001: /*******************************************************************************
002: * Licensed to the Apache Software Foundation (ASF) under one
003: * or more contributor license agreements. See the NOTICE file
004: * distributed with this work for additional information
005: * regarding copyright ownership. The ASF licenses this file
006: * to you under the Apache License, Version 2.0 (the
007: * "License"); you may not use this file except in compliance
008: * with the License. You may obtain a copy of the License at
009: *
010: * http://www.apache.org/licenses/LICENSE-2.0
011: *
012: * Unless required by applicable law or agreed to in writing,
013: * software distributed under the License is distributed on an
014: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015: * KIND, either express or implied. See the License for the
016: * specific language governing permissions and limitations
017: * under the License.
018: *******************************************************************************/package org.ofbiz.service.rmi.socket.ssl;
019:
020: import java.io.FileInputStream;
021: import java.io.IOException;
022: import java.io.Serializable;
023: import java.net.ServerSocket;
024: import java.rmi.server.RMIServerSocketFactory;
025: import java.security.GeneralSecurityException;
026: import java.security.KeyStore;
027: import java.security.KeyStoreException;
028: import java.security.NoSuchAlgorithmException;
029: import java.security.cert.CertificateException;
030: import javax.net.ssl.SSLServerSocket;
031:
032: import org.ofbiz.base.util.Debug;
033: import org.ofbiz.base.util.SSLUtil;
034: import org.ofbiz.base.util.UtilProperties;
035: import org.ofbiz.base.config.GenericConfigException;
036:
037: /**
038: * RMI SSL Server Socket Factory
039: */
040: public class SSLServerSocketFactory implements RMIServerSocketFactory,
041: Serializable {
042:
043: public static final String module = SSLServerSocketFactory.class
044: .getName();
045: protected boolean clientAuth = false;
046: protected String keystore = null;
047: protected String ksType = null;
048: protected String ksPass = null;
049: protected String alias = null;
050:
051: public void setNeedClientAuth(boolean clientAuth) {
052: this .clientAuth = clientAuth;
053: }
054:
055: public void setKeyStore(String location, String type,
056: String password) {
057: this .keystore = location;
058: this .ksType = type;
059: this .ksPass = password;
060: this .alias = alias;
061: }
062:
063: public void setKeyStoreAlias(String alias) {
064: this .alias = alias;
065: }
066:
067: public ServerSocket createServerSocket(int port) throws IOException {
068: char[] passphrase = null;
069: if (ksPass != null) {
070: passphrase = ksPass.toCharArray();
071: }
072:
073: KeyStore ks = null;
074: if (keystore != null) {
075: try {
076: ks = KeyStore.getInstance(ksType);
077: ks.load(new FileInputStream(keystore), passphrase);
078: } catch (NoSuchAlgorithmException e) {
079: Debug.logError(e, module);
080: throw new IOException(e.getMessage());
081: } catch (CertificateException e) {
082: Debug.logError(e, module);
083: throw new IOException(e.getMessage());
084: } catch (KeyStoreException e) {
085: Debug.logError(e, module);
086: throw new IOException(e.getMessage());
087: }
088: }
089:
090: if (alias == null) {
091: throw new IOException(
092: "SSL certificate alias cannot be null; MUST be set for SSLServerSocketFactory!");
093: }
094:
095: javax.net.ssl.SSLServerSocketFactory factory = null;
096: try {
097: if (ks != null) {
098: factory = SSLUtil.getSSLServerSocketFactory(ks, ksPass,
099: alias);
100: } else {
101: factory = SSLUtil.getSSLServerSocketFactory(alias);
102: }
103: } catch (GeneralSecurityException e) {
104: Debug
105: .logError(
106: e,
107: "Error getting javax.net.ssl.SSLServerSocketFactory instance for Service Engine RMI calls: "
108: + e.toString(), module);
109: throw new IOException(e.toString());
110: } catch (GenericConfigException e) {
111: Debug
112: .logError(
113: e,
114: "Error getting javax.net.ssl.SSLServerSocketFactory instance for Service Engine RMI calls: "
115: + e.toString(), module);
116: }
117:
118: if (factory == null) {
119: throw new IOException(
120: "Unable to obtain SSLServerSocketFactory for provided KeyStore");
121: }
122:
123: SSLServerSocket socket = (SSLServerSocket) factory
124: .createServerSocket(port);
125: socket.setNeedClientAuth(clientAuth);
126: return socket;
127: }
128: }
|