All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class sun.security.ssl.SSLEndpoint

java.lang.Object
   |
   +----sun.server.EndpointDescriptor
           |
           +----sun.server.ConnectionEndpoint
                   |
                   +----sun.security.ssl.SSLEndpoint

public class SSLEndpoint
extends ConnectionEndpoint
implements TrustDecider
SSLEndpoint exposes all the configuration that an SSL server side socket can expose, and its applet based configuration. This information is a superset of that which is supported by standard connection endpoints.

Eventually want a way to construct an endpoint using a non-default authentication context.


Variable Index

 o authPropName
Key identifying whether client authentication is needed.
 o trustedPropName
Key identifying list of Certificate Authorities trusted for use in authenticating clients.

Constructor Index

 o SSLEndpoint()

Method Index

 o getAcceptedCAs(String)
Returns the list of CAs that will be accepted for client authentication.
 o getCertStrings(String, String)
Returns a printable version of the certificate chain associated with an alias in a key file.
 o getCriticalKeys()
Lists the keys which initializeDescriptor absolutely requires to be made available to it.
 o getDefault(Object)
Returns the default value of a given key.
 o getDefaultCipherSuites()
Returns the list of default cipher suites.
 o getDescriptorKeys()
Lists the keys understood by initializeDescriptor; these include ones which have default values, as well as ones which do not have default values.
 o getKeyAliases(String)
Returns the enumeration of all keys in the specified key file.
 o getServerSocket(String, int, int, ServiceConfiguration)
Returns the ServerSocket that has been configured, given security and addressing information provided by higher level software.
 o getSupportedCipherSuites()
Returns the list of cipher suites supported by the server.
 o isTrustedFor(X509Cert[], String)
Implements the trust policy for this endpoint.

Variables

 o authPropName
  public final static String authPropName
Key identifying whether client authentication is needed. This is a boolean (true/false) property, with default value "false".

 o trustedPropName
  public final static String trustedPropName
Key identifying list of Certificate Authorities trusted for use in authenticating clients. By default, nobody is trusted.

Constructors

 o SSLEndpoint
  public SSLEndpoint()

Methods

 o getServerSocket
  protected ServerSocket getServerSocket(String host,
                                         int port,
                                         int backlog,
                                         ServiceConfiguration config) throws IOException, ConfigurationException, SSLException
Returns the ServerSocket that has been configured, given security and addressing information provided by higher level software.

Parameters:
host - either "*", or where multihoming is supported, the name of the interface on which the endpoint is configured.
port - the port on which the endpoint is offered.
backlog - how many connection requests to allow to back up.
Throws: ConfigurationException
when the configuration information has some problems
Throws: IOException
when there's a problem acquiring the socket.
Overrides:
getServerSocket in class ConnectionEndpoint
 o getCriticalKeys
  public Vector getCriticalKeys()
Lists the keys which initializeDescriptor absolutely requires to be made available to it. All other keys have default values. Note that subclasses may provide defaults for values that superclasses require.

Overrides:
getCriticalKeys in class ConnectionEndpoint
 o getDescriptorKeys
  public Vector getDescriptorKeys()
Lists the keys understood by initializeDescriptor; these include ones which have default values, as well as ones which do not have default values.

Overrides:
getDescriptorKeys in class ConnectionEndpoint
 o getDefault
  public Object getDefault(Object key)
Returns the default value of a given key.

Parameters:
key - identifies which default value is requested
Overrides:
getDefault in class ConnectionEndpoint
 o isTrustedFor
  public boolean isTrustedFor(X509Cert entity[],
                              String purpose)
Implements the trust policy for this endpoint. Client certificates created using this endpoint's own certificate will be trusted, unless they've been revoked. So will Verisign's certificates.

NOTE: there's currently no way to add other CAs which are trusted for purposes of SSL client authentication. This will be resolved in the future, perhaps by delegating to some object provided in the configuration data.

 o getAcceptedCAs
  public X509Cert[] getAcceptedCAs(String purpose)
Returns the list of CAs that will be accepted for client authentication.

 o getSupportedCipherSuites
  public String[] getSupportedCipherSuites()
Returns the list of cipher suites supported by the server.

Returns:
The list of supported cipher suites.
 o getDefaultCipherSuites
  public String[] getDefaultCipherSuites()
Returns the list of default cipher suites. This is a function of the particular version installed.

Returns:
The list of default cipher suites.
 o getKeyAliases
  public Enumeration getKeyAliases(String keylocation)
Returns the enumeration of all keys in the specified key file.

Parameters:
keylocation - The full path and name of the key file, e.g. /var/Jeeves/admin/keys
Returns:
The enumeration of key aliases.
 o getCertStrings
  public String[] getCertStrings(String keylocation,
                                 String mykey)
Returns a printable version of the certificate chain associated with an alias in a key file.

Parameters:
keylocation - The full path and name of the key file, i.e.
/admin/properties/process/JavaWebServer/SecureServer/keys
mykey - The alias of the key whose certificate chain is needed.
Returns:
The list of certificates associated with this key.

All Packages  Class Hierarchy  This Package  Previous  Next  Index