Class JNDISocketFactory

java.lang.Object
javax.net.SocketFactory
javax.net.ssl.SSLSocketFactory
de.hybris.platform.ldap.connection.ssl.JNDISocketFactory

public class JNDISocketFactory extends SSLSocketFactory

Socket factory for SSL jndi links that returns an SSL socket. It incorporates a keystore, which must contain the certs used to authenticate the client.

  • Constructor Details

    • JNDISocketFactory

      public JNDISocketFactory()
  • Method Details

    • setClassLoader

      public static void setClassLoader(ClassLoader newLoader)
      Register a custom class loader to be used by the class when getting security providers.
    • setDebugOn

      public static void setDebugOn()
      Enable debugging...
    • init

      public static void init(String caKeystoreFile, String clientKeystoreFile, char[] caPassphrase, char[] clientPassphrase, String caKeystoreType, String clientKeystoreType) throws NamingException

      Initialize the socket factory with a particular key store(s) and security provider. The minimum requirement is for a keystore containing trusted directory servers (the 'castore', or trusted certificate authority store, since the servers are usually signed by a common CA, whose cert would be held in this file).

      Further options include a private key store (the 'clientstore') that allows for client-authenticated ssl and SASL).

      Finally, it is possible to configure a non-standard keystore type and security provider. The keystore type defaults to Sun's JKS (at time of writting, the only keystore type that the default Sun security provider will handle).

      Nb. - it is possible to set a custom class loader (using 'registerClassLoader()' ) in which case this loader can be used to load the security provider.

      Parameters:
      caKeystoreFile - A keystore file name of public certificates (trusted CA signs)
      clientKeystoreFile - A keystore file name of the client's certificates, containing private keys. (may be null if only simple, 'server authenticated' ssl is being used).
      caPassphrase - A password for the caKeystoreFile certificate. (may be null if only simple, 'server authenticated' ssl is being used, and keystore type is 'JKS'). Calling Program must manually clear passphrase after init() call.
      clientPassphrase - A password for the clientKeystoreFile certificate. (may be null if only simple, 'server authenticated' ssl is being used). Calling Program must manually clear passphrase after init() call.
      caKeystoreType - The type of cakeystore file. (null => 'JKS')
      clientKeystoreType - The type of clientkeystore file. (null => 'JKS')
      Throws:
      NamingException
    • getDefault

      public static SocketFactory getDefault()
      Return an instance of this class.
      Returns:
      An instance of JNDISocketFactory.
    • getClientKeyStore

      public static KeyStore getClientKeyStore()
    • createSocket

      public Socket createSocket() throws IOException, UnknownHostException
      Overrides:
      createSocket in class SocketFactory
      Throws:
      IOException
      UnknownHostException
    • createSocket

      public Socket createSocket(String host, int port) throws IOException, UnknownHostException
      Return an SSLSocket (upcast to Socket) given host and port.
      Specified by:
      createSocket in class SocketFactory
      Parameters:
      host - Name of the host to which the socket will be opened.
      port - Port to connect to.
      Returns:
      An SSLSocket instance (as a Socket).
      Throws:
      IOException - If the connection can't be established.
      UnknownHostException - If the host is not known.
    • createSocket

      public Socket createSocket(InetAddress host, int port) throws IOException, UnknownHostException
      Return an SSLSocket (upcast to Socket) given host and port.
      Specified by:
      createSocket in class SocketFactory
      Parameters:
      host - Address of the server host.
      port - Port to connect to.
      Returns:
      An SSLSocket instance (as a Socket).
      Throws:
      IOException - If the connection can't be established.
      UnknownHostException - If the host is not known.
    • createSocket

      public Socket createSocket(InetAddress host, int port, InetAddress client_host, int client_port) throws IOException, UnknownHostException
      Return an SSLSocket (upcast to Socket) given host and port. The client is bound to the specified network address and port.
      Specified by:
      createSocket in class SocketFactory
      Parameters:
      host - Address of the server host.
      port - Port to connect to.
      client_host - Address of this (client) host.
      client_port - Port to connect from.
      Returns:
      An SSLSocket instance (as a Socket).
      Throws:
      IOException - If the connection can't be established.
      UnknownHostException - If the host is not known.
    • createSocket

      public Socket createSocket(String host, int port, InetAddress client_host, int client_port) throws IOException, UnknownHostException
      Return an SSLSocket (upcast to Socket) given host and port. The client is bound to the specified network address and port.
      Specified by:
      createSocket in class SocketFactory
      Parameters:
      host - Address of the server host.
      port - Port to connect to.
      client_host - Address of this (client) host.
      client_port - Port to connect from.
      Returns:
      An SSLSocket instance (as a Socket).
      Throws:
      IOException - If the connection can't be established.
      UnknownHostException - If the host is not known.
    • createSocket

      public Socket createSocket(Socket socket, String host, int port, boolean autoclose) throws IOException, UnknownHostException
      Return an SSLSocket layered on top of the given Socket.
      Specified by:
      createSocket in class SSLSocketFactory
      Throws:
      IOException
      UnknownHostException
    • getDefaultCipherSuites

      public String[] getDefaultCipherSuites()
      Return default cipher suites.
      Specified by:
      getDefaultCipherSuites in class SSLSocketFactory
    • getSupportedCipherSuites

      public String[] getSupportedCipherSuites()
      Return supported cipher suites.
      Specified by:
      getSupportedCipherSuites in class SSLSocketFactory