javax.net.ssl.SSLSessionContext Java Examples
The following examples show how to use
javax.net.ssl.SSLSessionContext.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SSLSessionImpl.java From openjdk-jdk9 with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #2
| Source File: SSLSessionImpl.java From openjdk-8 with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #3
| Source File: SSLSessionImpl.java From jdk8u_jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #4
| Source File: JSSESocketFactory.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
@Override
public void configureSessionContext(SSLSessionContext sslSessionContext) {
int sessionCacheSize;
if (endpoint.getSessionCacheSize() != null) {
sessionCacheSize = Integer.parseInt(
endpoint.getSessionCacheSize());
} else {
sessionCacheSize = defaultSessionCacheSize;
}
int sessionTimeout;
if (endpoint.getSessionTimeout() != null) {
sessionTimeout = Integer.parseInt(endpoint.getSessionTimeout());
} else {
sessionTimeout = defaultSessionTimeout;
}
sslSessionContext.setSessionCacheSize(sessionCacheSize);
sslSessionContext.setSessionTimeout(sessionTimeout);
}
Example #5
| Source File: SSLSessionImpl.java From hottub with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #6
| Source File: SSLSessionImpl.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #7
| Source File: AmqpPortImpl.java From qpid-broker-j with Apache License 2.0 | 6 votes |
|
private SSLContext createSslContext()
{
KeyStore keyStore = getKeyStore();
Collection<TrustStore> trustStores = getTrustStores();
boolean needClientCert = (Boolean)getAttribute(NEED_CLIENT_AUTH) || (Boolean)getAttribute(WANT_CLIENT_AUTH);
if (needClientCert && trustStores.isEmpty())
{
throw new IllegalConfigurationException("Client certificate authentication is enabled on AMQP port '"
+ this.getName() + "' but no trust store defined");
}
SSLContext sslContext = SSLUtil.createSslContext(keyStore, trustStores, getName());
SSLSessionContext serverSessionContext = sslContext.getServerSessionContext();
if (getTLSSessionCacheSize() > 0)
{
serverSessionContext.setSessionCacheSize(getTLSSessionCacheSize());
}
if (getTLSSessionTimeout() > 0)
{
serverSessionContext.setSessionTimeout(getTLSSessionTimeout());
}
return sslContext;
}
Example #8
| Source File: SslContexts.java From styx with Apache License 2.0 | 6 votes |
|
private static void registerOpenSslStats(SslContext sslContext, MetricRegistry metricRegistry) {
SSLSessionContext sslSessionContext = sslContext.sessionContext();
if (sslSessionContext instanceof OpenSslSessionContext) {
OpenSslSessionStats stats = ((OpenSslSessionContext) sslSessionContext).stats();
MetricRegistry sessionStatsRegistry = metricRegistry.scope("connections.openssl.session");
sessionStatsRegistry.register("number", (Gauge<Long>) stats::number);
sessionStatsRegistry.register("accept", (Gauge<Long>) stats::accept);
sessionStatsRegistry.register("acceptGood", (Gauge<Long>) stats::acceptGood);
sessionStatsRegistry.register("acceptRenegotiate", (Gauge<Long>) stats::acceptRenegotiate);
sessionStatsRegistry.register("hits", (Gauge<Long>) stats::hits);
sessionStatsRegistry.register("misses", (Gauge<Long>) stats::misses);
sessionStatsRegistry.register("cbHits", (Gauge<Long>) stats::cbHits);
sessionStatsRegistry.register("cacheFull", (Gauge<Long>) stats::cacheFull);
sessionStatsRegistry.register("timeouts", (Gauge<Long>) stats::timeouts);
}
}
Example #9
| Source File: SSLSessionImpl.java From Bytecoder with Apache License 2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #10
| Source File: SSLSessionImpl.java From openjsse with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #11
| Source File: SSLSessionImpl.java From openjdk-jdk8u with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #12
| Source File: SSLSessionImpl.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #13
| Source File: SSLSessionImpl.java From jdk8u-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #14
| Source File: RestClientTest.java From hugegraph-common with Apache License 2.0 | 6 votes |
|
@Test
public void testHostNameVerifier() {
BiFunction<String, String, Boolean> verifer = (url, hostname) -> {
AbstractRestClient.HostNameVerifier verifier;
SSLSession session;
try {
SSLSessionContext sc = SSLContext.getDefault()
.getClientSessionContext();
session = sc.getSession(new byte[]{11});
verifier = new AbstractRestClient.HostNameVerifier(url);
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
return verifier.verify(hostname, session);
};
Assert.assertTrue(verifer.apply("http://baidu.com", "baidu.com"));
Assert.assertTrue(verifer.apply("http://test1.baidu.com", "baidu.com"));
Assert.assertTrue(verifer.apply("http://test2.baidu.com", "baidu.com"));
Assert.assertFalse(verifer.apply("http://baidu2.com", "baidu.com"));
Assert.assertTrue(verifer.apply("http://baidu.com", ""));
Assert.assertTrue(verifer.apply("baidu.com", "baidu.com"));
Assert.assertTrue(verifer.apply("http://baidu.com/test", "baidu.com"));
Assert.assertTrue(verifer.apply("baidu.com/test/abc", "baidu.com"));
Assert.assertFalse(verifer.apply("baidu.com.sina.com", "baidu.com"));
}
Example #15
| Source File: SSLSessionImpl.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 6 votes |
|
/**
* For server sessions, this returns the set of sessions which
* are currently valid in this process. For client sessions,
* this returns null.
