01: /**
02: * Licensed to the Apache Software Foundation (ASF) under one
03: * or more contributor license agreements. See the NOTICE file
04: * distributed with this work for additional information
05: * regarding copyright ownership. The ASF licenses this file
06: * to you under the Apache License, Version 2.0 (the
07: * "License"); you may not use this file except in compliance
08: * with the License. You may obtain a copy of the License at
09: *
10: * http://www.apache.org/licenses/LICENSE-2.0
11: *
12: * Unless required by applicable law or agreed to in writing,
13: * software distributed under the License is distributed on an
14: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15: * KIND, either express or implied. See the License for the
16: * specific language governing permissions and limitations
17: * under the License.
18: */package org.apache.cxf.security.transport;
19:
20: import java.security.cert.Certificate;
21: import javax.net.ssl.SSLSession;
22:
23: /**
24: * An immutable struct that contains information about a negotiated
25: * TLS Session, including the (potentially negotiated) peer certificates
26: * as well as the currently effective TLS ciper suite.
27: */
28: public class TLSSessionInfo {
29:
30: private final SSLSession sslSession;
31: private final Certificate[] peerCertificates;
32: private final String cipherSuite;
33:
34: /**
35: * This constructor has the effect of calling
36: * TLSSessionInfo(null, suite)
37: */
38: public TLSSessionInfo(final String suite) {
39: this (suite, null, null);
40: }
41:
42: /**
43: * @param suite
44: * The negotiated cipher suite
45: * This parameter may not be null, by contract
46: *
47: * @param session
48: * The JSSE representation of the SSL Session
49: * negotiated with the peer (optionally null, if
50: * it is unavailable)
51: *
52: * @param certs
53: * the peer X.509 certificate chain (optinally null)
54: */
55: public TLSSessionInfo(final String suite, final SSLSession session,
56: final Certificate[] certs) {
57: assert suite != null;
58: cipherSuite = suite;
59: sslSession = session;
60: peerCertificates = certs;
61: }
62:
63: /**
64: * @return the negotiated cipher suite. This attribute is
65: * guaranteed to be non-null.
66: */
67: public final String getChipherSuite() {
68: return cipherSuite;
69: }
70:
71: /**
72: * @return the peer X.509 certificate chain, as negotiated
73: * though the TLS handshake. This attribute may be
74: * null, for example, if the SSL peer has not been
75: * authenticated.
76: */
77: public final Certificate[] getPeerCertificates() {
78: return peerCertificates;
79: }
80:
81: /**
82: * @return the negotiated SSL Session. This attribute may be
83: * null if it is unavailable from the underlying
84: * transport.
85: */
86: public final SSLSession getSSLSession() {
87: return sslSession;
88: }
89: }
|