net.jini.jeri.ssl

Class SslServerEndpointImpl.SslServerConnection

java.lang.Object

net.jini.jeri.ssl.Utilities

net.jini.jeri.ssl.SslServerEndpointImpl.SslServerConnection

All Implemented Interfaces:

ServerConnection

Direct Known Subclasses:

HttpsServerEndpoint.HttpsServerEndpointImpl.HttpsServerConnection

Enclosing class:

SslServerEndpointImpl

class SslServerEndpointImpl.SslServerConnection
extends Utilities
implements ServerConnection

Implements ServerConnection

Nested Class Summary

Nested classes/interfaces inherited from class net.jini.jeri.ssl.Utilities

Utilities.SSLContextInfo

Field Summary

Fields

Modifier and Type	Field and Description
private AuthenticationPermission	authPermission The authentication permission required for this connection, or null if the server is anonymous -- depends on session being set.
private String	cipherSuite The cipher suite -- depends on session being set.
private X500Principal	clientPrincipal The client principal -- depends on session being set.
private Subject	clientSubject The client subject -- depends on session being set.
(package private) boolean	closed True if the connection has been closed.
private SslServerEndpointImpl.SslListenHandle	listenHandle The listen handle that accepted this connection
private InboundRequestHandle	requestHandle The inbound request handle for this connection.
private X500Principal	serverPrincipal The server principal -- depends on session being set.
private SSLSession	session The session for this connection's socket, or null if not retrieved yet.
(package private) SSLSocket	sslSocket The JSSE socket used for communication

Fields inherited from class net.jini.jeri.ssl.Utilities

ANY_KEY_ALGORITHM, clientLogger, DSA_KEY_ALGORITHM, getSubjectPermission, initLogger, INTEGRITY_PREFERRED, INTEGRITY_REQUIRED, RSA_KEY_ALGORITHM, serverLogger, UNKNOWN_PRINCIPAL

Constructor Summary

Constructors

Constructor and Description
SslServerConnection(SslServerEndpointImpl.SslListenHandle listenHandle, Socket socket) Creates a server connection

Method Summary

Modifier and Type	Method and Description
private void	check(InboundRequestHandle requestHandle) Checks that the argument is the request handle for this connection.
InvocationConstraints	checkConstraints(InboundRequestHandle requestHandle, InvocationConstraints constraints) Implements InboundRequest.checkConstraints for a request with the specified handle.
void	checkPermissions(InboundRequestHandle requestHandle) Implements InboundRequest.checkPermissions for a request with the specified handle.
void	close() Closes this connection.
(package private) void	closeInternal(boolean removeFromListener) Like close, but does not call noteConnectionClosed unless removeFromListener is true.
private void	decacheSession() Make sure the cached session is up to date, and set session-related fields if needed.
SocketChannel	getChannel() Returns a socket channel that performs I/O on this connection, or null if no socket channel is available.
private Subject	getClientSubject(SSLSocket socket) Returns the read-only Subject associated with the client host connected to the other end of the connection on the specified SSLSocket.
InputStream	getInputStream() Returns an input stream that reads data from this connection.
OutputStream	getOutputStream() Returns an output stream that writes data to this connection.
void	populateContext(InboundRequestHandle requestHandle, Collection context) Populates the supplied collection with context information representing a request with the specified handle.
InboundRequestHandle	processRequestData(InputStream in, OutputStream out) Reads from the specified input stream any per-request data required by this connection for an inbound request, writes any required response data to the specified output stream, and returns a handle for the request.
String	toString()

Methods inherited from class net.jini.jeri.ssl.Utilities

checkValidity, contains, doesEncryption, doesServerAuthentication, equals, firstX509Cert, getCertFactory, getCipherAlgorithm, getClassName, getClientPrincipals, getClientPrincipals, getClientSSLContextInfo, getKeyAlgorithm, getKeyExchangeAlgorithm, getPermittedKeyAlgorithms, getServerPrincipals, getServerSSLContextInfo, getSupportedCipherSuites, hasStrongCipherAlgorithm, logThrow, maintainsIntegrity, permittedKeyAlgorithm, position, releaseClientSSLContextInfo, safeEquals, subjectString, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

listenHandle

private final SslServerEndpointImpl.SslListenHandle listenHandle

The listen handle that accepted this connection

sslSocket

final SSLSocket sslSocket

The JSSE socket used for communication

requestHandle

private final InboundRequestHandle requestHandle

The inbound request handle for this connection.

session

private final SSLSession session

The session for this connection's socket, or null if not retrieved yet. Check that the current session matches to prevent new handshakes.

clientSubject

private final Subject clientSubject

The client subject -- depends on session being set. This instance is read-only.

clientPrincipal

private final X500Principal clientPrincipal

The client principal -- depends on session being set.

serverPrincipal

private final X500Principal serverPrincipal

The server principal -- depends on session being set.

authPermission

private final AuthenticationPermission authPermission

The authentication permission required for this connection, or null if the server is anonymous -- depends on session being set.

cipherSuite

private final String cipherSuite

The cipher suite -- depends on session being set.

closed

volatile boolean closed

True if the connection has been closed.

