Java Doc for AuthSSLProtocolSocketFactory.java in » Web-Crawler » webharvest » org » apache » commons » httpclient » contrib » ssl » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Java Source Code / Java Documentation

1.	6.0 JDK Core
2.	6.0 JDK Modules
3.	6.0 JDK Modules com.sun
4.	6.0 JDK Modules com.sun.java
5.	6.0 JDK Modules sun
6.	6.0 JDK Platform
7.	Ajax
8.	Apache Harmony Java SE
9.	Aspect oriented
10.	Authentication Authorization
11.	Blogger System
12.	Build
13.	Byte Code
14.	Cache
15.	Chart
16.	Chat
17.	Code Analyzer
18.	Collaboration
19.	Content Management System
20.	Database Client
21.	Database DBMS
22.	Database JDBC Connection Pool
23.	Database ORM
24.	Development
25.	EJB Server geronimo
26.	EJB Server GlassFish
27.	EJB Server JBoss 4.2.1
28.	EJB Server resin 3.1.5
29.	ERP CRM Financial
30.	ESB
31.	Forum
32.	GIS
33.	Graphic Library
34.	Groupware
35.	HTML Parser
36.	IDE
37.	IDE Eclipse
38.	IDE Netbeans
39.	Installer
40.	Internationalization Localization
41.	Inversion of Control
42.	Issue Tracking
43.	J2EE
44.	JBoss
45.	JMS
46.	JMX
47.	Library
48.	Mail Clients
49.	Net
50.	Parser
51.	PDF
52.	Portal
53.	Profiler
54.	Project Management
55.	Report
56.	RSS RDF
57.	Rule Engine
58.	Science
59.	Scripting
60.	Search Engine
61.	Security
62.	Sevlet Container
63.	Source Control
64.	Swing Library
65.	Template Engine
66.	Test Coverage
67.	Testing
68.	UML
69.	Web Crawler
70.	Web Framework
71.	Web Mail
72.	Web Server
73.	Web Services
74.	Web Services apache cxf 2.0.1
75.	Web Services AXIS2
76.	Wiki Engine
77.	Workflow Engines
78.	XML
79.	XML UI

Java

Java Tutorial

Illustrator Tutorials

GIMP Tutorials

C# / C Sharp

C# / CSharp Tutorial

C# / CSharp Open Source

SQL Server / T-SQL Tutorial

Oracle PL / SQL

Oracle PL/SQL Tutorial

Flash / Flex / ActionScript

VBA / Excel / Access / Word

XML

XML Tutorial

Microsoft Office PowerPoint 2007 Tutorial

Microsoft Office Excel 2007 Tutorial

Microsoft Office Word 2007 Tutorial

Java Source Code / Java Documentation » Web Crawler » webharvest » org.apache.commons.httpclient.contrib.ssl

Source Cross Reference Class Diagram Java Document (Java Doc)

java.lang .Object

org.apache.commons.httpclient.contrib.ssl .AuthSSLProtocolSocketFactory

AuthSSLProtocolSocketFactory

public class AuthSSLProtocolSocketFactory implements SecureProtocolSocketFactory(Code)

AuthSSLProtocolSocketFactory can be used to validate the identity of the HTTPS server against a list of trusted certificates and to authenticate to the HTTPS server using a private key.

AuthSSLProtocolSocketFactory will enable server authentication when supplied with a KeyStore truststore file containg one or several trusted certificates. The client secure socket will reject the connection during the SSL session handshake if the target HTTPS server attempts to authenticate itself with a non-trusted certificate.

Use JDK keytool utility to import a trusted certificate and generate a truststore file:

 keytool -import -alias "my server cert" -file server.crt -keystore my.truststore

AuthSSLProtocolSocketFactory will enable client authentication when supplied with a KeyStore keystore file containg a private key/public certificate pair. The client secure socket will use the private key to authenticate itself to the target HTTPS server during the SSL session handshake if requested to do so by the server. The target HTTPS server will in its turn verify the certificate presented by the client in order to establish client's authenticity

Use the following sequence of actions to generate a keystore file

Use JDK keytool utility to generate a new key
```
keytool -genkey -v -alias "my client key" -validity 365 -keystore my.keystore
```
For simplicity use the same password for the key as that of the keystore

Issue a certificate signing request (CSR)

keytool -certreq -alias "my client key" -file mycertreq.csr -keystore my.keystore

Send the certificate request to the trusted Certificate Authority for signature. One may choose to act as her own CA and sign the certificate request using a PKI tool, such as OpenSSL.

