Package org.faceless.publisher.type

Class SSLURLConnectionProcessor

java.lang.Object
org.faceless.publisher.type.AbstractURLConnectionProcessor
org.faceless.publisher.type.SSLURLConnectionProcessor
All Implemented Interfaces:
URLConnectionProcessor
public class SSLURLConnectionProcessor extends AbstractURLConnectionProcessor

A URLConnectionProcessor which can be used to add SSL client certifcates, to modify the list of trusted certificates, or to modify other parameters of any TLS based network connection.

Multiple SSLURLConnectionProcessors can exist - they will be combined into a single SSLContext.

  • Field Details

    • INSECURE

      public static final SSLURLConnectionProcessor INSECURE
      A shared SSLURLConnectionProcessor which trusts all certificates presented to it. This can be used for testing with self-signed certificates.

    • DEFAULT

      public static final SSLURLConnectionProcessor DEFAULT
      A shared SSLURLConnectionProcessor which uses the default SSL context. This is the only URLConnectionProcesser set by default in ReportFactory.getURLConnectionProcessors()

    • MOZILLACA

      public static final SSLURLConnectionProcessor MOZILLACA
      A shared SSLURLConnectionProcessor which uses the "Mozilla CA Certificates" as its list of trusted certs. This is an alternative to the default set provided by DEFAULT. The list is bundled with BFO Publisher.

  • Constructor Details

    • SSLURLConnectionProcessor

      public SSLURLConnectionProcessor()
      Create a new SSLURLConnectionProcessor which does nothing.

    • SSLURLConnectionProcessor

      public SSLURLConnectionProcessor(KeyStore trust, KeyStore identity, char[] password, Provider provider) throws KeyStoreException, UnrecoverableKeyException
      Create a new SSLURLConnectionProcessor
      Parameters:
      trust - if not null, the KeyStore containing the trusted X509 roots
      identity - if not null, the KeyStore containing X509 client certificates
      password - if identity is not null, the password to access the certificates
      provider - if not null, the provider to use to create the TrustManager and KeyManagers
      Throws:
      KeyStoreException
      UnrecoverableKeyException

    • SSLURLConnectionProcessor

      public SSLURLConnectionProcessor(URL2 trust, URL2 identity, char[] password, ReportFactory reportFactory) throws IOException, KeyStoreException, UnrecoverableKeyException
      Create a new SSLURLConnectionProcessor
      Parameters:
      trust - if not null, the URL of the KeyStore containing the trusted X509 roots
      identity - if not null, the URL of the KeyStore containing X509 client certificates
      password - if identity is not null, the password to access the certificates
      reportFactory - the ReportFactory (required), which wil be used to load the KeyStores.
      Throws:
      IOException
      KeyStoreException
      UnrecoverableKeyException

  • Method Details

    • getHostnameVerifier

      public HostnameVerifier getHostnameVerifier()
      Get the HostnameVerifier, as set by setHostnameVerifier(javax.net.ssl.HostnameVerifier)

    • setHostnameVerifier

      public void setHostnameVerifier(HostnameVerifier hv)
      Set the HostnameVerifier. If multiple SSLURLConnectionProcessor objects are used, their HostnameVerifiers will all be checked in sequence. If all of them are null, the default HostnameVerifier is used.
      Parameters:
      hv - the HostnameVerifier, or null to use the system default.

    • getTrustManagers

      public List<TrustManager> getTrustManagers() throws Exception
      Return the list of TrustManagers to be used to determine whether a SSL connection is trustworthy
      Returns:
      a modifiable list of TrustManager objects
      Throws:
      Exception

    • getKeyManagers

      public List<KeyManager> getKeyManagers() throws Exception
      Return the list of KeyManagers to be searched for identify information (typically an X.509 Client certificate) when opening an SSL connection.
      Returns:
      a modifiable list of KeyManager objects
      Throws:
      Exception

    • getSSLContext

      public SSLContext getSSLContext(SSLContext ctx) throws Exception
      Return the modified or replaced SSLContext to use for any SSL network connections. The SSLContext generated from all the SSLURLConnectionProcessor objects available is passed in - it can be modified by this method (for example, to change the SSLParameters) or completely replaced. The return value if this method will be passed into the next SSLURLConnectionProcessor in the chain, and the return value from the final one is applied to any SSL network connections.
      Returns:
      the SSLContext to use - defaults to "ctx"
      Throws:
      Exception