Java Code Examples for javax.net.ssl.SSLEngine.setWantClientAuth()

The following are Jave code examples for showing how to use setWantClientAuth() of the javax.net.ssl.SSLEngine class. You can vote up the examples you like. Your votes will be used in our system to get more good examples.
Example 1
Project: tomcat7   File: NioEndpoint.java   Source Code and License Vote up 7 votes
protected SSLEngine createSSLEngine() {
    SSLEngine engine = sslContext.createSSLEngine();
    if ("false".equals(getClientAuth())) {
        engine.setNeedClientAuth(false);
        engine.setWantClientAuth(false);
    } else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())){
        engine.setNeedClientAuth(true);
    } else if ("want".equals(getClientAuth())) {
        engine.setWantClientAuth(true);
    }
    engine.setUseClientMode(false);
    engine.setEnabledCipherSuites(enabledCiphers);
    engine.setEnabledProtocols(enabledProtocols);

    configureUseServerCipherSuitesOrder(engine);

    return engine;
}
 
Example 2
Project: lazycat   File: NioEndpoint.java   Source Code and License Vote up 7 votes
protected SSLEngine createSSLEngine() {
	SSLEngine engine = sslContext.createSSLEngine();
	if ("false".equals(getClientAuth())) {
		engine.setNeedClientAuth(false);
		engine.setWantClientAuth(false);
	} else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())) {
		engine.setNeedClientAuth(true);
	} else if ("want".equals(getClientAuth())) {
		engine.setWantClientAuth(true);
	}
	engine.setUseClientMode(false);
	engine.setEnabledCipherSuites(enabledCiphers);
	engine.setEnabledProtocols(enabledProtocols);

	configureUseServerCipherSuitesOrder(engine);

	return engine;
}
 
Example 3
Project: apache-tomcat-7.0.73-with-comment   File: NioEndpoint.java   Source Code and License Vote up 6 votes
protected SSLEngine createSSLEngine() {
    SSLEngine engine = sslContext.createSSLEngine();
    if ("false".equals(getClientAuth())) {
        engine.setNeedClientAuth(false);
        engine.setWantClientAuth(false);
    } else if ("true".equals(getClientAuth()) || "yes".equals(getClientAuth())){
        engine.setNeedClientAuth(true);
    } else if ("want".equals(getClientAuth())) {
        engine.setWantClientAuth(true);
    }
    engine.setUseClientMode(false);
    engine.setEnabledCipherSuites(enabledCiphers);
    engine.setEnabledProtocols(enabledProtocols);

    configureUseServerCipherSuitesOrder(engine);

    return engine;
}
 
Example 4
Project: kafka-0.11.0.0-src-with-comment   File: SslFactory.java   Source Code and License Vote up 6 votes
public SSLEngine createSslEngine(String peerHost, int peerPort) {
    SSLEngine sslEngine = sslContext.createSSLEngine(peerHost, peerPort);
    if (cipherSuites != null) sslEngine.setEnabledCipherSuites(cipherSuites);
    if (enabledProtocols != null) sslEngine.setEnabledProtocols(enabledProtocols);

    // SSLParameters#setEndpointIdentificationAlgorithm enables endpoint validation
    // only in client mode. Hence, validation is enabled only for clients.
    if (mode == Mode.SERVER) {
        sslEngine.setUseClientMode(false);
        if (needClientAuth)
            sslEngine.setNeedClientAuth(needClientAuth);
        else
            sslEngine.setWantClientAuth(wantClientAuth);
    } else {
        sslEngine.setUseClientMode(true);
        SSLParameters sslParams = sslEngine.getSSLParameters();
        sslParams.setEndpointIdentificationAlgorithm(endpointIdentification);
        sslEngine.setSSLParameters(sslParams);
    }
    return sslEngine;
}
 
Example 5
Project: iothub   File: MqttSslHandlerProvider.java   Source Code and License Vote up 5 votes
public SslHandler getSslHandler() {
    try {
        URL ksUrl = Resources.getResource(keyStoreFile);
        File ksFile = new File(ksUrl.toURI());
        URL tsUrl = Resources.getResource(keyStoreFile);
        File tsFile = new File(tsUrl.toURI());

        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore trustStore = KeyStore.getInstance(keyStoreType);
        trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
        tmFactory.init(trustStore);

        KeyStore ks = KeyStore.getInstance(keyStoreType);

        ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(ks, keyPassword.toCharArray());

        KeyManager[] km = kmf.getKeyManagers();
        TrustManager x509wrapped = getX509TrustManager(tmFactory);
        TrustManager[] tm = {x509wrapped};
        SSLContext sslContext = SSLContext.getInstance(TLS);
        sslContext.init(km, tm, null);
        SSLEngine sslEngine = sslContext.createSSLEngine();
        sslEngine.setUseClientMode(false);
        sslEngine.setNeedClientAuth(false);
        sslEngine.setWantClientAuth(true);
        sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
        sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
        sslEngine.setEnableSessionCreation(true);
        return new SslHandler(sslEngine);
    } catch (Exception e) {
        log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
        throw new RuntimeException("Failed to get SSL handler", e);
    }
}
 
Example 6
Project: iotplatform   File: MqttSslHandlerProvider.java   Source Code and License Vote up 5 votes
public SslHandler getSslHandler() {
    try {
        URL ksUrl = Resources.getResource(keyStoreFile);
        File ksFile = new File(ksUrl.toURI());
        URL tsUrl = Resources.getResource(keyStoreFile);
        File tsFile = new File(tsUrl.toURI());

        TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        KeyStore trustStore = KeyStore.getInstance(keyStoreType);
        trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
        tmFactory.init(trustStore);

        KeyStore ks = KeyStore.getInstance(keyStoreType);

        ks.load(new FileInputStream(ksFile), keyStorePassword.toCharArray());
        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        kmf.init(ks, keyPassword.toCharArray());

        KeyManager[] km = kmf.getKeyManagers();
        TrustManager x509wrapped = getX509TrustManager(tmFactory);
        TrustManager[] tm = {x509wrapped};
        SSLContext sslContext = SSLContext.getInstance(TLS);
        sslContext.init(km, tm, null);
        SSLEngine sslEngine = sslContext.createSSLEngine();
        sslEngine.setUseClientMode(false);
        sslEngine.setNeedClientAuth(false);
        sslEngine.setWantClientAuth(true);
        sslEngine.setEnabledProtocols(sslEngine.getSupportedProtocols());
        sslEngine.setEnabledCipherSuites(sslEngine.getSupportedCipherSuites());
        sslEngine.setEnableSessionCreation(true);
        return new SslHandler(sslEngine);
    } catch (Exception e) {
        log.error("Unable to set up SSL context. Reason: " + e.getMessage(), e);
        throw new RuntimeException("Failed to get SSL handler", e);
    }
}