Import the trusted CA root certificate

keytool -import -alias "my trusted ca" -file caroot.crt -keystore my.keystore

Import the PKCS#7 file containg the complete certificate chain

keytool -import -alias "my client key" -file mycert.p7 -keystore my.keystore

Verify the content the resultant keystore file
```
keytool -list -v -keystore my.keystore
```

Example of using custom protocol socket factory for a specific host:

 Protocol authhttps = new Protocol("https",  
 new AuthSSLProtocolSocketFactory(
 new URL("file:my.keystore"), "mypassword",
 new URL("file:my.truststore"), "mypassword"), 443); 
 HttpClient client = new HttpClient();
 client.getHostConfiguration().setHost("localhost", 443, authhttps);
 // use relative url only
 GetMethod httpget = new GetMethod("/");
 client.executeMethod(httpget);

Example of using custom protocol socket factory per default instead of the standard one:

 Protocol authhttps = new Protocol("https",  
 new AuthSSLProtocolSocketFactory(
 new URL("file:my.keystore"), "mypassword",
 new URL("file:my.truststore"), "mypassword"), 443); 
 Protocol.registerProtocol("https", authhttps);
 HttpClient client = new HttpClient();
 GetMethod httpget = new GetMethod("https://localhost/");
 client.executeMethod(httpget);

author:
Oleg Kalnichevski
author:

author:
   DISCLAIMER: HttpClient developers DO NOT actively support this component.
author:
   The component is provided as a reference material, which may be inappropriate
author:
   for use without additional customization.
author:

Constructor Summary
public	AuthSSLProtocolSocketFactory(URL keystoreUrl, String keystorePassword, URL truststoreUrl, String truststorePassword) Constructor for AuthSSLProtocolSocketFactory.

Method Summary
public Socket	createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) Attempts to get a new socket connection to the given host within the given time limit. To circumvent the limitations of older JREs that do not support connect timeout a controller thread is executed.
public Socket	createSocket(String host, int port, InetAddress clientHost, int clientPort)
public Socket	createSocket(String host, int port)
public Socket	createSocket(Socket socket, String host, int port, boolean autoClose)

Constructor Detail

AuthSSLProtocolSocketFactory
public AuthSSLProtocolSocketFactory(URL keystoreUrl, String keystorePassword, URL truststoreUrl, String truststorePassword)(Code)
	Constructor for AuthSSLProtocolSocketFactory. Either a keystore or truststore file must be given. Otherwise SSL context initialization error will result. Parameters: keystoreUrl - URL of the keystore file. May be `null` if HTTPS clientauthentication is not to be used. Parameters: keystorePassword - Password to unlock the keystore. IMPORTANT: this implementationassumes that the same password is used to protect the key and the keystore itself. Parameters: truststoreUrl - URL of the truststore file. May be `null` if HTTPS serverauthentication is not to be used. Parameters: truststorePassword - Password to unlock the truststore.

Method Detail

createSocket
public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException, UnknownHostException, ConnectTimeoutException(Code)
	Attempts to get a new socket connection to the given host within the given time limit. To circumvent the limitations of older JREs that do not support connect timeout a controller thread is executed. The controller thread attempts to create a new socket within the given limit of time. If socket constructor does not return until the timeout expires, the controller terminates and throws an ConnectTimeoutException Parameters: host - the host name/IP Parameters: port - the port on the host Parameters: clientHost - the local host name/IP to bind the socket to Parameters: clientPort - the port on the local machine Parameters: params - HttpConnectionParams Http connection parameters Socket a new socket throws: IOException - if an I/O error occurs while creating the socket throws: UnknownHostException - if the IP address of the host cannot bedetermined

createSocket
public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort) throws IOException, UnknownHostException(Code)
	See Also: SecureProtocolSocketFactory.createSocket(java.lang.Stringintjava.net.InetAddressint)

createSocket
public Socket createSocket(String host, int port) throws IOException, UnknownHostException(Code)
	See Also: SecureProtocolSocketFactory.createSocket(java.lang.Stringint)

createSocket
public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException, UnknownHostException(Code)
	See Also: SecureProtocolSocketFactory.createSocket(java.net.Socketjava.lang.Stringintboolean)

Methods inherited from java.lang.Object

native protected Object clone() throws CloneNotSupportedException(Code)(Java Doc)
public boolean equals(Object obj)(Code)(Java Doc)
protected void finalize() throws Throwable(Code)(Java Doc)
final native public Class getClass()(Code)(Java Doc)
native public int hashCode()(Code)(Java Doc)
final native public void notify()(Code)(Java Doc)
final native public void notifyAll()(Code)(Java Doc)
public String toString()(Code)(Java Doc)
final native public void wait(long timeout) throws InterruptedException(Code)(Java Doc)
final public void wait(long timeout, int nanos) throws InterruptedException(Code)(Java Doc)
final public void wait() throws InterruptedException(Code)(Java Doc)

www.java2java.com | Contact Us

All other trademarks are property of their respective owners.