org.apache.cxf.transport.https
Class SSLUtils
java.lang.Object
org.apache.cxf.transport.https.SSLUtils
public final class SSLUtils
- extends Object
Holder for utility methods related to manipulating SSL settings, common
to the connection and listener factories (previously duplicated).
Method Summary |
static String[] |
getCiphersuites(List<String> cipherSuitesList,
String[] supportedCipherSuites,
FiltersType filters,
Logger log,
boolean exclude)
|
static String |
getKeyPassword(String keyPassword,
Logger log)
|
static String |
getKeystore(String keyStoreLocation,
Logger log)
|
static String |
getKeystoreAlgorithm(String keyStoreMgrFactoryAlgorithm,
Logger log)
|
static KeyManager[] |
getKeyStoreManagers(String keyStoreLocation,
String keyStoreType,
String keyStorePassword,
String keyPassword,
String keyStoreMgrFactoryAlgorithm,
String secureSocketProtocol,
Logger log)
|
static String |
getKeystorePassword(String keyStorePassword,
Logger log)
|
static String |
getKeystoreProvider(String keyStoreProvider,
Logger log)
|
static String |
getKeystoreType(String keyStoreType,
Logger log)
|
static String |
getKeystoreType(String keyStoreType,
Logger log,
String def)
|
static boolean |
getRequireClientAuthentication(boolean isSetRequireClientAuthentication,
Boolean isRequireClientAuthentication,
Logger log)
|
static String |
getSecureSocketProtocol(String secureSocketProtocol,
Logger log)
|
static String[] |
getServerSupportedCipherSuites(SSLContext context)
|
static SSLContext |
getSSLContext(String protocol,
KeyManager[] keyStoreManagers,
TrustManager[] trustStoreManagers)
|
static String[] |
getSupportedCipherSuites(SSLContext context)
|
static String |
getTrustStore(String trustStoreLocation,
Logger log)
|
static String |
getTrustStoreAlgorithm(String trustStoreMgrFactoryAlgorithm,
Logger log)
|
static TrustManager[] |
getTrustStoreManagers(boolean pkcs12,
String trustStoreType,
String trustStoreLocation,
String trustStoreMgrFactoryAlgorithm,
Logger log)
|
static String |
getTrustStoreType(String trustStoreType,
Logger log)
|
static boolean |
getWantClientAuthentication(boolean isSetWantClientAuthentication,
Boolean isWantClientAuthentication,
Logger log)
|
protected static byte[] |
loadCACert(String fileName)
|
protected static byte[] |
loadClientCredential(String fileName)
|
static KeyManager[] |
loadKeyStore(KeyManagerFactory kmf,
KeyStore ks,
ByteArrayInputStream bin,
String keyStoreLocation,
String keyStorePassword,
Logger log)
|
static void |
logUnSupportedPolicies(Object policy,
boolean client,
String[] unsupported,
Logger log)
|
static void |
propogateSecureSession(javax.servlet.http.HttpServletRequest request,
Message message)
Propogate in the message a TLSSessionInfo instance representative
of the TLS-specific information in the HTTP request. |
static boolean |
testAllDataHasSetupMethod(Object policy,
String[] unsupported,
String[] derivative)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
getKeyStoreManagers
public static KeyManager[] getKeyStoreManagers(String keyStoreLocation,
String keyStoreType,
String keyStorePassword,
String keyPassword,
String keyStoreMgrFactoryAlgorithm,
String secureSocketProtocol,
Logger log)
throws Exception
- Throws:
Exception
loadKeyStore
public static KeyManager[] loadKeyStore(KeyManagerFactory kmf,
KeyStore ks,
ByteArrayInputStream bin,
String keyStoreLocation,
String keyStorePassword,
Logger log)
getTrustStoreManagers
public static TrustManager[] getTrustStoreManagers(boolean pkcs12,
String trustStoreType,
String trustStoreLocation,
String trustStoreMgrFactoryAlgorithm,
Logger log)
throws Exception
- Throws:
Exception
loadClientCredential
protected static byte[] loadClientCredential(String fileName)
throws IOException
- Throws:
IOException
loadCACert
protected static byte[] loadCACert(String fileName)
throws IOException
- Throws:
IOException
getKeystore
public static String getKeystore(String keyStoreLocation,
Logger log)
getKeystoreType
public static String getKeystoreType(String keyStoreType,
Logger log)
getKeystoreType
public static String getKeystoreType(String keyStoreType,
Logger log,
String def)
getKeystoreProvider
public static String getKeystoreProvider(String keyStoreProvider,
Logger log)
getKeystorePassword
public static String getKeystorePassword(String keyStorePassword,
Logger log)
getKeyPassword
public static String getKeyPassword(String keyPassword,
Logger log)
getKeystoreAlgorithm
public static String getKeystoreAlgorithm(String keyStoreMgrFactoryAlgorithm,
Logger log)
getTrustStoreAlgorithm
public static String getTrustStoreAlgorithm(String trustStoreMgrFactoryAlgorithm,
Logger log)
getSSLContext
public static SSLContext getSSLContext(String protocol,
KeyManager[] keyStoreManagers,
TrustManager[] trustStoreManagers)
throws NoSuchAlgorithmException,
KeyManagementException
- Throws:
NoSuchAlgorithmException
KeyManagementException
getSupportedCipherSuites
public static String[] getSupportedCipherSuites(SSLContext context)
getServerSupportedCipherSuites
public static String[] getServerSupportedCipherSuites(SSLContext context)
getCiphersuites
public static String[] getCiphersuites(List<String> cipherSuitesList,
String[] supportedCipherSuites,
FiltersType filters,
Logger log,
boolean exclude)
getTrustStore
public static String getTrustStore(String trustStoreLocation,
Logger log)
getTrustStoreType
public static String getTrustStoreType(String trustStoreType,
Logger log)
getSecureSocketProtocol
public static String getSecureSocketProtocol(String secureSocketProtocol,
Logger log)
getRequireClientAuthentication
public static boolean getRequireClientAuthentication(boolean isSetRequireClientAuthentication,
Boolean isRequireClientAuthentication,
Logger log)
getWantClientAuthentication
public static boolean getWantClientAuthentication(boolean isSetWantClientAuthentication,
Boolean isWantClientAuthentication,
Logger log)
propogateSecureSession
public static void propogateSecureSession(javax.servlet.http.HttpServletRequest request,
Message message)
- Propogate in the message a TLSSessionInfo instance representative
of the TLS-specific information in the HTTP request.
- Parameters:
req
- the Jetty requestmessage
- the Message
logUnSupportedPolicies
public static void logUnSupportedPolicies(Object policy,
boolean client,
String[] unsupported,
Logger log)
testAllDataHasSetupMethod
public static boolean testAllDataHasSetupMethod(Object policy,
String[] unsupported,
String[] derivative)
Apache CXF