All Packages Class Hierarchy This Package Previous Next Index
Class sun.security.ssl.SSLEndpoint
java.lang.Object
|
+----sun.server.EndpointDescriptor
|
+----sun.server.ConnectionEndpoint
|
+----sun.security.ssl.SSLEndpoint
- public class SSLEndpoint
- extends ConnectionEndpoint
- implements TrustDecider
SSLEndpoint exposes all the configuration that an SSL server side
socket can expose, and its applet based configuration. This information
is a superset of that which is supported by standard connection endpoints.
Eventually want a way to construct an endpoint using a non-default
authentication context.
-
authPropName
- Key identifying whether client authentication is needed.
-
trustedPropName
- Key identifying list of Certificate Authorities trusted for use in
authenticating clients.
-
SSLEndpoint()
-
-
getAcceptedCAs(String)
- Returns the list of CAs that will be accepted for client
authentication.
-
getCertStrings(String, String)
- Returns a printable version of the certificate chain associated
with an alias in a key file.
-
getCriticalKeys()
- Lists the keys which initializeDescriptor absolutely
requires to be made available to it.
-
getDefault(Object)
- Returns the default value of a given key.
-
getDefaultCipherSuites()
- Returns the list of default cipher suites.
-
getDescriptorKeys()
- Lists the keys understood by initializeDescriptor;
these include ones which have default values, as well as ones
which do not have default values.
-
getKeyAliases(String)
- Returns the enumeration of all keys in the specified key file.
-
getServerSocket(String, int, int, ServiceConfiguration)
- Returns the ServerSocket that has been configured, given security
and addressing information provided by higher level software.
-
getSupportedCipherSuites()
- Returns the list of cipher suites supported by the server.
-
isTrustedFor(X509Cert[], String)
- Implements the trust policy for this endpoint.
authPropName
public final static String authPropName
- Key identifying whether client authentication is needed. This is
a boolean (true/false) property, with default value "false".
trustedPropName
public final static String trustedPropName
- Key identifying list of Certificate Authorities trusted for use in
authenticating clients. By default, nobody is trusted.
SSLEndpoint
public SSLEndpoint()
getServerSocket
protected ServerSocket getServerSocket(String host,
int port,
int backlog,
ServiceConfiguration config) throws IOException, ConfigurationException, SSLException
- Returns the ServerSocket that has been configured, given security
and addressing information provided by higher level software.
- Parameters:
- host - either "*", or where multihoming is supported, the name
of the interface on which the endpoint is configured.
- port - the port on which the endpoint is offered.
- backlog - how many connection requests to allow to back up.
- Throws: ConfigurationException
- when the configuration information
has some problems
- Throws: IOException
- when there's a problem acquiring the socket.
- Overrides:
- getServerSocket in class ConnectionEndpoint
getCriticalKeys
public Vector getCriticalKeys()
- Lists the keys which initializeDescriptor absolutely
requires to be made available to it. All other keys have
default values. Note that subclasses may provide defaults for
values that superclasses require.
- Overrides:
- getCriticalKeys in class ConnectionEndpoint
getDescriptorKeys
public Vector getDescriptorKeys()
- Lists the keys understood by initializeDescriptor;
these include ones which have default values, as well as ones
which do not have default values.
- Overrides:
- getDescriptorKeys in class ConnectionEndpoint
getDefault
public Object getDefault(Object key)
- Returns the default value of a given key.
- Parameters:
- key - identifies which default value is requested
- Overrides:
- getDefault in class ConnectionEndpoint
isTrustedFor
public boolean isTrustedFor(X509Cert entity[],
String purpose)
- Implements the trust policy for this endpoint. Client certificates
created using this endpoint's own certificate will be trusted, unless
they've been revoked. So will Verisign's certificates.
NOTE: there's currently no way to add other CAs which
are trusted for purposes of SSL client authentication. This
will be resolved in the future, perhaps by delegating to some
object provided in the configuration data.
getAcceptedCAs
public X509Cert[] getAcceptedCAs(String purpose)
- Returns the list of CAs that will be accepted for client
authentication.
getSupportedCipherSuites
public String[] getSupportedCipherSuites()
- Returns the list of cipher suites supported by the server.
- Returns:
- The list of supported cipher suites.
getDefaultCipherSuites
public String[] getDefaultCipherSuites()
- Returns the list of default cipher suites. This is a function
of the particular version installed.
- Returns:
- The list of default cipher suites.
getKeyAliases
public Enumeration getKeyAliases(String keylocation)
- Returns the enumeration of all keys in the specified key file.
- Parameters:
- keylocation - The full path and name of the key file, e.g.
/var/Jeeves/admin/keys
- Returns:
- The enumeration of key aliases.
getCertStrings
public String[] getCertStrings(String keylocation,
String mykey)
- Returns a printable version of the certificate chain associated
with an alias in a key file.
- Parameters:
- keylocation - The full path and name of the key file, i.e.
/admin/properties/process/JavaWebServer/SecureServer/keys
- mykey - The alias of the key whose certificate chain is needed.
- Returns:
- The list of certificates associated with this key.
All Packages Class Hierarchy This Package Previous Next Index