|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--java.net.ServerSocket | +--javax.net.ssl.SSLServerSocket
This class extends ServerSocket
s and
provides secure server sockets using protocols such as the Secure
Sockets Layer (SSL) or Transport Layer Security (TLS) protocols.
Instances of this class are generally created using a
SSLServerSocketFactory
. The primary function
of SSLServerSocket
s
is to create SSLSocket
s by accept
ing
connections.
SSLServerSocket
s contain several pieces of state data
which are inherited by the SSLSocket
at
socket creation. These include the enabled cipher
suites and protocols, whether client
authentication is necessary, and whether created sockets should
begin handshaking in client or server mode. The state
inherited by the created SSLSocket
can be
overriden by calling the appropriate methods.
ServerSocket
,
SSLSocket
Constructor Summary | |
protected |
SSLServerSocket()
Used only by subclasses. |
protected |
SSLServerSocket(int port)
Used only by subclasses. |
protected |
SSLServerSocket(int port,
int backlog)
Used only by subclasses. |
protected |
SSLServerSocket(int port,
int backlog,
InetAddress address)
Used only by subclasses. |
Method Summary | |
abstract String[] |
getEnabledCipherSuites()
Returns the list of cipher suites which are currently enabled for use by newly accepted connections. |
abstract String[] |
getEnabledProtocols()
Returns the names of the protocols which are currently enabled for use by the newly accepted connections. |
abstract boolean |
getEnableSessionCreation()
Returns true if new SSL sessions may be established by the sockets which are created from this server socket. |
abstract boolean |
getNeedClientAuth()
Returns true if client authentication is required on newly accepted connections. |
abstract String[] |
getSupportedCipherSuites()
Returns the names of the cipher suites which could be enabled for use on an SSL connection. |
abstract String[] |
getSupportedProtocols()
Returns the names of the protocols which could be enabled for use. |
abstract boolean |
getUseClientMode()
Returns true if accepted connections will be in SSL client mode. |
abstract boolean |
getWantClientAuth()
Returns true if client authentication is requested on newly accepted connections. |
abstract void |
setEnabledCipherSuites(String[] suites)
Controls which particular SSL cipher suites are enabled for use by accepted connections. |
abstract void |
setEnabledProtocols(String[] protocols)
Controls which particular protocols are enabled for use by accepted connections. |
abstract void |
setEnableSessionCreation(boolean flag)
Controls whether new SSL sessions may be established by the sockets which are created from this server socket. |
abstract void |
setNeedClientAuth(boolean flag)
Controls whether the connections which are accepted must include successful client authentication. |
abstract void |
setUseClientMode(boolean flag)
Controls whether accepted connections are in the (default) SSL server mode, or the SSL client mode. |
abstract void |
setWantClientAuth(boolean flag)
Controls whether the connections which are accepted should request client authentication as part of the SSL negotiations. |
Methods inherited from class java.net.ServerSocket |
accept, bind, bind, close, getChannel, getInetAddress, getLocalPort, getLocalSocketAddress, getReceiveBufferSize, getReuseAddress, getSoTimeout, implAccept, isBound, isClosed, setReceiveBufferSize, setReuseAddress, setSocketFactory, setSoTimeout, toString |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait |
Constructor Detail |
protected SSLServerSocket() throws IOException
IOException
- if an I/O error occurs when creating the socketprotected SSLServerSocket(int port) throws IOException
port
- the port on which to listen
IOException
- if an I/O error occurs when creating the socketprotected SSLServerSocket(int port, int backlog) throws IOException
port
- the port on which to listenbacklog
- how many connections may be pending before
the system should start rejecting new requests
IOException
- if an I/O error occurs when creating the socketprotected SSLServerSocket(int port, int backlog, InetAddress address) throws IOException
port
- the port on which to listenbacklog
- how many connections may be pending before
the system should start rejecting new requestsaddress
- the address of the network interface through
which connections will be accepted
IOException
- if an I/O error occurs when creating the socketMethod Detail |
public abstract String[] getEnabledCipherSuites()
There are several reasons why an enabled cipher suite might not actually be used. For example: the server socket might not have appropriate private keys available to it or the cipher suite might be anonymous, precluding the use of client authentication, while the server socket has been told to require that sort of authentication.
