows that setting either (want, need) parameter to either true or false sets the
 * other parameter to false.
 *
 * @param serverSocket
 *               The newly created SSLServerSocket.
 *
 * @throws IOException if server socket can't be configured
 */
private void configureServerSocket(SSLServerSocket serverSocket) throws IOException {
    // set the authentication value and cipher suite info.
    serverSocket.setEnabledCipherSuites(cipherSuites);
    if (clientAuthRequired) {
        serverSocket.setNeedClientAuth(true);
    } else if (clientAuthSupported) {
        serverSocket.setWantClientAuth(true);
    } else {
        serverSocket.setNeedClientAuth(false); //could set want with the same effect
    }
    serverSocket.setSoTimeout(SOCKET_TIMEOUT_MS);

    if (log.isDebugEnabled()) {
        log.debug("Created SSL server socket on port " + serverSocket.getLocalPort());
        log.debug("    client authentication " + (clientAuthSupported ? "SUPPORTED" : "UNSUPPORTED"));
        log.debug("    client authentication " + (clientAuthRequired ? "REQUIRED" : "OPTIONAL"));
        log.debug("    cipher suites:");

        for (int i = 0; i < cipherSuites.length; i++) {
            log.debug("    " + cipherSuites[i]);
        }
    }
}
 
Example 2
Source File: SslContextFactory.java    From IoTgo_Android_App with MIT License 6 votes vote down vote up
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException
{
    SSLServerSocketFactory factory = _context.getServerSocketFactory();

    SSLServerSocket socket =
        (SSLServerSocket) (host==null ?
                    factory.createServerSocket(port,backlog):
                    factory.createServerSocket(port,backlog,InetAddress.getByName(host)));

    if (getWantClientAuth())
        socket.setWantClientAuth(getWantClientAuth());
    if (getNeedClientAuth())
        socket.setNeedClientAuth(getNeedClientAuth());

    socket.setEnabledCipherSuites(selectCipherSuites(
                                        socket.getEnabledCipherSuites(),
                                        socket.getSupportedCipherSuites()));
    socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols()));

    return socket;
}
 
Example 3
Source File: SslContextFactory.java    From IoTgo_Android_App with MIT License 6 votes vote down vote up
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException
{
    SSLServerSocketFactory factory = _context.getServerSocketFactory();

    SSLServerSocket socket =
        (SSLServerSocket) (host==null ?
                    factory.createServerSocket(port,backlog):
                    factory.createServerSocket(port,backlog,InetAddress.getByName(host)));

    if (getWantClientAuth())
        socket.setWantClientAuth(getWantClientAuth());
    if (getNeedClientAuth())
        socket.setNeedClientAuth(getNeedClientAuth());

    socket.setEnabledCipherSuites(selectCipherSuites(
                                        socket.getEnabledCipherSuites(),
                                        socket.getSupportedCipherSuites()));
    socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols()));

    return socket;
}
 
Example 4
Source File: SSLServerChannelFactory.java    From yajsync with GNU General Public License v3.0 6 votes vote down vote up
@Override
public ServerChannel open(InetAddress address, int port, int timeout)
        throws IOException
{
    SSLServerSocket sock =
        (SSLServerSocket) _factory.createServerSocket(port,
                                                      _backlog, address);
    try {
        sock.setReuseAddress(_isReuseAddress);
        sock.setWantClientAuth(_isWantClientAuth);
        return new SSLServerChannel(sock, timeout);
    } catch (Throwable t) {
        if (!sock.isClosed()) {
            try {
                sock.close();
            } catch (Throwable tt) {
                t.addSuppressed(tt);
            }
        }
        throw t;
    }
}
 
Example 5
Source File: HandshakeCompletedEventTest.java    From j2objc with Apache License 2.0 6 votes vote down vote up
public TestServer(boolean provideKeys, int clientAuth, String keys) throws Exception {
    this.keys = keys;
    this.clientAuth = clientAuth;
    this.provideKeys = provideKeys;

    trustManager = new TestTrustManager();

    KeyManager[] keyManagers = provideKeys ? getKeyManagers(keys) : null;
    TrustManager[] trustManagers = new TrustManager[] { trustManager };

    SSLContext sslContext = SSLContext.getInstance("TLS");
    sslContext.init(keyManagers, trustManagers, null);

    serverSocket = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket();

    if (clientAuth == CLIENT_AUTH_WANTED) {
        serverSocket.setWantClientAuth(true);
    } else if (clientAuth == CLIENT_AUTH_NEEDED) {
        serverSocket.setNeedClientAuth(true);
    } else {
        serverSocket.setWantClientAuth(false);
    }

    serverSocket.bind(new InetSocketAddress(0));
}
 
Example 6
Source File: SslContextFactory.java    From cloudhopper-commons with Apache License 2.0 6 votes vote down vote up
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException {
    SSLServerSocketFactory factory = sslContext.getServerSocketFactory();

