001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 package org.apache.camel.util.jsse; 018 019 import java.security.GeneralSecurityException; 020 import java.util.Collections; 021 import java.util.List; 022 023 import javax.net.ssl.SSLContext; 024 import javax.net.ssl.SSLEngine; 025 import javax.net.ssl.SSLServerSocketFactory; 026 027 import org.slf4j.Logger; 028 import org.slf4j.LoggerFactory; 029 030 /** 031 * Configuration model for client side JSSE options. 032 */ 033 public class SSLContextClientParameters extends BaseSSLContextParameters { 034 035 private static final Logger LOG = LoggerFactory.getLogger(SSLContextClientParameters.class); 036 037 @Override 038 protected boolean getAllowPassthrough() { 039 return true; 040 } 041 042 @Override 043 protected void configureSSLContext(SSLContext context) throws GeneralSecurityException { 044 LOG.trace("Configuring client-side SSLContext parameters on SSLContext [{}]...", context); 045 if (this.getSessionTimeout() != null) { 046 LOG.info("Configuring client-side SSLContext session timeout on SSLContext [{}] to [{}].", context, this.getSessionTimeout()); 047 this.configureSessionContext(context.getClientSessionContext(), this.getSessionTimeout()); 048 } 049 LOG.trace("Configured client-side SSLContext parameters on SSLContext [{}].", context); 050 } 051 052 /** 053 * {@inheritDoc} 054 * <p/> 055 * This implementation returns the empty list as the enabled cipher suites 056 * and protocols are not client and server side specific in an 057 * {@code SSLEngine}. Consequently, overriding them here would be a bit odd 058 * as the client side specific configuration shouldn't really override a 059 * shared client/server configuration option. 060 */ 061 @Override 062 protected List<Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext context) { 063 // NOTE: if the super class gets additional shared configuration options beyond 064 // cipher suites and protocols, this method needs to address that. 065 return Collections.emptyList(); 066 } 067 068 /** 069 * This class has no bearing on {@code SSLServerSocketFactory} instances and therefore provides no 070 * configurers for that purpose. 071 */ 072 @Override 073 protected List<Configurer<SSLServerSocketFactory>> getSSLServerSocketFactoryConfigurers(SSLContext context) { 074 return Collections.emptyList(); 075 } 076 077 @Override 078 public String toString() { 079 StringBuilder builder = new StringBuilder(); 080 builder.append("SSLContextClientParameters [getCipherSuites()="); 081 builder.append(getCipherSuites()); 082 builder.append(", getCipherSuitesFilter()="); 083 builder.append(getCipherSuitesFilter()); 084 builder.append(", getSecureSocketProtocols()="); 085 builder.append(getSecureSocketProtocols()); 086 builder.append(", getSecureSocketProtocolsFilter()="); 087 builder.append(getSecureSocketProtocolsFilter()); 088 builder.append(", getSessionTimeout()="); 089 builder.append(getSessionTimeout()); 090 builder.append(", getContext()="); 091 builder.append(getCamelContext()); 092 builder.append("]"); 093 return builder.toString(); 094 } 095 }