List of usage examples for javax.net.ssl SSLServerSocket setNeedClientAuth
public abstract void setNeedClientAuth(boolean need);
accepted server-mode SSLSockets will be initially configured to require client authentication. From source file:org.quickserver.net.server.QuickServer.java
/** * Returns a ServerSocket object to be used for listening. * @since 1.4.0//from w w w .j av a 2s. c o m */ protected void makeServerSocket() throws BindException, IOException { server = null; logger.log(Level.FINEST, "Binding {0} to IP: {1}", new Object[] { getName(), getBindAddr() }); InetSocketAddress bindAddress = new InetSocketAddress(getBindAddr(), getPort()); try { NetworkInterface ni = NetworkInterface.getByInetAddress(getBindAddr()); if (ni != null) { logger.fine("NetworkInterface: " + ni); } } catch (Exception igrnore) { /*ignore*/} catch (Error igrnore) { /*ignore*/} if (getSecure().isEnable() == false) { logger.log(Level.FINE, "Making a normal ServerSocket for {0}", getName()); setRunningSecure(false); if (getBlockingMode() == false) { //for non-blocking serverSocketChannel = ServerSocketChannel.open(); server = serverSocketChannel.socket(); server.bind(bindAddress, getBasicConfig().getAdvancedSettings().getBacklog()); } else { //for blocking server = new ServerSocket(getPort(), getBasicConfig().getAdvancedSettings().getBacklog(), getBindAddr()); } } else { try { logger.log(Level.FINE, "Making a secure ServerSocket for {0}", getName()); getSSLContext(); setRunningSecure(true); if (getBlockingMode() == false) { logger.log(Level.FINE, "Making a secure ServerSocketChannel for {0}", getName()); //for non-blocking serverSocketChannel = ServerSocketChannel.open(); server = serverSocketChannel.socket(); server.bind(bindAddress, getBasicConfig().getAdvancedSettings().getBacklog()); } else { ServerSocketFactory ssf = getSSLContext().getServerSocketFactory(); SSLServerSocket serversocket = (SSLServerSocket) ssf.createServerSocket(getPort(), getBasicConfig().getAdvancedSettings().getBacklog(), getBindAddr()); serversocket.setNeedClientAuth(secure.isClientAuthEnable()); setRunningSecure(true); secureStoreManager.logSSLServerSocketInfo(serversocket); server = serversocket; serverSocketChannel = server.getChannel(); if (serverSocketChannel == null && getBlockingMode() == false) { logger.warning("Secure Server does not support Channel! So will run in blocking mode."); blockingMode = false; } } //blocking } catch (NoSuchAlgorithmException e) { logger.log(Level.WARNING, "NoSuchAlgorithmException : {0}", e); throw new IOException("Error creating secure socket : " + e.getMessage()); } catch (KeyManagementException e) { logger.log(Level.WARNING, "KeyManagementException : {0}", e); throw new IOException("Error creating secure socket : " + e.getMessage()); } } server.setReuseAddress(true); int connectionTime = 0; int latency = 0; int bandwidth = 0; connectionTime = getBasicConfig().getAdvancedSettings().getPerformancePreferencesConnectionTime(); latency = getBasicConfig().getAdvancedSettings().getPerformancePreferencesLatency(); bandwidth = getBasicConfig().getAdvancedSettings().getPerformancePreferencesBandwidth(); logger.log(Level.FINE, "getPerformancePreferencesConnectionTime : {0}", connectionTime); logger.log(Level.FINE, "getPerformancePreferencesLatency : {0}", latency); logger.log(Level.FINE, "getPerformancePreferencesBandwidth : {0}", bandwidth); server.setPerformancePreferences(connectionTime, latency, bandwidth); int clientSocketReceiveBufferSize = getBasicConfig().getAdvancedSettings() .getClientSocketReceiveBufferSize(); if (clientSocketReceiveBufferSize > 0) { logger.log(Level.FINE, "clientSocketReceiveBufferSize: {0}", clientSocketReceiveBufferSize); server.setReceiveBufferSize(clientSocketReceiveBufferSize); } if (getBlockingMode() == false) { logger.log(Level.FINE, "Server Mode {0} - Non Blocking", getName()); if (selector == null || selector.isOpen() == false) { logger.finest("Opening new selector"); selector = Selector.open(); } else { logger.log(Level.FINEST, "Reusing selector: {0}", selector); } serverSocketChannel.configureBlocking(false); serverSocketChannel.register(selector, SelectionKey.OP_ACCEPT); selector.wakeup(); } else { logger.log(Level.FINE, "Server Mode {0} - Blocking", getName()); } }
From source file:test.integ.be.fedict.commons.eid.client.SSLTest.java
@Test public void testMutualSSL() throws Exception { Security.addProvider(new BeIDProvider()); final KeyPair serverKeyPair = generateKeyPair(); final PrivateKey serverPrivateKey = serverKeyPair.getPrivate(); final DateTime notBefore = new DateTime(); final DateTime notAfter = notBefore.plusDays(1); final X509Certificate serverCertificate = generateCACertificate(serverKeyPair, "CN=Test", notBefore, notAfter);/*from w w w .j ava 2 s . c o m*/ final KeyManager keyManager = new ServerTestX509KeyManager(serverPrivateKey, serverCertificate); final TrustManager trustManager = new ServerTestX509TrustManager(); final SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(new KeyManager[] { keyManager }, new TrustManager[] { trustManager }, new SecureRandom()); final SSLServerSocketFactory sslServerSocketFactory = sslContext.getServerSocketFactory(); final int serverPort = 8443; final SSLServerSocket sslServerSocket = (SSLServerSocket) sslServerSocketFactory .createServerSocket(serverPort); sslServerSocket.setNeedClientAuth(true); final TestRunnable testRunnable = new TestRunnable(serverPort); final Thread thread = new Thread(testRunnable); thread.start(); SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); LOG.debug("server accepted"); InputStream inputStream = sslSocket.getInputStream(); int result = inputStream.read(); LOG.debug("result: " + result); assertEquals(12, result); SSLSession sslSession = sslSocket.getSession(); sslSession.invalidate(); sslSocket = (SSLSocket) sslServerSocket.accept(); inputStream = sslSocket.getInputStream(); result = inputStream.read(); LOG.debug("result: " + result); assertEquals(34, result); }