本文整理汇总了Java中org.apache.mina.filter.SSLFilter.setUseClientMode方法的典型用法代码示例。如果您正苦于以下问题:Java SSLFilter.setUseClientMode方法的具体用法?Java SSLFilter.setUseClientMode怎么用?Java SSLFilter.setUseClientMode使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.mina.filter.SSLFilter
的用法示例。
在下文中一共展示了SSLFilter.setUseClientMode方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: connectFederationTLS
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
/**
* Create a connection to federation listener.
*/
private static IoSession connectFederationTLS (Router router,
EwafURI uri,
IoHandler listener)
throws Exception
{
SocketConnector connector = new SocketConnector (1, router.executor ());
SocketConnectorConfig connectorConfig = new SocketConnectorConfig ();
connector.setWorkerTimeout (0);
connectorConfig.setThreadModel (ThreadModel.MANUAL);
connectorConfig.setConnectTimeout (20);
SSLFilter filter = new SSLFilter (defaultSSLContext ());
filter.setUseClientMode (true);
connectorConfig.getFilterChain ().addFirst ("ssl", filter);
connectorConfig.getFilterChain ().addLast
("codec", FederationFrameCodec.FILTER);
ConnectFuture future =
connector.connect (new InetSocketAddress (uri.host, uri.port),
listener, connectorConfig);
future.join ();
return future.getSession ();
}
示例2: createTLSConfig
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
private static SocketConnectorConfig createTLSConfig ()
throws Exception
{
SocketConnectorConfig connectorConfig = createStandardConfig ();
SSLContext sslContext = SSLContext.getInstance ("TLS");
sslContext.init (null, new TrustManager [] {ACCEPT_ALL_MANAGER}, null);
SSLFilter sslFilter = new SSLFilter (sslContext);
sslFilter.setUseClientMode (true);
connectorConfig.getFilterChain ().addFirst ("ssl", sslFilter);
return connectorConfig;
}
示例3: startTLS
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
public void startTLS(boolean clientMode, String remoteServer, ClientAuth authentication) throws Exception {
boolean c2s = (remoteServer == null);
KeyStore ksKeys = SSLConfig.getKeyStore();
String keypass = SSLConfig.getKeyPassword();
KeyStore ksTrust = (c2s ? SSLConfig.getc2sTrustStore() : SSLConfig.gets2sTrustStore() );
String trustpass = (c2s ? SSLConfig.getc2sTrustPassword() : SSLConfig.gets2sTrustPassword() );
if (c2s) Log.debug("NIOConnection: startTLS: using c2s");
else Log.debug("NIOConnection: startTLS: using s2s");
// KeyManager's decide which key material to use.
KeyManager[] km = SSLJiveKeyManagerFactory.getKeyManagers(ksKeys, keypass);
// TrustManager's decide whether to allow connections.
TrustManager[] tm = SSLJiveTrustManagerFactory.getTrustManagers(ksTrust, trustpass);
if (clientMode || authentication == ClientAuth.needed || authentication == ClientAuth.wanted) {
// We might need to verify a certificate from our peer, so get different TrustManager[]'s
if(c2s) {
// Check if we can trust certificates presented by the client
tm = new TrustManager[]{new ClientTrustManager(ksTrust)};
} else {
// Check if we can trust certificates presented by the server
tm = new TrustManager[]{new ServerTrustManager(remoteServer, ksTrust, this)};
}
}
SSLContext tlsContext = SSLContext.getInstance("TLS");
tlsContext.init(km, tm, null);
SSLFilter filter = new SSLFilter(tlsContext);
filter.setUseClientMode(clientMode);
if (authentication == ClientAuth.needed) {
filter.setNeedClientAuth(true);
}
else if (authentication == ClientAuth.wanted) {
// Just indicate that we would like to authenticate the client but if client
// certificates are self-signed or have no certificate chain then we are still
// good
filter.setWantClientAuth(true);
}
// TODO Temporary workaround (placing SSLFilter before ExecutorFilter) to avoid deadlock. Waiting for
// MINA devs feedback
ioSession.getFilterChain().addBefore("org.apache.mina.common.ExecutorThreadModel", "tls", filter);
//ioSession.getFilterChain().addAfter("org.apache.mina.common.ExecutorThreadModel", "tls", filter);
ioSession.setAttribute(SSLFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
if (!clientMode) {
// Indicate the client that the server is ready to negotiate TLS
deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
}
}
示例4: connect
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
public NetworkConnection connect(Receiver<java.nio.ByteBuffer> receiver, ConnectionSettings settings, SSLContextFactory sslFactory)
{
final IoConnector ioConnector = _ioConnectorFactory.newConnector();
final SocketAddress address;
final String protocol = settings.getProtocol();
final int port = settings.getPort();
if (Transport.TCP.equalsIgnoreCase(protocol))
{
address = new InetSocketAddress(settings.getHost(), port);
}
else
{
throw new TransportException("Unknown transport: " + protocol);
}
LOGGER.debug("Attempting connection to " + address);
if (ioConnector instanceof SocketConnector)
{
SocketConnectorConfig cfg = (SocketConnectorConfig) ioConnector.getDefaultConfig();
cfg.setThreadModel(ExecutorThreadModel.getInstance("MinaNetworkTransport(Client)"));
SocketSessionConfig scfg = (SocketSessionConfig) cfg.getSessionConfig();
scfg.setTcpNoDelay(true);
scfg.setSendBufferSize(CLIENT_DEFAULT_BUFFER_SIZE);
scfg.setReceiveBufferSize(CLIENT_DEFAULT_BUFFER_SIZE);
// Don't have the connector's worker thread wait around for other
// connections (we only use one SocketConnector per connection
// at the moment anyway). This allows short-running
// clients (like unit tests) to complete quickly.
