Java Code Examples for javax.net.ssl.SSLServerSocket#setNeedClientAuth()
The following examples show how to use
javax.net.ssl.SSLServerSocket#setNeedClientAuth() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SslContextFactory.java From IoTgo_Android_App with MIT License | 6 votes |
|
public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException
{
SSLServerSocketFactory factory = _context.getServerSocketFactory();
SSLServerSocket socket =
(SSLServerSocket) (host==null ?
factory.createServerSocket(port,backlog):
factory.createServerSocket(port,backlog,InetAddress.getByName(host)));
if (getWantClientAuth())
socket.setWantClientAuth(getWantClientAuth());
if (getNeedClientAuth())
socket.setNeedClientAuth(getNeedClientAuth());
socket.setEnabledCipherSuites(selectCipherSuites(
socket.getEnabledCipherSuites(),
socket.getSupportedCipherSuites()));
socket.setEnabledProtocols(selectProtocols(socket.getEnabledProtocols(),socket.getSupportedProtocols()));
return socket;
}
Example 2
| Source File: HandshakeCompletedEventTest.java From j2objc with Apache License 2.0 | 6 votes |
|
public TestServer(boolean provideKeys, int clientAuth, String keys) throws Exception {
this.keys = keys;
this.clientAuth = clientAuth;
this.provideKeys = provideKeys;
trustManager = new TestTrustManager();
KeyManager[] keyManagers = provideKeys ? getKeyManagers(keys) : null;
TrustManager[] trustManagers = new TrustManager[] { trustManager };
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(keyManagers, trustManagers, null);
serverSocket = (SSLServerSocket) sslContext.getServerSocketFactory().createServerSocket();
if (clientAuth == CLIENT_AUTH_WANTED) {
serverSocket.setWantClientAuth(true);
} else if (clientAuth == CLIENT_AUTH_NEEDED) {
serverSocket.setNeedClientAuth(true);
} else {
serverSocket.setWantClientAuth(false);
}
serverSocket.bind(new InetSocketAddress(0));
}
Example 3
| Source File: GfxdTSSLServerSocketFactory.java From gemfirexd-oss with Apache License 2.0 | 6 votes |
|
private static GfxdTSSLServerSocket createServer(
SSLServerSocketFactory factory, InetSocketAddress bindAddress,
SocketParameters params) throws TTransportException {
try {
SSLServerSocket serverSocket = (SSLServerSocket)factory
.createServerSocket(bindAddress.getPort(), 100,
bindAddress.getAddress());
if (params != null) {
if (params.getSSLEnabledProtocols() != null) {
serverSocket.setEnabledProtocols(params.getSSLEnabledProtocols());
}
if (params.getSSLCipherSuites() != null) {
serverSocket.setEnabledCipherSuites(params.getSSLCipherSuites());
}
serverSocket.setNeedClientAuth(params.getSSLClientAuth());
}
return new GfxdTSSLServerSocket(serverSocket, bindAddress, params);
} catch (Exception e) {
throw new TTransportException(TTransportException.NOT_OPEN,
"Could not bind to host:port " + bindAddress.toString(), e);
}
}
Example 4
| Source File: SocketFactory.java From dacapobench with Apache License 2.0 | 6 votes |
|
/**
* Set the server socket configuration to our required
* QOS values.
*
* A small experiment shows that setting either (want, need) parameter to either true or false sets the
* other parameter to false.
*
* @param serverSocket
* The newly created SSLServerSocket.
