public class SecureConnectionFactory extends Object implements SocketFactory
Utils
class.
which supports https
(and experimentally http
based on W3C implementation) as protocols and returns an instance of
HttpURLConnection
.
which returns an instance of Socket
.
Utils
class to be connection
specific. "https.proxyHost"
and
"https.proxyPort"
."https.nonProxyHosts"
property. The value of this property is a '|' separated list of host names.
The '*' as wildcard character is allowed as first character of a name in the
list. "https.proxyUser"
and "https.proxyPassword"
or
using the methods
Utils.setProxyAuthentication
.
createSocket
method establishes a
connection over proxy see example at
createSocket(String, int, Socket)
or use the method
createSocket(String, int)
.
createURLConnection
is called with a "http"-URL, proxy
settings for HTTP connections should be set separately. This can be done by
setting the System property proxySet
to "true"
and the System properties proxyHost
, and
proxyPort
.null
as
value for aliase or methods without such parameter.
SubjectAltName
and NetscapeSSLServerName
extensions.
See HostnameVerifier
and
DefaultHostnameVerifier
for
details about compearing the name components.
com.sap.security.core.server.https.IAIK
under
severity level DEBUG
.
Copyright (c) 2003 SAP AG.
Modifier and Type | Field and Description |
---|---|
boolean |
_isIAIKavailable |
Constructor and Description |
---|
SecureConnectionFactory(Certificate[] trustedcerts,
Object[] keyandcerts)
This constructor is provided because of some special needs of WEBSERVICES
Project.
|
SecureConnectionFactory(KeyStore keystore)
Creates a new factory based on given credentials.
|
SecureConnectionFactory(KeyStore truststore,
KeyStore keystore)
Creates a new factory based on given credentials.
|
SecureConnectionFactory(KeyStore truststore,
Object truststoreCreds,
KeyStore keystore,
Object keystoreCreds)
Creates a new connection factory based on given credentials.
|
SecureConnectionFactory(String trustview,
String keyview)
Constructor to use within SAP J2EE Server.
|
Modifier and Type | Method and Description |
---|---|
Socket |
createSocket(InetAddress inetAddr,
int port)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(InetAddress inetAddr,
int port,
InetAddress clientAddr,
int cport)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(InetAddress inetAddr,
int port,
InetAddress clientAddr,
int cport,
String[] aliases)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(InetAddress inetAddr,
int port,
String[] aliases)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port,
InetAddress clientAddr,
int cport)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port,
InetAddress clientAddr,
int cport,
String[] aliases)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port,
Socket socket)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port,
Socket socket,
String[] aliases)
Creates (ssl)socket based on local credentials.
|
Socket |
createSocket(String host,
int port,
String[] aliases)
Creates (ssl)socket based on local credentials.
|
HttpURLConnection |
createURLConnection(String url)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String url,
Proxy proxy)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String url,
Proxy proxy,
String[] keyaliases)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String url,
String keyalias)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String url,
String[] keyaliases)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String protocol,
String host,
int port,
String file)
Creates an a HttpURLConnection based on
protocol, host, port and file . |
HttpURLConnection |
createURLConnection(String protocol,
String host,
int port,
String file,
String keyalias)
Creates HttpUrlConnection based on local credentials.
|
HttpURLConnection |
createURLConnection(String protocol,
String host,
int port,
String file,
String[] keyaliases)
Creates HttpUrlConnection based on local credentials.
|
String |
getConnectionHeader()
Returns the value of the "Connection"- header used by the factory.
|
static SecureConnectionFactory |
getDefault()
Creates a default instance of SecureConnectionFactory.
|
protected void |
initFactory(Certificate[] trustedcerts,
Object[] keyandcerts) |
protected void |
initFactory(KeyStore truststore,
Object truststoreCreds,
KeyStore keystore,
Object keystoreCreds) |
void |
setConnectionHeader(String arg)
Sets the value of the "Connection" - header used by the factory.
|
void |
setDefaultSSLContext(Object context)
Allows a customizing of SSLClientContext used be the factory.
|
void |
setHostnameVerifier(HostnameVerifier ver)
Sets the hostname verifier.
|
void |
setIgnoreServerCertificate(boolean arg)
Acitivates/deactivates verification of server certificate.
|
void |
setSSLDebugStream(OutputStream out)
Replicates the debugging outputs to specified output stream.