Constructor Detail

SslServerConnection

SslServerConnection(SslServerEndpointImpl.SslListenHandle listenHandle,
                    Socket socket)
             throws IOException

Creates a server connection

Throws:

IOException

Method Detail

toString

public String toString()

Overrides:

toString in class Object

getInputStream

public InputStream getInputStream()
                           throws IOException

Description copied from interface: ServerConnection

Returns an input stream that reads data from this connection.

Specified by:

getInputStream in interface ServerConnection

Returns:

an input stream that reads data from this connection

Throws:

IOException - if an I/O exception occurs

getOutputStream

public OutputStream getOutputStream()
                             throws IOException

Description copied from interface: ServerConnection

Returns an output stream that writes data to this connection.

Specified by:

getOutputStream in interface ServerConnection

Returns:

an output stream that writes data to this connection

Throws:

IOException - if an I/O exception occurs

getChannel

public SocketChannel getChannel()

Description copied from interface: ServerConnection

Returns a socket channel that performs I/O on this connection, or null if no socket channel is available. If a non-null socket channel is returned, it is connected.

Specified by:

getChannel in interface ServerConnection

Returns:

a socket channel that performs I/O on this connection, or null

processRequestData

public InboundRequestHandle processRequestData(InputStream in,
                                               OutputStream out)

Description copied from interface: ServerConnection

Reads from the specified input stream any per-request data required by this connection for an inbound request, writes any required response data to the specified output stream, and returns a handle for the request.

This method is invoked by ServerConnectionManager with the request input stream and the response output stream of the InboundRequest that it creates for the request when the request is first received. This method reads information that was sent by Connection.writeRequestData and writes information to be read by Connection.readResponseData. This method can be used, for example, to process per-request information about delegation, client authentication, or client privileges.

If, for security reasons, this method determines that the request must not be processed further (for example, because client authentication failed), this method should close the response output stream and throw a SecurityException after writing any response data.

There may be multiple requests in progress concurrently over this connection, and data read from and written to the specified streams may be buffered and multiplexed with data from other requests on this connection's underlying streams. Therefore, this method should only read data from the request input stream and write data to the response output stream and must not otherwise read from or write to this connection's underlying streams.

Specified by:

processRequestData in interface ServerConnection

Parameters:

in - the request input stream of the request

out - the response output stream of the request

Returns:

a handle to identify the request in later invocations on this connection

decacheSession

private void decacheSession()

Make sure the cached session is up to date, and set session-related fields if needed.

getClientSubject

private Subject getClientSubject(SSLSocket socket)

Returns the read-only Subject associated with the client host connected to the other end of the connection on the specified SSLSocket. Returns null if the client is anonymous.

checkPermissions

public void checkPermissions(InboundRequestHandle requestHandle)

Description copied from interface: ServerConnection

Implements InboundRequest.checkPermissions for a request with the specified handle.

Specified by:

checkPermissions in interface ServerConnection

Parameters:

requestHandle - the handle for the request

check

private void check(InboundRequestHandle requestHandle)

Checks that the argument is the request handle for this connection.

checkConstraints

public InvocationConstraints checkConstraints(InboundRequestHandle requestHandle,
                                              InvocationConstraints constraints)
                                       throws UnsupportedConstraintException

Description copied from interface: ServerConnection

Implements InboundRequest.checkConstraints for a request with the specified handle.

Specified by:

checkConstraints in interface ServerConnection

Parameters:

requestHandle - the handle for the request

constraints - the constraints that must be satisfied

Returns:

the constraints that must be at least partially implemented by higher layers

Throws:

UnsupportedConstraintException - if the transport layer aspects of any of the specified requirements are not satisfied by this request

populateContext

public void populateContext(InboundRequestHandle requestHandle,
                            Collection context)

Description copied from interface: ServerConnection

Populates the supplied collection with context information representing a request with the specified handle. This method is used to implement InboundRequest.populateContext for such requests; the context may also be populated by the connection manager.

Specified by:

populateContext in interface ServerConnection

Parameters:

requestHandle - the handle for the request

context - the context collection to populate

close

public void close()
           throws IOException

Description copied from interface: ServerConnection

Closes this connection.

Specified by:

close in interface ServerConnection

Throws:

IOException - if an I/O exception occurs

closeInternal

void closeInternal(boolean removeFromListener)
            throws IOException

Like close, but does not call noteConnectionClosed unless removeFromListener is true.

Throws:

IOException