*
* @throws IOException if server socket can't be configured
*/
private void configureServerSocket(SSLServerSocket serverSocket) throws IOException {
// set the authentication value and cipher suite info.
serverSocket.setEnabledCipherSuites(cipherSuites);
if (clientAuthRequired) {
serverSocket.setNeedClientAuth(true);
} else if (clientAuthSupported) {
serverSocket.setWantClientAuth(true);
} else {
serverSocket.setNeedClientAuth(false); //could set want with the same effect
}
serverSocket.setSoTimeout(SOCKET_TIMEOUT_MS);
if (log.isDebugEnabled()) {
log.debug("Created SSL server socket on port " + serverSocket.getLocalPort());
log.debug(" client authentication " + (clientAuthSupported ? "SUPPORTED" : "UNSUPPORTED"));
log.debug(" client authentication " + (clientAuthRequired ? "REQUIRED" : "OPTIONAL"));
log.debug(" cipher suites:");
for (int i = 0; i < cipherSuites.length; i++) {
log.debug(" " + cipherSuites[i]);
}
}
}
Example 5
| Source File: TSSLTransportFactory.java From incubator-retired-blur with Apache License 2.0 | 5 votes |
|
private static TServerSocket createServer(SSLServerSocketFactory factory, int port, int timeout, boolean clientAuth,
InetAddress ifAddress, TSSLTransportParameters params) throws TTransportException {
try {
SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(port, 100, ifAddress);
serverSocket.setSoTimeout(timeout);
serverSocket.setNeedClientAuth(clientAuth);
if (params != null && params.cipherSuites != null) {
serverSocket.setEnabledCipherSuites(params.cipherSuites);
}
return new TServerSocket(serverSocket, timeout);
} catch (Exception e) {
throw new TTransportException("Could not bind to port " + port, e);
}
}
Example 6
| Source File: NetworkServerControlImpl.java From spliceengine with GNU Affero General Public License v3.0 | 5 votes |
|
/**
* Create the right kind of server socket
*/
private ServerSocket createServerSocket()
throws IOException
{
if (hostAddress == null)
hostAddress = InetAddress.getByName(hostArg);
// Make a list of valid
// InetAddresses for NetworkServerControl
// admin commands.
buildLocalAddressList(hostAddress);
// Create the right kind of socket
switch (getSSLMode()) {
case SSL_OFF:
default:
ServerSocketFactory sf =
ServerSocketFactory.getDefault();
return sf.createServerSocket(portNumber
,0,
hostAddress);
case SSL_BASIC:
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
return (SSLServerSocket)ssf.createServerSocket(portNumber,
0,
hostAddress);
case SSL_PEER_AUTHENTICATION:
SSLServerSocketFactory ssf2 =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket sss2=
(SSLServerSocket)ssf2.createServerSocket(portNumber,
0,
hostAddress);
sss2.setNeedClientAuth(true);
return sss2;
}
}
Example 7
| Source File: JSSESocketFactory.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Configure Client authentication for this version of JSSE. The
* JSSE included in Java 1.4 supports the 'want' value. Prior
* versions of JSSE will treat 'want' as 'false'.
* @param socket the SSLServerSocket
*/
protected void configureClientAuth(SSLServerSocket socket){
if (wantClientAuth){
socket.setWantClientAuth(wantClientAuth);
} else {
socket.setNeedClientAuth(requireClientAuth);
}
}
Example 8
| Source File: JmxRemoteLifecycleListener.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public ServerSocket createServerSocket(int port) throws IOException {
SSLServerSocket sslServerSocket =
(SSLServerSocket) sslServerSocketFactory.createServerSocket(port, 0, bindAddress);
if (getEnabledCipherSuites() != null) {
sslServerSocket.setEnabledCipherSuites(getEnabledCipherSuites());
}
if (getEnabledProtocols() == null) {
sslServerSocket.setEnabledProtocols(defaultProtocols);
} else {
sslServerSocket.setEnabledProtocols(getEnabledProtocols());
}
sslServerSocket.setNeedClientAuth(getNeedClientAuth());
return sslServerSocket;
}
Example 9
| Source File: SSLUtils.java From hasting with MIT License | 5 votes |
|
private static void postSSLServerSocket(SSLServerSocket sslServerSocket,int sslmode){
String[] pwdsuits = sslServerSocket.getSupportedCipherSuites();
sslServerSocket.setEnabledCipherSuites(pwdsuits);
sslServerSocket.setUseClientMode(false);
if(sslmode == 2){
sslServerSocket.setNeedClientAuth(true);
}else{
sslServerSocket.setWantClientAuth(true);
}
}
Example 10
| Source File: SSLSocksProxyServer.java From sockslib with Apache License 2.0 | 5 votes |
|
public ServerSocket createSSLServer(int port, InetAddress bindAddr) throws Exception {
SSLServerSocket serverSocket =
(SSLServerSocket) configuration.getSSLServerSocketFactory().createServerSocket(port, 50, bindAddr);
if (configuration.isNeedClientAuth()) {
serverSocket.setNeedClientAuth(true);
} else {
serverSocket.setNeedClientAuth(false);
}
return serverSocket;
}
Example 11
| Source File: NetworkServerControlImpl.java From gemfirexd-oss with Apache License 2.0 | 5 votes |
|
/**
* Create the right kind of server socket
*/
private ServerSocket createServerSocket()
throws IOException
{
if (hostAddress == null)
hostAddress = InetAddress.getByName(hostArg);
// Make a list of valid
// InetAddresses for NetworkServerControl
// admin commands.
