Package org.glassfish.grizzly.sni

Class SNIFilter

java.lang.Object
org.glassfish.grizzly.filterchain.BaseFilter
org.glassfish.grizzly.ssl.SSLBaseFilter
org.glassfish.grizzly.ssl.SSLFilter
org.glassfish.grizzly.sni.SNIFilter
All Implemented Interfaces:
org.glassfish.grizzly.filterchain.Filter
public class SNIFilter extends org.glassfish.grizzly.ssl.SSLFilter
TLS Server Name Indication (SNI) Filter implementation. This filter supports SNI extension on both client and server sides, however the client side logic works on JDK 7+ only. On the server-side this filter allows developers to set custom SSLEngineConfigurator, based on the host name provided by the client in the SSL CLIENT_HELLO message. An SNIServerConfigResolver registered via setServerSSLConfigResolver(org.glassfish.grizzly.sni.SNIServerConfigResolver) would be responsible for customizing SSLEngineConfigurator. On the other hand for client-side it's not mandatory to register SNIClientConfigResolver, because the host name information could be obtained from the Connection.getPeerAddress(). However SNIClientConfigResolver could be used to customize the host name.
Author:
Alexey Stashok

  • Nested Class Summary

    Nested classes/interfaces inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

    org.glassfish.grizzly.ssl.SSLBaseFilter.CertificateEvent, org.glassfish.grizzly.ssl.SSLBaseFilter.HandshakeListener, org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper

  • Field Summary

    Fields inherited from class org.glassfish.grizzly.ssl.SSLFilter

    maxPendingBytes

    Fields inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

    COPY_CLONER, handshakeListeners

  • Constructor Summary

    Constructors
    Constructor
    Description
    SNIFilter()
     
    SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator)
    Construct an SNIFilter with the given default client and server side SSLEngineConfigurator.
    SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator, boolean renegotiateOnClientAuthWant)
    Construct an SNIFilter with the given default SSLEngineConfigurator.

  • Method Summary

    Modifier and Type
    Method
    Description
    protected org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper
    createOptimizedTransportFilter(org.glassfish.grizzly.filterchain.TransportFilter childFilter)
     
    SNIClientConfigResolver
    getClientSSLConfigResolver()
     
    SNIServerConfigResolver
    getServerSSLConfigResolver()
     
    org.glassfish.grizzly.filterchain.NextAction
    handleConnect(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
     
    org.glassfish.grizzly.filterchain.NextAction
    handleRead(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
     
    void
    setClientSSLConfigResolver(SNIClientConfigResolver resolver)
    Sets SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server.
    void
    setServerSSLConfigResolver(SNIServerConfigResolver resolver)
    Sets SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client.

    Methods inherited from class org.glassfish.grizzly.ssl.SSLFilter

    createClientSSLEngine, doHandshakeStep, getClientSSLEngineConfigurator, getMaxPendingBytesPerConnection, handleWrite, handshake, handshake, handshake, handshake, notifyHandshakeComplete, notifyHandshakeFailed, setMaxPendingBytesPerConnection

    Methods inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

    addHandshakeListener, createSslConnectionContext, doHandshakeStep, doHandshakeSync, getHandshakeTimeout, getOptimizedTransportFilter, getPeerCertificateChain, getServerSSLEngineConfigurator, handleEvent, isRenegotiateOnClientAuthWant, notifyHandshakeInit, notifyHandshakeStart, obtainSslConnectionContext, onAdded, onRemoved, removeHandshakeListener, renegotiate, setHandshakeTimeout, setRenegotiationDisabled, unwrapAll, wrapAll

    Methods inherited from class org.glassfish.grizzly.filterchain.BaseFilter

    createContext, exceptionOccurred, handleAccept, handleClose, onFilterChainChanged, toString

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

  • Constructor Details

    • SNIFilter

      public SNIFilter()

    • SNIFilter

      public SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator)
      Construct an SNIFilter with the given default client and server side SSLEngineConfigurator.
      Parameters:
      serverSSLEngineConfigurator -
      clientSSLEngineConfigurator -

    • SNIFilter

      public SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator, boolean renegotiateOnClientAuthWant)
      Construct an SNIFilter with the given default SSLEngineConfigurator.
      Parameters:
      serverSSLEngineConfigurator - SSLEngine configurator for server side connections
      clientSSLEngineConfigurator - SSLEngine configurator for client side connections
      renegotiateOnClientAuthWant -

  • Method Details

    • getServerSSLConfigResolver

      public SNIServerConfigResolver getServerSSLConfigResolver()
      Returns:
      SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client

    • setServerSSLConfigResolver

      public void setServerSSLConfigResolver(SNIServerConfigResolver resolver)
      Sets SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client.
      Parameters:
      resolver - SNIServerConfigResolver

    • getClientSSLConfigResolver

      public SNIClientConfigResolver getClientSSLConfigResolver()
      Returns:
      SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server

    • setClientSSLConfigResolver

      public void setClientSSLConfigResolver(SNIClientConfigResolver resolver)
      Sets SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server.
      Parameters:
      resolver -

    • createOptimizedTransportFilter

      protected org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper createOptimizedTransportFilter(org.glassfish.grizzly.filterchain.TransportFilter childFilter)
      Overrides:
      createOptimizedTransportFilter in class org.glassfish.grizzly.ssl.SSLBaseFilter

    • handleConnect

      public org.glassfish.grizzly.filterchain.NextAction handleConnect(org.glassfish.grizzly.filterchain.FilterChainContext ctx) throws IOException
      Specified by:
      handleConnect in interface org.glassfish.grizzly.filterchain.Filter
      Overrides:
      handleConnect in class org.glassfish.grizzly.filterchain.BaseFilter
      Throws:
      IOException

    • handleRead

      public org.glassfish.grizzly.filterchain.NextAction handleRead(org.glassfish.grizzly.filterchain.FilterChainContext ctx) throws IOException
      Specified by:
      handleRead in interface org.glassfish.grizzly.filterchain.Filter
      Overrides:
      handleRead in class org.glassfish.grizzly.ssl.SSLBaseFilter
      Throws:
      IOException