de.tu_darmstadt.sp.rmi
Class RMISSLServerSocketFactory
java.lang.Object
|
+--javax.net.ServerSocketFactory
|
+--javax.net.ssl.SSLServerSocketFactory
|
+--de.tu_darmstadt.sp.ssl.SSLeayServerSocketFactory
|
+--de.tu_darmstadt.sp.rmi.RMISSLServerSocketFactory
- public class RMISSLServerSocketFactory
- extends SSLeayServerSocketFactory
- implements java.rmi.server.RMIServerSocketFactory, java.io.Serializable
Class RMISSLServerSocketFactory provides server sockets for RMI calls.
It actually produces SSLRMIServerSocket
objects for secure
connections. SSLRMIServerSocket
extends SSLeayServerSocket
.
The sockets are configured to require peer (client) authentication.
We produce RMIServerSocket
because we need some
sort of accounting of all accepted connections. The RMIServerSocket
provides this additional functionality.
The instantiation of the factory will fail if the necessary security information
(e.g. ca-file,certificate,private key) is not provided.
The methods getClient
, getClientCertificateChain
and
getClientCertificate
should be called from inside the remote server
object to find out the identity of the caller.
- Version:
- $Revision: 1.4 $
- Author:
- Andrei Popovici
- See Also:
- Serialized Form
Constructor Summary |
RMISSLServerSocketFactory()
Create a new RMISSLServerSocketFactory which produces RMIServerSocket
objects. |
Method Summary |
static SSLSocket |
getClient()
Return the socket used by the currnt RMI call. |
static java.security.cert.X509Certificate |
getClientCertificate()
Return the certificate representing the identity of the peer
(client,caller) in the current RMI call. |
static java.security.cert.X509Certificate[] |
getClientCertificateChain()
Return the certificate chain used by the peer(client, caller) in
the current RMI call. |
protected void |
setSSLPolicy(SSLeayServerSocket s)
We need to re-specify the policy for our server sockets to require peer
authentication. |
Methods inherited from class java.lang.Object |
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
RMISSLServerSocketFactory
public RMISSLServerSocketFactory()
- Create a new RMISSLServerSocketFactory which produces
RMIServerSocket
objects. We produce RMIServerSocket
because we need some
sort of accounting of all accepted connections. The RMIServerSocket
provide this additional functionality.
setSSLPolicy
protected void setSSLPolicy(SSLeayServerSocket s)
- We need to re-specify the policy for our server sockets to require peer
authentication.
RMIServerSocket
s are basicly SSLeayServerSocket
s,
which by default do not authentify the peer (in our case, the
client, the caller).
- Overrides:
- setSSLPolicy in class SSLeayServerSocketFactory
getClient
public static SSLSocket getClient()
- Return the socket used by the currnt RMI call. It is the socket used for
the connection to the client.
getClientCertificateChain
public static java.security.cert.X509Certificate[] getClientCertificateChain()
throws SSLPeerUnverifiedException
- Return the certificate chain used by the peer(client, caller) in
the current RMI call. The first certificate is the identity of the peer.
This method is just "syntactic sugar" since the same information can be obtained
from the socket returned by getClient
.
getClientCertificate
public static java.security.cert.X509Certificate getClientCertificate()
throws SSLPeerUnverifiedException
- Return the certificate representing the identity of the peer
(client,caller) in the current RMI call.
This method is just "syntactic sugar" since the same information can be obtained
from the socket returned by getClient
.