getSupportedCipherSuites()
,
setEnabledCipherSuites(String [])
public abstract void setEnabledCipherSuites(String[] suites)
SSLSocket
s returned from accept()
inherit this setting.
suites
- Names of all the cipher suites to enable
IllegalArgumentException
- when one or more of ciphers
named by the parameter is not supported, or when
the parameter is null.getSupportedCipherSuites()
,
getEnabledCipherSuites()
public abstract String[] getSupportedCipherSuites()
getEnabledCipherSuites()
,
setEnabledCipherSuites(String [])
public abstract String[] getSupportedProtocols()
getEnabledProtocols()
,
setEnabledProtocols(String [])
public abstract String[] getEnabledProtocols()
getSupportedProtocols()
,
setEnabledProtocols(String [])
public abstract void setEnabledProtocols(String[] protocols)
SSLSocket
s returned from accept()
inherit this setting.
protocols
- Names of all the protocols to enable.
IllegalArgumentException
- when one or more of
the protocols named by the parameter is not supported or
when the protocols parameter is null.getEnabledProtocols()
,
getSupportedProtocols()
public abstract void setNeedClientAuth(boolean flag)
Unlike setWantClientAuth(boolean)
,
if the client chooses not to provide authentication information
about itself, the negotiations will stop and the connection
will be dropped.
SSLSocket
s returned from accept()
inherit this setting.
flag
- true if the clients must authenticate themselves.
Setting this parameter to true overrides the current
setting of setWantClientAuth(boolean)
.getNeedClientAuth()
,
setWantClientAuth(boolean)
,
getWantClientAuth()
,
setUseClientMode(boolean)
public abstract boolean getNeedClientAuth()
setNeedClientAuth(boolean)
,
setWantClientAuth(boolean)
,
getWantClientAuth()
,
setUseClientMode(boolean)
public abstract void setWantClientAuth(boolean flag)
Unlike setNeedClientAuth(boolean)
,
if the client chooses not to provide
authentication information about itself, the negotiations will
continue.
SSLSocket
s returned from accept()
inherit this setting.
flag
- true if the clients should try to authenticate themselves.
Setting this parameter to true overrides the current
setting of setNeedClientAuth(boolean)
.getWantClientAuth()
,
setNeedClientAuth(boolean)
,
getNeedClientAuth()
,
setUseClientMode(boolean)
public abstract boolean getWantClientAuth()
setWantClientAuth(boolean)
,
setNeedClientAuth(boolean)
,
getNeedClientAuth()
,
setUseClientMode(boolean)
public abstract void setUseClientMode(boolean flag)
In rare cases, TCP servers need to act in the SSL client mode on newly accepted connections. For example, FTP clients acquire server sockets and listen there for reverse connections from the server. An FTP client would use an SSLServerSocket in "client" mode to accept the reverse connection while the FTP server uses an SSLSocket with "client" mode disabled to initiate the connection. During the resulting handshake, existing SSL sessions may be reused.
SSLSocket
s returned from accept()
inherit this setting.
flag
- true if newly accepted connections should use SSL
client mode.getUseClientMode()
public abstract boolean getUseClientMode()
setUseClientMode(boolean)
public abstract void setEnableSessionCreation(boolean flag)
SSLSocket
s returned from accept()
inherit this setting.
flag
- true indicates that sessions may be created; this
is the default. false indicates that an existing session
must be resumed.getEnableSessionCreation()
public abstract boolean getEnableSessionCreation()
setEnableSessionCreation(boolean)
|
JavaTM 2 Platform Std. Ed. v1.4.1 |
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
Copyright 2002 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms.