001: /*
002: * Copyright 1999,2004 The Apache Software Foundation.
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016: package org.apache.coyote.tomcat5;
017:
018: import java.io.File;
019: import java.net.InetAddress;
020: import java.net.ServerSocket;
021:
022: /**
023: * This socket factory holds secure socket factory parameters. Besides the usual
024: * configuration mechanism based on setting JavaBeans properties, this
025: * component may also be configured by passing a series of attributes set
026: * with calls to <code>setAttribute()</code>. The following attribute
027: * names are recognized, with default values in square brackets:
028: * <ul>
029: * <li><strong>algorithm</strong> - Certificate encoding algorithm
030: * to use. [SunX509]</li>
031: * <li><strong>clientAuth</strong> - Require client authentication if
032: * set to <code>true</code>. [false]</li>
033: * <li><strong>keystoreFile</strong> - Pathname to the Key Store file to be
034: * loaded. This must be an absolute path, or a relative path that
035: * is resolved against the "catalina.base" system property.
036: * ["./keystore" in the user home directory]</li>
037: * <li><strong>keystorePass</strong> - Password for the Key Store file to be
038: * loaded. ["changeit"]</li>
039: * <li><strong>keystoreType</strong> - Type of the Key Store file to be
040: * loaded. ["JKS"]</li>
041: * <li><strong>protocol</strong> - SSL protocol to use. [TLS]</li>
042: * </ul>
043: *
044: * @author Harish Prabandham
045: * @author Costin Manolache
046: * @author Craig McClanahan
047: */
048:
049: public class CoyoteServerSocketFactory implements
050: org.apache.catalina.net.ServerSocketFactory {
051:
052: private String algorithm = null;
053: private String clientAuth = "false";
054: private String keystoreFile = System.getProperty("user.home")
055: + File.separator + ".keystore";
056: private String randomFile = System.getProperty("user.home")
057: + File.separator + "random.pem";
058: private String rootFile = System.getProperty("user.home")
059: + File.separator + "root.pem";
060: private String keystorePass = "changeit";
061: private String keystoreType = "JKS";
062: private String protocol = "TLS";
063: private String protocols;
064: private String sslImplementation = null;
065: private String cipherSuites;
066: private String keyAlias;
067:
068: // ------------------------------------------------------------- Properties
069:
070: /**
071: * Gets the certificate encoding algorithm to be used.
072: *
073: * @return Certificate encoding algorithm
074: */
075: public String getAlgorithm() {
076: return (this .algorithm);
077: }
078:
079: /**
080: * Sets the certificate encoding algorithm to be used.
081: *
082: * @param algorithm Certificate encoding algorithm
083: */
084: public void setAlgorithm(String algorithm) {
085: this .algorithm = algorithm;
086: }
087:
088: /**
089: * Provides information about whether client authentication is enforced.
090: *
091: * @return <code>true</code> if client authentication is enforced,
092: * <code>want</code> if client authentication is desired,
093: * <code>false</code> otherwise
094: */
095: public String getClientAuth() {
096: return (this .clientAuth);
097: }
098:
099: /**
100: * Sets the requirement of client authentication.
101: *
102: * @param clientAuth <code>true</code> if client authentication is enforced,
103: * <code>want</code> if client authentication is desired,
104: * <code>false</code>
105: * otherwise
106: */
107: public void setClientAuth(String clientAuth) {
108: this .clientAuth = clientAuth;
109: }
110:
111: /**
112: * Gets the pathname to the keystore file.
113: *
114: * @return Pathname to the keystore file
115: */
116: public String getKeystoreFile() {
117: return (this .keystoreFile);
118: }
119:
120: /**
121: * Sets the pathname to the keystore file.
122: *
123: * @param keystoreFile Pathname to the keystore file
124: */
125: public void setKeystoreFile(String keystoreFile) {
126:
127: File file = new File(keystoreFile);
128: if (!file.isAbsolute())
129: file = new File(System.getProperty("catalina.base"),
130: keystoreFile);
131: this .keystoreFile = file.getAbsolutePath();
132: }
133:
134: /**
135: * Gets the pathname to the random file.
136: *
137: * @return Pathname to the random file
138: */
139: public String getRandomFile() {
140: return (this .randomFile);
141: }
142:
143: /**
144: * Sets the pathname to the random file.
145: *
146: * @param randomFile Pathname to the random file
147: */
148: public void setRandomFile(String randomFile) {
149:
150: File file = new File(randomFile);
151: if (!file.isAbsolute())
152: file = new File(System.getProperty("catalina.base"),
153: randomFile);
154: this .randomFile = file.getAbsolutePath();
155: }
156:
157: /**
158: * Gets the pathname to the root list.
159: *
160: * @return Pathname to the root list
161: */
162: public String getRootFile() {
163: return (this .rootFile);
164: }
165:
166: /**
167: * Sets the pathname to the root list.
168: *
169: * @param rootFile Pathname to the root list
170: */
171: public void setRootFile(String rootFile) {
172:
173: File file = new File(rootFile);
174: if (!file.isAbsolute())
175: file = new File(System.getProperty("catalina.base"),
176: rootFile);
177: this .rootFile = file.getAbsolutePath();
178: }
179:
180: /**
181: * Gets the keystore password.
182: *
183: * @return Keystore password
184: */
185: public String getKeystorePass() {
186: return (this .keystorePass);
187: }
188:
189: /**
190: * Sets the keystore password.
191: *
192: * @param keystorePass Keystore password
193: */
194: public void setKeystorePass(String keystorePass) {
195: this .keystorePass = keystorePass;
196: }
197:
198: /**
199: * Gets the keystore type.
200: *
201: * @return Keystore type
202: */
203: public String getKeystoreType() {
204: return (this .keystoreType);
205: }
206:
207: /**
208: * Sets the keystore type.
209: *
210: * @param keystoreType Keystore type
211: */
212: public void setKeystoreType(String keystoreType) {
213: this .keystoreType = keystoreType;
214: }
215:
216: /**
217: * Gets the SSL protocol variant to be used.
218: *
219: * @return SSL protocol variant
220: */
221: public String getProtocol() {
222: return (this .protocol);
223: }
224:
225: /**
226: * Sets the SSL protocol variant to be used.
227: *
228: * @param protocol SSL protocol variant
229: */
230: public void setProtocol(String protocol) {
231: this .protocol = protocol;
232: }
233:
234: /**
235: * Gets the SSL protocol variants to be enabled.
236: *
237: * @return Comma-separated list of SSL protocol variants
238: */
239: public String getProtocols() {
240: return this .protocols;
241: }
242:
243: /**
244: * Sets the SSL protocol variants to be enabled.
245: *
246: * @param protocols Comma-separated list of SSL protocol variants
247: */
248: public void setProtocols(String protocols) {
249: this .protocols = protocols;
250: }
251:
252: /**
253: * Gets the name of the SSL implementation to be used.
254: *
255: * @return SSL implementation name
256: */
257: public String getSSLImplementation() {
258: return (this .sslImplementation);
259: }
260:
261: /**
262: * Sets the name of the SSL implementation to be used.
263: *
264: * @param sslImplementation SSL implementation name
265: */
266: public void setSSLImplementation(String sslImplementation) {
267: this .sslImplementation = sslImplementation;
268: }
269:
270: /**
271: * Gets the alias name of the keypair and supporting certificate chain
272: * used by the server to authenticate itself to SSL clients.
273: *
274: * @return The alias name of the keypair and supporting certificate chain
275: */
276: public String getKeyAlias() {
277: return this .keyAlias;
278: }
279:
280: /**
281: * Sets the alias name of the keypair and supporting certificate chain
282: * used by the server to authenticate itself to SSL clients.
283: *
284: * @param alias The alias name of the keypair and supporting certificate
285: * chain
286: */
287: public void setKeyAlias(String alias) {
288: this .keyAlias = alias;
289: }
290:
291: /**
292: * Gets the list of SSL cipher suites that are to be enabled
293: *
294: * @return Comma-separated list of SSL cipher suites, or null if all
295: * cipher suites supported by the underlying SSL implementation are being
296: * enabled
297: */
298: public String getCiphers() {
299: return this .cipherSuites;
300: }
301:
302: /**
303: * Sets the SSL cipher suites that are to be enabled.
304: *
305: * Only those SSL cipher suites that are actually supported by
306: * the underlying SSL implementation will be enabled.
307: *
308: * @param ciphers Comma-separated list of SSL cipher suites
309: */
310: public void setCiphers(String ciphers) {
311: this .cipherSuites = ciphers;
312: }
313:
314: // --------------------------------------------------------- Public Methods
315:
316: public ServerSocket createSocket(int port) {
317: return (null);
318: }
319:
320: public ServerSocket createSocket(int port, int backlog) {
321: return (null);
322: }
323:
324: public ServerSocket createSocket(int port, int backlog,
325: InetAddress ifAddress) {
326: return (null);
327: }
328:
329: }
|