de.tu_darmstadt.sp.rmi
Class RMISSLSocketFactory

java.lang.Object
  |
  +--javax.net.SocketFactory
        |
        +--javax.net.ssl.SSLSocketFactory
              |
              +--de.tu_darmstadt.sp.ssl.SSLeaySocketFactory
                    |
                    +--de.tu_darmstadt.sp.rmi.RMISSLSocketFactory

public class RMISSLSocketFactory
extends SSLeaySocketFactory
implements java.rmi.server.RMIClientSocketFactory, java.io.Serializable

Class RMISSLSocketFactory provides RMISSLSockets for RMI calls. The sockets are configured to require peer authentication (default).

Every aplication can query the identity of the last call's peer using the getServer, getServerCertificateChain and getServerCertificate.

The posibility of querying the last call's peer identity is based on the assumption that the thread performing a rmi call does all the steps of the remote call. This is not specified in the RMI specification, but it is very likely to be true, since RMI is syncronous. Thus, using the getCurrentClientSideSocket method of the RMISSLSocket class, we can obtain the socket used for the last RMI call, which contains all session data, including peer identity and so on.. Life would be easier if RMI would provide the means to reach a Socket used for a remote call..

Version:
$Revision: 1.5 $
Author:
Andrei Popovici
See Also:
Serialized Form

Fields inherited from class de.tu_darmstadt.sp.ssl.SSLeaySocketFactory
context, socketType
 
Constructor Summary
RMISSLSocketFactory()
           
 
Method Summary
static SSLSocket getServer()
          Return the Socket used by the last RMI call in the current thread.
static java.security.cert.X509Certificate getServerCertificate()
          Return the certificate representing the identity of the peer in the last RMI call of the current thread.
static java.security.cert.X509Certificate[] getServerCertificateChain()
          Return the certificate chain used by the peer in the last RMI call of the current thread.
 
Methods inherited from class de.tu_darmstadt.sp.ssl.SSLeaySocketFactory
createSocket, createSocket, createSocket, createSocket, getDefaultCipherSuites, getSocketPrototypeClass, getSupportedCipherSuites, setDefaultCipherSuites, setSocketPrototype, setSSLPolicy
 
Methods inherited from class javax.net.ssl.SSLSocketFactory
getDefault, setDefault
 
Methods inherited from class javax.net.SocketFactory
setDefault
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

RMISSLSocketFactory

public RMISSLSocketFactory()
Method Detail

getServer

public static SSLSocket getServer()
Return the Socket used by the last RMI call in the current thread. It is the socket used for the connection to the server.

getServerCertificateChain

public static java.security.cert.X509Certificate[] getServerCertificateChain()
                                                                      throws SSLPeerUnverifiedException
Return the certificate chain used by the peer in the last RMI call of the current thread. The first certificate is the identity of the peer.

This method is just "syntactic sugar" since the same information can be obtained from the socket returned by getServer.


getServerCertificate

public static java.security.cert.X509Certificate getServerCertificate()
                                                               throws SSLPeerUnverifiedException
Return the certificate representing the identity of the peer in the last RMI call of the current thread.

This method is just "syntactic sugar" since the same information can be obtained from the socket returned by fetRemoteCallSocket.