*/
@Override
public SSLSessionContext getSessionContext() {
/*
* An interim security policy until we can do something
* more specific in 1.2. Only allow trusted code (code which
* can set system properties) to get an
* SSLSessionContext. This is to limit the ability of code to
* look up specific sessions or enumerate over them. Otherwise,
* code can only get session objects from successful SSL
* connections which implies that they must have had permission
* to make the network connection in the first place.
*/
SecurityManager sm;
if ((sm = System.getSecurityManager()) != null) {
sm.checkPermission(new SSLPermission("getSSLSessionContext"));
}
return context;
}
Example #16
| Source File: SdkTLSSocketFactory.java From ibm-cos-sdk-java with Apache License 2.0 | 6 votes |
|
/**
* Invalidates all SSL/TLS sessions in {@code sessionContext} associated with {@code remoteAddress}.
*
* @param sessionContext collection of SSL/TLS sessions to be (potentially) invalidated
* @param remoteAddress associated with sessions to invalidate
*/
private void clearSessionCache(final SSLSessionContext sessionContext, final InetSocketAddress remoteAddress) {
final String hostName = remoteAddress.getHostName();
final int port = remoteAddress.getPort();
final Enumeration<byte[]> ids = sessionContext.getIds();
if (ids == null) {
return;
}
while (ids.hasMoreElements()) {
final byte[] id = ids.nextElement();
final SSLSession session = sessionContext.getSession(id);
if (session != null && session.getPeerHost() != null && session.getPeerHost().equalsIgnoreCase(hostName)
&& session.getPeerPort() == port) {
session.invalidate();
if (LOG.isDebugEnabled()) {
LOG.debug("Invalidated session " + session);
}
}
}
}
Example #17
| Source File: SSLContextResource.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
/**
* Check if the {@link SSLContext} has any active sessions.
*
* @return {@code true} if the {@link SSLContext} is available and has at least one session, {@code false} otherwise.
*/
private boolean hasActiveSessions() {
final SSLContext sslContext = getSSLContext(sslContextServiceController);
if (sslContext == null) return false;
SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();
return sslSessionContext.getIds().hasMoreElements();
}
Example #18
| Source File: Timeout.java From hottub with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #19
| Source File: DefautlCacheSize.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
SSLServerSocketFactory sssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
try (SSLServerSocket serverSocket =
(SSLServerSocket)sssf.createServerSocket()) {
String[] protocols = serverSocket.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslContext = SSLContext.getInstance(protocols[i]);
SSLSessionContext sessionContext =
sslContext.getServerSessionContext();
if (sessionContext.getSessionCacheSize() == 0) {
throw new Exception(
"the default server session cache size is infinite");
}
sessionContext = sslContext.getClientSessionContext();
if (sessionContext.getSessionCacheSize() == 0) {
throw new Exception(
"the default client session cache size is infinite");
}
}
}
}
Example #20
| Source File: JdkSslContext.java From netty4.0.27Learn with Apache License 2.0 | 5 votes |
|
/**
* Returns the JDK {@link SSLSessionContext} object held by this context.
