public boolean getNeedClientAuth() { return delegate.getNeedClientAuth(); }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
log.debug("SSL context params - need client auth: {} want client auth: {} endpoint id algorithm: {}", params.getNeedClientAuth(), params.getWantClientAuth(), params.getEndpointIdentificationAlgorithm()); String[] supportedProtocols = params.getProtocols(); for (String protocol : supportedProtocols) {
public boolean getNeedClientAuth() { return delegate.getNeedClientAuth(); }
public boolean getNeedClientAuth() { return delegate.getNeedClientAuth(); }
public boolean getNeedClientAuth() { return delegate.getNeedClientAuth(); }
public void configure(SSLParameters sslParameters) { // nothing to do here assert !sslParameters.getWantClientAuth(); assert !sslParameters.getNeedClientAuth(); } },
/** * Configure the SSL environment parameters for a JMX connector server or client. * @param env the environment in which to add the SSL/TLS properties. * @throws Exception if any error occurs. */ public void configureJMXMPProperties(final Map<String, Object> env) throws Exception { final Map<String, Object> newProps = new LinkedHashMap<>(); final SSLContext sslContext = getSSLContext("jppf.ssl.client", "jppf.ssl"); final SSLSocketFactory factory = sslContext.getSocketFactory(); newProps.put("jmx.remote.profiles", "TLS"); newProps.put("jmx.remote.tls.socket.factory", factory); final SSLParameters params = getSSLParameters(); newProps.put("jmx.remote.tls.enabled.protocols", StringUtils.arrayToString(" ", null, null, params.getProtocols())); newProps.put("jmx.remote.tls.enabled.cipher.suites", StringUtils.arrayToString(" ", null, null, params.getCipherSuites())); newProps.put("jmx.remote.tls.need.client.authentication", "" + params.getNeedClientAuth()); newProps.put("jmx.remote.tls.want.client.authentication", "" + params.getWantClientAuth()); env.putAll(newProps); if (debugEnabled) log.debug("JMX SSL connection properties: {}", newProps); }
/** * Configure the SSL environment parameters for a JMX connector server or client. * @param env the environment in which to add the SSL/TLS properties. * @throws Exception if any error occurs. */ public static void configureJMXProperties(final Map<String, Object> env) throws Exception { SSLContext sslContext = SSLHelper.getSSLContext(); SSLSocketFactory factory = sslContext.getSocketFactory(); env.put("jmx.remote.profiles", "TLS"); env.put("jmx.remote.tls.socket.factory", factory); SSLParameters params = SSLHelper.getSSLParameters(); env.put("jmx.remote.tls.enabled.protocols", StringUtils.arrayToString(" ", null, null, params.getProtocols())); env.put("jmx.remote.tls.enabled.cipher.suites", StringUtils.arrayToString(" ", null, null, params.getCipherSuites())); env.put("jmx.remote.tls.need.client.authentication", "" + params.getNeedClientAuth()); env.put("jmx.remote.tls.want.client.authentication", "" + params.getWantClientAuth()); }
/** * Print the specified SSL parameters into a string. * @param params the parameters to print. * @return a formatted string describing the SSL parameters. */ public static String dumpSSLParameters(final SSLParameters params) { return String.format("protocols=%s, needCLientAuth=%b, wantClientAuth=%b, cipher suites=%s", StringUtils.arrayToString(params.getProtocols()), params.getNeedClientAuth(), params.getWantClientAuth(), StringUtils.arrayToString(params.getCipherSuites())); }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLEngine's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLEngine, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Get SSL parameters from the configuration. * @return a {@link SSLParameters} instance. * @throws Exception if any error occurs. */ public static SSLParameters getSSLParameters() throws Exception { if (sslConfig == null) loadSSLProperties(); SSLParameters params = new SSLParameters(); String s = sslConfig.getString("jppf.ssl.cipher.suites"); String[] tokens = (s == null) ? null : s.trim().split("\\s"); params.setCipherSuites(tokens); s = sslConfig.getString("jppf.ssl.protocols"); tokens = (s == null) ? null : s.trim().split("\\s"); params.setProtocols(tokens); s = sslConfig.getString("jppf.ssl.client.auth", "none").toLowerCase(); params.setWantClientAuth("want".equals(s)); params.setNeedClientAuth("need".equals(s)); if (debugEnabled) log.debug("SSL parameters : cipher suites=" + StringUtils.arrayToString(params.getCipherSuites()) + ", protocols=" + StringUtils.arrayToString(params.getProtocols()) + ", needCLientAuth=" + params.getNeedClientAuth() + ", wantClientAuth=" + params.getWantClientAuth()); return params; }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }
/** * Sets various SSL handshake parameters based on the SSLParameter * argument. Specifically, sets the SSLSocket's enabled cipher * suites if the parameter's cipher suites are non-null. Similarly * sets the enabled protocols. If the parameters specify the want * or need for client authentication, those requirements are set * on the SSLSocket, otherwise both are set to false. * @since 1.6 */ public void setSSLParameters(SSLParameters p) { String[] cipherSuites = p.getCipherSuites(); if (cipherSuites != null) { setEnabledCipherSuites(cipherSuites); } String[] protocols = p.getProtocols(); if (protocols != null) { setEnabledProtocols(protocols); } if (p.getNeedClientAuth()) { setNeedClientAuth(true); } else if (p.getWantClientAuth()) { setWantClientAuth(true); } else { setWantClientAuth(false); } } }