|
void |
setUseProxyForSocketConnection(boolean arg)
Defines whether the
createSocket(String, int) and
createSocket(String, int, String[]) methods should determine
proxy setting using System properties. |
public SecureConnectionFactory(KeyStore keystore)
SecureConnectionFactory(KeyStore, KeyStore)
with
null
as second parameter. setIgnoreServerCertificate(boolean)
method. But it's not recomended to use this method, because it
contradicts with SSL principles.keystore
- a keystore with trusted certificates for server authentication
and KeyAndCertificate pairs for client authenticationpublic SecureConnectionFactory(KeyStore truststore, KeyStore keystore)
setIgnoreServerCertificate(boolean)
method. But it's not recomended to use this method, because it
contradicts with SSL principles.truststore
- a keystore with trusted certificates for server authenticationkeystore
- a keystore used for client authenticationpublic SecureConnectionFactory(KeyStore truststore, Object truststoreCreds, KeyStore keystore, Object keystoreCreds)
setIgnoreServerCertificate(boolean)
method. But it's not recomended to use this method, because it
contradicts with SSL principles.truststore
- a keystore with trusted certificates for server authenticationtruststoreCreds
- is ignored nowkeystore
- a keystore used for client authenticationkeystoreCreds
- is either ignored or if it is an instance of char[] used as
described in KeyStore.getKey(java.lang.String, char[])
public SecureConnectionFactory(String trustview, String keyview)
trustview
- the name of the view containing trusted certificateskeyview
- the name of the view containing client certificates. It can be
identical with trustview.public SecureConnectionFactory(Certificate[] trustedcerts, Object[] keyandcerts)
trustedcerts
- keystore view with the trusted certificateskeyandcerts
- the client key and certificatepublic static SecureConnectionFactory getDefault()
protected void initFactory(KeyStore truststore, Object truststoreCreds, KeyStore keystore, Object keystoreCreds)
protected void initFactory(Certificate[] trustedcerts, Object[] keyandcerts)
public void setDefaultSSLContext(Object context)
context
- should be an instance of iaik.security.ssl.SSLClientContext
and contain a nessesory settings for SSL connections.public void setSSLDebugStream(OutputStream out)
out
- OuputStram to write to.public void setIgnoreServerCertificate(boolean arg)
true
will deactivate server
authentication (including naming check) for all connection created with
this factory instance. arg
- boolean parameter for (de)activating the validation of the
server certificatepublic void setHostnameVerifier(HostnameVerifier ver)
factory.setHostnameVerifier(new HostnameVerifier (){
public boolean verify (String urlHostname, String certHostname ) {
// compare the strings on your way
return ...;
}
});
ver
- instance odd HostnameVerifierpublic void setUseProxyForSocketConnection(boolean arg)
createSocket(String, int)
and
createSocket(String, int, String[])
methods should determine
proxy setting using System properties.
Default it's set to true
.arg
- parameter for (not) using a proxypublic HttpURLConnection createURLConnection(String protocol, String host, int port, String file) throws MalformedURLException, IOException, KeyStoreException
protocol, host, port and file
.protocol
- http
and https
are supportedhost
- the host name of the target serverport
- the port number on the target serverfile
- the filename on the target server (e.g. /myapp/index.html)MalformedURLException
- if it was not possible to create a valid URL from input dataIOException
- if an I/O exception occursKeyStoreException
- if exception occurs during access to the keystorepublic HttpURLConnection createURLConnection(String protocol, String host, int port, String file, String keyalias) throws MalformedURLException, IOException, KeyStoreException
protocol
- http
and https
are supportedhost
- the host name of the target serverport
- the port number on the target serverfile
- the filename on the target server (e.g. /myapp/index.html)keyalias
- alias for the client credentials in the keystoreMalformedURLException
- if the URL is not valid or the protocol is not supportedIOException
- if an I/O exception occursKeyStoreException
- if a key cannot be read from the keystorepublic HttpURLConnection createURLConnection(String protocol, String host, int port, String file, String[] keyaliases) throws MalformedURLException, IOException, KeyStoreException
protocol
- http
and https
are supportedhost
- the host name of the target serverport
- the host name of the target serverfile
- the filename on the target server (e.g. /myapp/index.html)keyaliases
- aliases for the client credentials in the keystoreMalformedURLException
- if the URL is not valid or the protocol is not supportedIOException
- if an I/O exception occursKeyStoreException
- if a key cannot be read from the keystorepublic HttpURLConnection createURLConnection(String url) throws MalformedURLException, IOException, KeyStoreException
