PublicKeyVerifyingSSLSocketFactory (Delegated SAML Authentication 1.1.2 API)

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.jasig.portal.security.provider.saml
Class PublicKeyVerifyingSSLSocketFactory

java.lang.Object
  org.apache.http.conn.ssl.SSLSocketFactory
      org.jasig.portal.security.provider.saml.PublicKeyVerifyingSSLSocketFactory

All Implemented Interfaces:: org.apache.http.conn.scheme.LayeredSocketFactory, org.apache.http.conn.scheme.SocketFactory

public class PublicKeyVerifyingSSLSocketFactory
extends org.apache.http.conn.ssl.SSLSocketFactory
extends org.apache.http.conn.ssl.SSLSocketFactory

This class extends the Apache Commons HTTP Client SSLSocketFactory to support the verification of the server's public key against supplied public key. If an attempt is made to connec to to a server that does not present a matching public key, the connection will be terminated.

Author:: Adam Rybicki

Field Summary
`protected org.slf4j.Logger`	`logger`

Fields inherited from class org.apache.http.conn.ssl.SSLSocketFactory
`ALLOW_ALL_HOSTNAME_VERIFIER, BROWSER_COMPATIBLE_HOSTNAME_VERIFIER, SSL, SSLV2, STRICT_HOSTNAME_VERIFIER, TLS`

Constructor Summary
`PublicKeyVerifyingSSLSocketFactory(SSLContext sslContext, String encodedPublicKeys)` Set the Base64-encoded public key(s) to validate.

Method Summary
`Socket`	`connectSocket(Socket sock, String host, int port, InetAddress localAddress, int localPort, org.apache.http.params.HttpParams params)` This method makes a connection to the server by utilizing the base class method, but it adds a validation of the server's public key if one was supplied previously.

Methods inherited from class org.apache.http.conn.ssl.SSLSocketFactory
`createSocket, createSocket, getHostnameVerifier, getSocketFactory, isSecure, setHostnameVerifier`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

logger

protected final org.slf4j.Logger logger

Constructor Detail

PublicKeyVerifyingSSLSocketFactory

public PublicKeyVerifyingSSLSocketFactory(SSLContext sslContext,
                                          String encodedPublicKeys)
                                   throws KeyException

Set the Base64-encoded public key(s) to validate. This method decodes the passed public key and keeps it for verification at the time a connection is attempted.

Parameters:: sslContext -; encodedPublicKeys - Base64-encoded public key(s)
Throws:: KeyException

Method Detail

connectSocket

public Socket connectSocket(Socket sock,
                            String host,
                            int port,
                            InetAddress localAddress,
                            int localPort,
                            org.apache.http.params.HttpParams params)
                     throws IOException

This method makes a connection to the server by utilizing the base class method, but it adds a validation of the server's public key if one was supplied previously.

Specified by:: connectSocket in interface org.apache.http.conn.scheme.SocketFactory
Overrides:: connectSocket in class org.apache.http.conn.ssl.SSLSocketFactory

Throws:: IOException
See Also:: SSLSocketFactory.connectSocket(java.net.Socket, java.lang.String, int, java.net.InetAddress, int, org.apache.http.params.HttpParams)