*/
public final SSLSessionContext sessionContext() {
if (isServer()) {
return context().getServerSessionContext();
} else {
return context().getClientSessionContext();
}
}
Example #21
| Source File: DefautlCacheSize.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
SSLServerSocketFactory sssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
try (SSLServerSocket serverSocket =
(SSLServerSocket)sssf.createServerSocket()) {
String[] protocols = serverSocket.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslContext = SSLContext.getInstance(protocols[i]);
SSLSessionContext sessionContext =
sslContext.getServerSessionContext();
if (sessionContext.getSessionCacheSize() == 0) {
throw new Exception(
"the default server session cache size is infinite");
}
sessionContext = sslContext.getClientSessionContext();
if (sessionContext.getSessionCacheSize() == 0) {
throw new Exception(
"the default client session cache size is infinite");
}
}
}
}
Example #22
| Source File: Timeout.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #23
| Source File: Timeout.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #24
| Source File: SSLContextResource.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
public boolean hasChild(PathElement element) {
SSLContext sslContext;
if (ElytronDescriptionConstants.SSL_SESSION.equals(element.getKey()) && (sslContext = getSSLContext(sslContextServiceController)) != null) {
byte[] sessionId = ByteIterator.ofBytes(element.getValue().getBytes(StandardCharsets.UTF_8)).asUtf8String().hexDecode().drain();
SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();
return sslSessionContext.getSession(sessionId) != null;
}
return false;
}
Example #25
| Source File: Timeout.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #26
| Source File: SSLUtilBase.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public void configureSessionContext(SSLSessionContext sslSessionContext) {
// <0 - don't set anything - use the implementation default
if (sslHostConfig.getSessionCacheSize() >= 0) {
sslSessionContext.setSessionCacheSize(sslHostConfig.getSessionCacheSize());
}
// <0 - don't set anything - use the implementation default
if (sslHostConfig.getSessionTimeout() >= 0) {
sslSessionContext.setSessionTimeout(sslHostConfig.getSessionTimeout());
}
}
Example #27
| Source File: Timeout.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #28
| Source File: Timeout.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
public static void main(String[] args) throws Exception {
// try {
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
// try {
if (protocols[i].equals("SSLv2Hello")) {
continue;
}
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
throw new Exception ("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
// } catch (Exception e) {
// }
}
// } catch (Exception e) {
// System.out.println(e);
// }
System.out.println("Finished");
}
Example #29
| Source File: SSLSessionDefinition.java From wildfly-core with GNU Lesser General Public License v2.1 | 5 votes |
|
@Override
protected void performRuntime(ModelNode result, ModelNode operation, SSLContext sslContext) throws OperationFailedException {
SSLSessionContext sslSessionContext = server ? sslContext.getServerSessionContext() : sslContext.getClientSessionContext();
SSLSession sslSession = sslSessionContext.getSession(sessionId(operation));
if (sslSession != null) {
performRuntime(result, operation, sslSession);
}
}
Example #30
| Source File: HttpManagement.java From qpid-broker-j with Apache License 2.0 | 5 votes |
|
private SSLContext createSslContext(final HttpPort<?> port)
{
KeyStore keyStore = port.getKeyStore();
if (keyStore == null)
{
throw new IllegalConfigurationException(
"Key store is not configured. Cannot start management on HTTPS port without keystore");
}
final boolean needClientCert = port.getNeedClientAuth() || port.getWantClientAuth();
final Collection<TrustStore> trustStores = port.getTrustStores();
if (needClientCert && trustStores.isEmpty())
{
throw new IllegalConfigurationException(String.format(
"Client certificate authentication is enabled on HTTPS port '%s' but no trust store defined",
this.getName()));
}
final SSLContext sslContext = SSLUtil.createSslContext(port.getKeyStore(), trustStores, port.getName());
final SSLSessionContext serverSessionContext = sslContext.getServerSessionContext();
if (port.getTLSSessionCacheSize() > 0)
{
serverSessionContext.setSessionCacheSize(port.getTLSSessionCacheSize());
}
if (port.getTLSSessionTimeout() > 0)
{
serverSessionContext.setSessionTimeout(port.getTLSSessionTimeout());
}
return sslContext;
}
