View Javadoc

1   /*
2    * $Id: SslConnector.java 22503 2011-07-21 14:46:28Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.transport.ssl;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.lifecycle.CreateException;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.TlsDirectKeyStore;
17  import org.mule.api.security.TlsDirectTrustStore;
18  import org.mule.api.security.TlsIndirectKeyStore;
19  import org.mule.api.security.TlsProtocolHandler;
20  import org.mule.api.security.provider.SecurityProviderFactory;
21  import org.mule.api.security.tls.TlsConfiguration;
22  import org.mule.transport.tcp.TcpConnector;
23  import org.mule.transport.tcp.protocols.DirectProtocol;
24  
25  import java.io.IOException;
26  import java.net.ServerSocket;
27  import java.net.URI;
28  import java.security.Provider;
29  
30  import javax.net.ssl.KeyManagerFactory;
31  import javax.net.ssl.SSLServerSocket;
32  import javax.net.ssl.TrustManagerFactory;
33  
34  /**
35   * <code>SslConnector</code> provides a connector for SSL connections.
36   * Note that the *only* function of the code in this package is to configure and
37   * provide SSL enabled sockets.  All other logic is identical to TCP.
38   */
39  public class SslConnector extends TcpConnector
40          implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
41  {
42  
43      public static final String SSL = "ssl";
44      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
45      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
46  
47      // null initial keystore - see below
48      private TlsConfiguration tls = new TlsConfiguration(null);
49  
50      /**
51       * Timeout for establishing the SSL connection with the client.
52       */
53      private long sslHandshakeTimeout = 30000;
54  
55      public SslConnector(MuleContext context)
56      {
57          super(context);
58          setSocketFactory(new SslSocketFactory(tls));
59          setServerSocketFactory(new SslServerSocketFactory(tls));
60          setTcpProtocol(new DirectProtocol());
61          // setting this true causes problems as socket closes before handshake finishes
62          setValidateConnections(false);
63      }
64  
65      @Override
66      protected void doInitialise() throws InitialisationException
67      {
68          super.doInitialise();
69          // the original logic here was slightly different to other uses of the TlsSupport code -
70          // it appeared to be equivalent to switching anon by whether or not a keyStore was defined
71          // (which seems to make sense), so that is used here.
72          try
73          {
74              tls.initialise(null == getKeyStore(), TlsConfiguration.JSSE_NAMESPACE);
75          }
76          catch (CreateException e)
77          {
78              throw new InitialisationException(e, this);
79          }
80      }
81  
82      @Override
83      protected ServerSocket getServerSocket(URI uri) throws IOException
84      {
85          SSLServerSocket serverSocket = (SSLServerSocket) super.getServerSocket(uri);
86          serverSocket.setNeedClientAuth(isRequireClientAuthentication());
87          return serverSocket;
88      }
89  
90      @Override
91      public String getProtocol()
92      {
93          return SSL;
94      }
95  
96      public String getClientKeyStore()
97      {
98          return tls.getClientKeyStore();
99      }
100 
101     public String getClientKeyStorePassword()
102     {
103         return tls.getClientKeyStorePassword();
104     }
105 
106     public String getClientKeyStoreType()
107     {
108         return this.tls.getClientKeyStoreType();
109     }
110 
111     public String getKeyManagerAlgorithm()
112     {
113         return tls.getKeyManagerAlgorithm();
114     }
115 
116     public KeyManagerFactory getKeyManagerFactory()
117     {
118         return tls.getKeyManagerFactory();
119     }
120 
121     public String getKeyPassword()
122     {
123         return tls.getKeyPassword();
124     }
125 
126     public String getKeyStore()
127     {
128         return tls.getKeyStore();
129     }
130 
131     public String getKeyAlias()
132     {
133         return tls.getKeyAlias();
134     }
135 
136     public String getKeyStoreType()
137     {
138         return tls.getKeyStoreType();
139     }
140 
141     public String getProtocolHandler()
142     {
143         return tls.getProtocolHandler();
144     }
145 