buildLocalAddressList(hostAddress);
// Create the right kind of socket
switch (getSSLMode()) {
case SSL_OFF:
default:
ServerSocketFactory sf =
ServerSocketFactory.getDefault();
return sf.createServerSocket(portNumber
,0,
hostAddress);
case SSL_BASIC:
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
return (SSLServerSocket)ssf.createServerSocket(portNumber,
0,
hostAddress);
case SSL_PEER_AUTHENTICATION:
SSLServerSocketFactory ssf2 =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket sss2=
(SSLServerSocket)ssf2.createServerSocket(portNumber,
0,
hostAddress);
sss2.setNeedClientAuth(true);
return sss2;
}
}
Example 12
| Source File: TSSLTransportFactory.java From galaxy-sdk-java with Apache License 2.0 | 5 votes |
|
private static TServerSocket createServer(SSLServerSocketFactory factory, int port, int timeout, boolean clientAuth,
InetAddress ifAddress, TSSLTransportParameters params) throws TTransportException {
try {
SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(port, 100, ifAddress);
serverSocket.setSoTimeout(timeout);
serverSocket.setNeedClientAuth(clientAuth);
if (params != null && params.cipherSuites != null) {
serverSocket.setEnabledCipherSuites(params.cipherSuites);
}
return new TServerSocket(serverSocket, timeout);
} catch (Exception e) {
throw new TTransportException("Could not bind to port " + port, e);
}
}
Example 13
| Source File: JSSEServer.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
public JSSEServer(SSLContext context, String constraint,
boolean needClientAuth) throws Exception {
TLSRestrictions.setConstraint("Server", constraint);
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
server = (SSLServerSocket) serverFactory.createServerSocket(0);
server.setSoTimeout(TLSRestrictions.TIMEOUT);
server.setNeedClientAuth(needClientAuth); // for dual authentication
System.out.println("Server: port=" + getPort());
}
Example 14
| Source File: JSSEServer.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
public JSSEServer(SSLContext context,
boolean needClientAuth) throws Exception {
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
server = (SSLServerSocket) serverFactory.createServerSocket(0);
server.setSoTimeout(TLSRestrictions.TIMEOUT);
server.setNeedClientAuth(needClientAuth); // for dual authentication
System.out.println("Server: port=" + getPort());
}
Example 15
| Source File: JSSEServer.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
public JSSEServer(SSLContext context,
boolean needClientAuth) throws Exception {
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
server = (SSLServerSocket) serverFactory.createServerSocket(0);
server.setSoTimeout(TLSRestrictions.TIMEOUT);
server.setNeedClientAuth(needClientAuth); // for dual authentication
System.out.println("Server: port=" + getPort());
}
Example 16
| Source File: JSSEServer.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
public JSSEServer(SSLContext context,
boolean needClientAuth) throws Exception {
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
server = (SSLServerSocket) serverFactory.createServerSocket(0);
server.setSoTimeout(TLSRestrictions.TIMEOUT);
server.setNeedClientAuth(needClientAuth); // for dual authentication
System.out.println("Server: port=" + getPort());
}
Example 17
| Source File: JSSEServer.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
public JSSEServer(SSLContext context,
boolean needClientAuth) throws Exception {
SSLServerSocketFactory serverFactory = context.getServerSocketFactory();
server = (SSLServerSocket) serverFactory.createServerSocket(0);
server.setSoTimeout(TLSRestrictions.TIMEOUT);
server.setNeedClientAuth(needClientAuth); // for dual authentication
System.out.println("Server: port=" + getPort());
}
Example 18
| Source File: NetworkServerControlImpl.java From gemfirexd-oss with Apache License 2.0 | 5 votes |
|
/**
* Create the right kind of server socket
*/
private ServerSocket createServerSocket()
throws IOException
{
if (hostAddress == null)
hostAddress = InetAddress.getByName(hostArg);
// Make a list of valid
// InetAddresses for NetworkServerControl
// admin commands.