((SocketConnector) ioConnector).setWorkerTimeout(0);
}
if (settings.isUseSSL()){
try {
SSLContext sslContext = SSLUtil.createSSLContext(settings);
SSLFilter sslFilter = new SSLFilter(sslContext);
sslFilter.setUseClientMode(true);
ioConnector.getFilterChain().addFirst("sslFilter", sslFilter);
} catch (Exception e) {
Exception ex = new Exception("An exception occurred in creating SSLContext: ", e);
ex.printStackTrace();
}
}
ConnectFuture future = ioConnector.connect(address, new MinaNetworkHandler(null), ioConnector.getDefaultConfig());
future.join();
if (!future.isConnected())
{
throw new TransportException("Could not open connection");
}
IoSession session = future.getSession();
session.setAttachment(receiver);
return new MinaNetworkConnection(session);
}
示例5: startTLS
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
public void startTLS(boolean clientMode, String remoteServer) throws Exception {
KeyStore ksKeys = SSLConfig.getKeyStore();
String keypass = SSLConfig.getKeyPassword();
KeyStore ksTrust = SSLConfig.getTrustStore();
String trustpass = SSLConfig.getTrustPassword();
// KeyManager's decide which key material to use.
KeyManager[] km = SSLJiveKeyManagerFactory.getKeyManagers(ksKeys, keypass);
// TrustManager's decide whether to allow connections.
TrustManager[] tm = SSLJiveTrustManagerFactory.getTrustManagers(ksTrust, trustpass);
// TODO Set proper value when s2s is supported
boolean needClientAuth = false;
if (clientMode || needClientAuth) {
// Check if we can trust certificates presented by the server
tm = new TrustManager[]{new ServerTrustManager(remoteServer, ksTrust)};
}
String algorithm = JiveGlobals.getXMLProperty("xmpp.socket.ssl.algorithm", "TLS");
SSLContext tlsContext = SSLContext.getInstance(algorithm);
tlsContext.init(km, tm, null);
SSLFilter filter = new SSLFilter(tlsContext);
filter.setUseClientMode(clientMode);
if (needClientAuth) {
// Only REQUIRE client authentication if we are fully verifying certificates
if (JiveGlobals.getBooleanProperty("xmpp.server.certificate.verify", true) &&
JiveGlobals.getBooleanProperty("xmpp.server.certificate.verify.chain", true) &&
!JiveGlobals
.getBooleanProperty("xmpp.server.certificate.accept-selfsigned", false))
{
filter.setNeedClientAuth(true);
}
else {
// Just indicate that we would like to authenticate the client but if client
// certificates are self-signed or have no certificate chain then we are still
// good
filter.setWantClientAuth(true);
}
}
ioSession.getFilterChain().addAfter("org.apache.mina.common.ExecutorThreadModel", "tls", filter);
ioSession.setAttribute(SSLFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
if (!clientMode) {
// Indicate the client that the server is ready to negotiate TLS
deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
}
}
示例6: startTLS
import org.apache.mina.filter.SSLFilter; //导入方法依赖的package包/类
public void startTLS(boolean clientMode, String remoteServer, ClientAuth authentication) throws Exception {
boolean c2s = (remoteServer == null);
KeyStore ksKeys = SSLConfig.getKeyStore();
String keypass = SSLConfig.getKeyPassword();
KeyStore ksTrust = (c2s ? SSLConfig.getc2sTrustStore() : SSLConfig.gets2sTrustStore() );
String trustpass = (c2s ? SSLConfig.getc2sTrustPassword() : SSLConfig.gets2sTrustPassword() );
if (c2s) Log.debug("NIOConnection: startTLS: using c2s");
else Log.debug("NIOConnection: startTLS: using s2s");
// KeyManager's decide which key material to use.
KeyManager[] km = SSLJiveKeyManagerFactory.getKeyManagers(ksKeys, keypass);
// TrustManager's decide whether to allow connections.
TrustManager[] tm = SSLJiveTrustManagerFactory.getTrustManagers(ksTrust, trustpass);
if (clientMode || authentication == ClientAuth.needed || authentication == ClientAuth.wanted) {
// We might need to verify a certificate from our peer, so get different TrustManager[]'s
if(c2s) {
// Check if we can trust certificates presented by the client
tm = new TrustManager[]{new ClientTrustManager(ksTrust)};
} else {
// Check if we can trust certificates presented by the server
tm = new TrustManager[]{new ServerTrustManager(remoteServer, ksTrust, this)};
}
}
String algorithm = JiveGlobals.getProperty("xmpp.socket.ssl.algorithm", "TLS");
SSLContext tlsContext = SSLContext.getInstance(algorithm);
tlsContext.init(km, tm, null);
SSLFilter filter = new SSLFilter(tlsContext);
filter.setUseClientMode(clientMode);
if (authentication == ClientAuth.needed) {
filter.setNeedClientAuth(true);
}
else if (authentication == ClientAuth.wanted) {
// Just indicate that we would like to authenticate the client but if client
// certificates are self-signed or have no certificate chain then we are still
// good
filter.setWantClientAuth(true);
}
// TODO Temporary workaround (placing SSLFilter before ExecutorFilter) to avoid deadlock. Waiting for
// MINA devs feedback
ioSession.getFilterChain().addBefore("org.apache.mina.common.ExecutorThreadModel", "tls", filter);
//ioSession.getFilterChain().addAfter("org.apache.mina.common.ExecutorThreadModel", "tls", filter);
ioSession.setAttribute(SSLFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
if (!clientMode) {
// Indicate the client that the server is ready to negotiate TLS
deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
}
}