001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017 package org.apache.camel.util.jsse;
018
019 import java.security.GeneralSecurityException;
020 import java.util.Collections;
021 import java.util.List;
022
023 import javax.net.ssl.SSLContext;
024 import javax.net.ssl.SSLEngine;
025 import javax.net.ssl.SSLServerSocketFactory;
026
027 import org.slf4j.Logger;
028 import org.slf4j.LoggerFactory;
029
030 /**
031 * Configuration model for client side JSSE options.
032 */
033 public class SSLContextClientParameters extends BaseSSLContextParameters {
034
035 private static final Logger LOG = LoggerFactory.getLogger(SSLContextClientParameters.class);
036
037 @Override
038 protected boolean getAllowPassthrough() {
039 return true;
040 }
041
042 @Override
043 protected void configureSSLContext(SSLContext context) throws GeneralSecurityException {
044 LOG.trace("Configuring client-side SSLContext parameters on SSLContext [{}]...", context);
045 if (this.getSessionTimeout() != null) {
046 LOG.info("Configuring client-side SSLContext session timeout on SSLContext [{}] to [{}].", context, this.getSessionTimeout());
047 this.configureSessionContext(context.getClientSessionContext(), this.getSessionTimeout());
048 }
049 LOG.trace("Configured client-side SSLContext parameters on SSLContext [{}].", context);
050 }
051
052 /**
053 * {@inheritDoc}
054 * <p/>
055 * This implementation returns the empty list as the enabled cipher suites
056 * and protocols are not client and server side specific in an
057 * {@code SSLEngine}. Consequently, overriding them here would be a bit odd
058 * as the client side specific configuration shouldn't really override a
059 * shared client/server configuration option.
060 */
061 @Override
062 protected List<Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext context) {
063 // NOTE: if the super class gets additional shared configuration options beyond
064 // cipher suites and protocols, this method needs to address that.
065 return Collections.emptyList();
066 }
067
068 /**
069 * This class has no bearing on {@code SSLServerSocketFactory} instances and therefore provides no
070 * configurers for that purpose.
071 */
072 @Override
073 protected List<Configurer<SSLServerSocketFactory>> getSSLServerSocketFactoryConfigurers(SSLContext context) {
074 return Collections.emptyList();
075 }
076
077 @Override
078 public String toString() {
079 StringBuilder builder = new StringBuilder();
080 builder.append("SSLContextClientParameters [getCipherSuites()=");
081 builder.append(getCipherSuites());
082 builder.append(", getCipherSuitesFilter()=");
083 builder.append(getCipherSuitesFilter());
084 builder.append(", getSecureSocketProtocols()=");
085 builder.append(getSecureSocketProtocols());
086 builder.append(", getSecureSocketProtocolsFilter()=");
087 builder.append(getSecureSocketProtocolsFilter());
088 builder.append(", getSessionTimeout()=");
089 builder.append(getSessionTimeout());
090 builder.append(", getContext()=");
091 builder.append(getCamelContext());
092 builder.append("]");
093 return builder.toString();
094 }
095 }