146     public Provider getProvider()
147     {
148         return tls.getProvider();
149     }
150 
151     public SecurityProviderFactory getSecurityProviderFactory()
152     {
153         return tls.getSecurityProviderFactory();
154     }
155 
156     public String getSslType()
157     {
158         return tls.getSslType();
159     }
160 
161     public String getKeyStorePassword()
162     {
163         return tls.getKeyStorePassword();
164     }
165 
166     public String getTrustManagerAlgorithm()
167     {
168         return tls.getTrustManagerAlgorithm();
169     }
170 
171     public TrustManagerFactory getTrustManagerFactory()
172     {
173         return tls.getTrustManagerFactory();
174     }
175 
176     public String getTrustStore()
177     {
178         return tls.getTrustStore();
179     }
180 
181     public String getTrustStorePassword()
182     {
183         return tls.getTrustStorePassword();
184     }
185 
186     public String getTrustStoreType()
187     {
188         return tls.getTrustStoreType();
189     }
190 
191     public boolean isExplicitTrustStoreOnly()
192     {
193         return tls.isExplicitTrustStoreOnly();
194     }
195 
196     public boolean isRequireClientAuthentication()
197     {
198         return tls.isRequireClientAuthentication();
199     }
200 
201     public void setClientKeyStore(String clientKeyStore) throws IOException
202     {
203         tls.setClientKeyStore(clientKeyStore);
204     }
205 
206     public void setClientKeyStorePassword(String clientKeyStorePassword)
207     {
208         tls.setClientKeyStorePassword(clientKeyStorePassword);
209     }
210 
211     public void setClientKeyStoreType(String clientKeyStoreType)
212     {
213         this.tls.setClientKeyStoreType(clientKeyStoreType);
214     }
215 
216     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
217     {
218         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
219     }
220 
221     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
222     {
223         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
224     }
225 
226     public void setKeyPassword(String keyPassword)
227     {
228         tls.setKeyPassword(keyPassword);
229     }
230 
231     public void setKeyStore(String keyStore) throws IOException
232     {
233         tls.setKeyStore(keyStore);
234     }
235 
236     public void setKeyAlias(String alias)
237     {
238         tls.setKeyAlias(alias);
239     }
240 
241     public void setKeyStoreType(String keystoreType)
242     {
243         tls.setKeyStoreType(keystoreType);
244     }
245 
246     public void setProtocolHandler(String protocolHandler)
247     {
248         tls.setProtocolHandler(protocolHandler);
249     }
250 
251     public void setProvider(Provider provider)
252     {
253         tls.setProvider(provider);
254     }
255 
256     public void setRequireClientAuthentication(boolean requireClientAuthentication)
257     {
258         tls.setRequireClientAuthentication(requireClientAuthentication);
259     }
260 
261     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
262     {
263         tls.setSecurityProviderFactory(spFactory);
264     }
265 
266     public void setSslType(String sslType)
267     {
268         tls.setSslType(sslType);
269     }
270 
271     public void setKeyStorePassword(String storePassword)
272     {
273         tls.setKeyStorePassword(storePassword);
274     }
275 
276     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
277     {
278         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
279     }
280 
281     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
282     {
283         tls.setTrustManagerFactory(trustManagerFactory);
284     }
285 
286     public void setTrustStore(String trustStore) throws IOException
287     {
288         tls.setTrustStore(trustStore);
289     }
290 
291     public void setTrustStorePassword(String trustStorePassword)
292     {
293         tls.setTrustStorePassword(trustStorePassword);
294     }
295 
296     public void setTrustStoreType(String trustStoreType)
297     {
298         tls.setTrustStoreType(trustStoreType);
299     }
300 
301     public long getSslHandshakeTimeout()
302     {
303         return sslHandshakeTimeout;
304     }
305 
306     public void setSslHandshakeTimeout(long sslHandshakeTimeout)
307     {
308         this.sslHandshakeTimeout = sslHandshakeTimeout;
309     }
310 
311 }