url
- the URL of the target serverMalformedURLException
- if the URL is not valid or the protocol is not supportedIOException
- if an I/O exception occursKeyStoreException
- if a key cannot be read from the keystorepublic HttpURLConnection createURLConnection(String url, Proxy proxy) throws MalformedURLException, IOException, KeyStoreException
url
- proxy
- MalformedURLException
IOException
KeyStoreException
public HttpURLConnection createURLConnection(String url, Proxy proxy, String[] keyaliases) throws MalformedURLException, IOException, KeyStoreException
url
- proxy
- keyaliases
- MalformedURLException
IOException
KeyStoreException
public HttpURLConnection createURLConnection(String url, String keyalias) throws MalformedURLException, IOException, KeyStoreException
url
- the URL of the target serverkeyalias
- aliases for the client credentials in the keystoreMalformedURLException
- if the URL is not valid or the protocol is not supportedIOException
- if an I/O exception occursKeyStoreException
- if a key cannot be read from the keystorepublic HttpURLConnection createURLConnection(String url, String[] keyaliases) throws MalformedURLException, IOException, KeyStoreException
url
- the URL of the target serverkeyaliases
- aliases for the client credentials in the keystoreMalformedURLException
- if the URL is not valid or the protocol is not supportedIOException
- if an I/O exception occursKeyStoreException
- if a key cannot be read from the keystorepublic Socket createSocket(InetAddress inetAddr, int port) throws IOException
inetAddr
- the address of the target serverport
- the port of the target serverIOException
- if an I/O exception occurspublic Socket createSocket(InetAddress inetAddr, int port, String[] aliases) throws IOException
inetAddr
- the address of the target serverport
- the port of the target portaliases
- the aliases of the client credentials in the keystoreIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port, InetAddress clientAddr, int cport) throws IOException
host
- the host of the target serverport
- the port of the target portclientAddr
- the address of the clientcport
- the port of the clientIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port, InetAddress clientAddr, int cport, String[] aliases) throws IOException
host
- the host of the target serverport
- the port of the target portclientAddr
- the address of the clientcport
- the port of the clientaliases
- aliases of the client credentials in the keystoreIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port) throws IOException
setUseProxyForSocketConnection
.createSocket
in interface SocketFactory
host
- the host of the target serverport
- the port of the target portIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port, String[] aliases) throws IOException
setUseProxyForSocketConnection
.host
- the host of the target serverport
- the port of the target portaliases
- aliases of the client credentials in the keystoreIOException
- if an I/O exception occurspublic Socket createSocket(InetAddress inetAddr, int port, InetAddress clientAddr, int cport) throws IOException
inetAddr
- the address of the target serverport
- the port of the target portclientAddr
- the address of the clientcport
- the port of the clientIOException
- if an I/O exception occurspublic Socket createSocket(InetAddress inetAddr, int port, InetAddress clientAddr, int cport, String[] aliases) throws IOException
inetAddr
- the address of the target serverport
- the port of the target portclientAddr
- the address of the clientcport
- the port of the clientaliases
- aliases of the client credentials in the keystoreIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port, Socket socket) throws IOException
Socket proxySocket = Utils.getProxySocket(host, _port, proxyuser, proxypwd);
Socket socket = factory.createSocket(_host,_port, proxySocket);
createSocket
in interface SocketFactory
host
- the host of the target serverport
- the port of the target serversocket
- the socket to be usedIOException
- if an I/O exception occurspublic Socket createSocket(String host, int port, Socket socket, String[] aliases) throws IOException
Socket proxySocket = Utils.getProxySocket(host, _port, proxyuser, proxypwd);
Socket socket = factory.createSocket(_host,_port, proxySocket);
host
- the host of the target serverport
- the port of the target serversocket
- the socket to be usedaliases
- the aliases of the client credentials in the keystoreIOException
- if an I/O exception occurspublic void setConnectionHeader(String arg)
"keep-alive"
.arg
- value of "Connection" -header (i.e. close or keep-alive)public String getConnectionHeader()
Access Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/bl/security/lib
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC
|
[sap.com] SAP_BUILDT
|
[sap.com] tc/bi/wstech
|
def
|
BC-CTS-CBS-PLG
|
Copyright 2018 SAP AG Complete Copyright Notice