buildLocalAddressList(hostAddress);
// Create the right kind of socket
switch (getSSLMode()) {
case SSL_OFF:
default:
ServerSocketFactory sf =
ServerSocketFactory.getDefault();
return sf.createServerSocket(portNumber
,0,
hostAddress);
case SSL_BASIC:
SSLServerSocketFactory ssf =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
return (SSLServerSocket)ssf.createServerSocket(portNumber,
0,
hostAddress);
case SSL_PEER_AUTHENTICATION:
SSLServerSocketFactory ssf2 =
(SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket sss2=
(SSLServerSocket)ssf2.createServerSocket(portNumber,
0,
hostAddress);
sss2.setNeedClientAuth(true);
return sss2;
}
}
Example 19
| Source File: ConnectorServerFactory.java From activemq-artemis with Apache License 2.0 | 4 votes |
|
@Override
public ServerSocket createServerSocket(int port) throws IOException {
SSLServerSocket ss = (SSLServerSocket) sssf.createServerSocket(port, 50, InetAddress.getByName(rmiServerHost));
ss.setNeedClientAuth(clientAuth);
return ss;
}
Example 20
| Source File: ServerSocketRunner.java From davmail with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] argv) throws NoSuchAlgorithmException, KeyManagementException, IOException, KeyStoreException, CertificateException, UnrecoverableKeyException {
// SSL debug levels
//System.setProperty("javax.net.debug", "ssl,handshake");
System.setProperty("javax.net.debug", "all");
// local truststore
System.setProperty("javax.net.ssl.trustStore", "cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
// access windows client certificates
//System.setProperty("javax.net.ssl.trustStoreProvider", "SunMSCAPI");
//System.setProperty("javax.net.ssl.trustStoreType", "Windows-ROOT");
// load default trustmanager factory
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
System.out.println(trustManagerFactory.getProvider());
// load server keystore
KeyStore keystore = KeyStore.getInstance("PKCS12");
try(FileInputStream keyStoreInputStream = new FileInputStream("davmail.p12")) {
keystore.load(keyStoreInputStream, "password".toCharArray());
}
// KeyManagerFactory to create key managers
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
// initialize KMF to work with keystore
kmf.init(keystore, "password".toCharArray());
// SSLContext is environment for implementing JSSE...
// create ServerSocketFactory
SSLContext sslContext = SSLContext.getInstance("TLS");
// initialize sslContext to work with key managers and default trust manager
sslContext.init(kmf.getKeyManagers(), null, null);
// create ServerSocketFactory from sslContext
ServerSocketFactory serverSocketFactory = sslContext.getServerSocketFactory();
SSLServerSocket serverSocket = (SSLServerSocket) serverSocketFactory.createServerSocket(443);
serverSocket.setNeedClientAuth(true);
int count = 100;
while (count-- > 0) {
SSLSocket socket = (SSLSocket) serverSocket.accept();
SSLSession session = socket.getSession();
System.out.println("SubjectDN " + ((X509Certificate) session.getPeerCertificates()[0]).getSubjectDN());
}
}