    SSLServerSocket socket = 
        (SSLServerSocket) (host==null ?
      factory.createServerSocket(port, backlog):
      factory.createServerSocket(port, backlog, InetAddress.getByName(host)));

    if (sslConfig.getWantClientAuth())
        socket.setWantClientAuth(sslConfig.getWantClientAuth());
    if (sslConfig.getNeedClientAuth())
        socket.setNeedClientAuth(sslConfig.getNeedClientAuth());

    socket.setEnabledCipherSuites(selectCipherSuites(socket.getEnabledCipherSuites(),
			 socket.getSupportedCipherSuites()));
    socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols()));
	
    return socket;
}
 
Example 7
Source File: JSSESocketFactory.java    From Tomcat7.0.67 with Apache License 2.0 5 votes vote down vote up
/**
 * Configure Client authentication for this version of JSSE.  The
 * JSSE included in Java 1.4 supports the 'want' value.  Prior
 * versions of JSSE will treat 'want' as 'false'.
 * @param socket the SSLServerSocket
 */
protected void configureClientAuth(SSLServerSocket socket){
    if (wantClientAuth){
        socket.setWantClientAuth(wantClientAuth);
    } else {
        socket.setNeedClientAuth(requireClientAuth);
    }
}
 
Example 8
Source File: JSSEServer.java    From openjdk-jdk9 with GNU General Public License v2.0 5 votes vote down vote up
JSSEServer(CipherTest cipherTest) throws Exception {
    super(cipherTest);
    SSLContext serverContext = SSLContext.getInstance("TLS");
    serverContext.init(
            new KeyManager[] { CipherTest.keyManager },
            new TrustManager[] { CipherTest.trustManager },
            CipherTest.secureRandom);

    SSLServerSocketFactory factory = (SSLServerSocketFactory)serverContext.getServerSocketFactory();
    serverSocket = (SSLServerSocket)factory.createServerSocket(0);
    serverSocket.setSoTimeout(CipherTest.TIMEOUT);
    CipherTest.serverPort = serverSocket.getLocalPort();
    serverSocket.setEnabledCipherSuites(factory.getSupportedCipherSuites());
    serverSocket.setWantClientAuth(true);
}
 
Example 9
Source File: JSSESocketFactory.java    From tomcatsrc with Apache License 2.0 5 votes vote down vote up
/**
 * Configure Client authentication for this version of JSSE.  The
 * JSSE included in Java 1.4 supports the 'want' value.  Prior
 * versions of JSSE will treat 'want' as 'false'.
 * @param socket the SSLServerSocket
 */
protected void configureClientAuth(SSLServerSocket socket){
    if (wantClientAuth){
        socket.setWantClientAuth(wantClientAuth);
    } else {
        socket.setNeedClientAuth(requireClientAuth);
    }
}
 
Example 10
Source File: SSLUtils.java    From hasting with MIT License 5 votes vote down vote up
private static void postSSLServerSocket(SSLServerSocket sslServerSocket,int sslmode){
       String[] pwdsuits = sslServerSocket.getSupportedCipherSuites();  
        sslServerSocket.setEnabledCipherSuites(pwdsuits);  
        sslServerSocket.setUseClientMode(false);  
        if(sslmode == 2){  
            sslServerSocket.setNeedClientAuth(true);  
        }else{  
            sslServerSocket.setWantClientAuth(true);  
        }
}
 
Example 11
Source File: SSLFactoryJsse.java    From baratine with GNU General Public License v2.0 4 votes vote down vote up
/**
 * Creates the SSL ServerSocket.
 */
public ServerSocketBar create(InetAddress host, int port)
  throws IOException, GeneralSecurityException
{
  SSLServerSocketFactory ssFactory = null;
  
  if (_keyStore != null) {
    SSLContext sslContext = SSLContext.getInstance(_sslContext);

    KeyManagerFactory kmf
      = KeyManagerFactory.getInstance(keyManagerFactory());
  
    kmf.init(_keyStore, keyStorePassword().toCharArray());
    
    sslContext.init(kmf.getKeyManagers(), null, null);

    /*
    if (_cipherSuites != null)
      sslContext.createSSLEngine().setEnabledCipherSuites(_cipherSuites);

    if (_protocols != null)
      sslContext.createSSLEngine().setEnabledProtocols(_protocols);
    */
    
    SSLEngine engine = sslContext.createSSLEngine();
    
    engine.setEnabledProtocols(enabledProtocols(engine.getSupportedProtocols()));

    ssFactory = sslContext.getServerSocketFactory();
  }
  else {
    ssFactory = createAnonymousServerFactory(host, port);
  }
  
  ServerSocket serverSocket;

  int listen = 100;

  if (host == null)
    serverSocket = ssFactory.createServerSocket(port, listen);
  else
    serverSocket = ssFactory.createServerSocket(port, listen, host);

  SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
  
  if (_cipherSuites != null) {
    sslServerSocket.setEnabledCipherSuites(_cipherSuites);
  }
  
  if (_cipherSuitesForbidden != null) {
    String []cipherSuites = sslServerSocket.getEnabledCipherSuites();
    
    if (cipherSuites == null)
      cipherSuites = sslServerSocket.getSupportedCipherSuites();
    
    ArrayList<String> cipherList = new ArrayList<String>();
    
    for (String cipher : cipherSuites) {
      if (! isCipherForbidden(cipher, _cipherSuitesForbidden)) {
        cipherList.add(cipher);
      }
    }
    
    cipherSuites = new String[cipherList.size()];
    cipherList.toArray(cipherSuites);
    
    sslServerSocket.setEnabledCipherSuites(cipherSuites);
  }

  sslServerSocket.setEnabledProtocols(enabledProtocols(sslServerSocket.getSupportedProtocols()));
  
  if ("required".equals(_verifyClient))
    sslServerSocket.setNeedClientAuth(true);
  else if ("optional".equals(_verifyClient))
    sslServerSocket.setWantClientAuth(true);

  return new ServerSocketWrapper(serverSocket);
}