org.glassfish.grizzly.sni

Class SNIFilter

java.lang.Object

org.glassfish.grizzly.filterchain.BaseFilter

org.glassfish.grizzly.ssl.SSLBaseFilter

org.glassfish.grizzly.ssl.SSLFilter

org.glassfish.grizzly.sni.SNIFilter

All Implemented Interfaces:

org.glassfish.grizzly.filterchain.Filter

public class SNIFilter
extends org.glassfish.grizzly.ssl.SSLFilter

TLS Server Name Indication (SNI) Filter implementation. This filter supports SNI extension on both client and server sides, however the client side logic works on JDK 7+ only. On the server-side this filter allows developers to set custom SSLEngineConfigurator, based on the host name provided by the client in the SSL CLIENT_HELLO message. An SNIServerConfigResolver registered via setServerSSLConfigResolver(org.glassfish.grizzly.sni.SNIServerConfigResolver) would be responsible for customizing SSLEngineConfigurator. On the other hand for client-side it's not mandatory to register SNIClientConfigResolver, because the host name information could be obtained from the Connection.getPeerAddress(). However SNIClientConfigResolver could be used to customize the host name.

Author:

Alexey Stashok

Nested Class Summary

Nested classes/interfaces inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

org.glassfish.grizzly.ssl.SSLBaseFilter.CertificateEvent, org.glassfish.grizzly.ssl.SSLBaseFilter.HandshakeListener, org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper

Field Summary

Fields inherited from class org.glassfish.grizzly.ssl.SSLFilter

maxPendingBytes

Fields inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

COPY_CLONER, handshakeListeners

Constructor Summary

Constructors

Constructor and Description
SNIFilter()
SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator) Construct an SNIFilter with the given default client and server side SSLEngineConfigurator.
SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator, org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator, boolean renegotiateOnClientAuthWant) Construct an SNIFilter with the given default SSLEngineConfigurator.

Method Summary

Modifier and Type	Method and Description
protected org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper	createOptimizedTransportFilter(org.glassfish.grizzly.filterchain.TransportFilter childFilter)
SNIClientConfigResolver	getClientSSLConfigResolver()
SNIServerConfigResolver	getServerSSLConfigResolver()
org.glassfish.grizzly.filterchain.NextAction	handleConnect(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
org.glassfish.grizzly.filterchain.NextAction	handleRead(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
void	setClientSSLConfigResolver(SNIClientConfigResolver resolver) Sets SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server.
void	setServerSSLConfigResolver(SNIServerConfigResolver resolver) Sets SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client.

Methods inherited from class org.glassfish.grizzly.ssl.SSLFilter

createClientSSLEngine, doHandshakeStep, getClientSSLEngineConfigurator, getMaxPendingBytesPerConnection, handleWrite, handshake, handshake, handshake, handshake, notifyHandshakeComplete, notifyHandshakeFailed, setMaxPendingBytesPerConnection

Methods inherited from class org.glassfish.grizzly.ssl.SSLBaseFilter

addHandshakeListener, createSslConnectionContext, doHandshakeStep, doHandshakeSync, getHandshakeTimeout, getOptimizedTransportFilter, getPeerCertificateChain, getServerSSLEngineConfigurator, handleEvent, isRenegotiateOnClientAuthWant, notifyHandshakeStart, obtainSslConnectionContext, onAdded, onRemoved, removeHandshakeListener, renegotiate, setHandshakeTimeout, setRenegotiationDisabled, unwrapAll, wrapAll

Methods inherited from class org.glassfish.grizzly.filterchain.BaseFilter

createContext, exceptionOccurred, handleAccept, handleClose, onFilterChainChanged, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

SNIFilter

public SNIFilter()

SNIFilter

public SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator,
                 org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator)

Construct an SNIFilter with the given default client and server side SSLEngineConfigurator.

Parameters:

serverSSLEngineConfigurator -

clientSSLEngineConfigurator -

SNIFilter

public SNIFilter(org.glassfish.grizzly.ssl.SSLEngineConfigurator serverSSLEngineConfigurator,
                 org.glassfish.grizzly.ssl.SSLEngineConfigurator clientSSLEngineConfigurator,
                 boolean renegotiateOnClientAuthWant)

Construct an SNIFilter with the given default SSLEngineConfigurator.

Parameters:

serverSSLEngineConfigurator - SSLEngine configurator for server side connections

clientSSLEngineConfigurator - SSLEngine configurator for client side connections

renegotiateOnClientAuthWant -

Method Detail

getServerSSLConfigResolver

public SNIServerConfigResolver getServerSSLConfigResolver()

Returns:

SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client

setServerSSLConfigResolver

public void setServerSSLConfigResolver(SNIServerConfigResolver resolver)

Sets SNIServerConfigResolver, which is responsible for customizing SSLEngineConfigurator for newly accepted Connections, based on SNI host name information sent by a client.

Parameters:

resolver - SNIServerConfigResolver

getClientSSLConfigResolver

public SNIClientConfigResolver getClientSSLConfigResolver()

Returns:

SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server

setClientSSLConfigResolver

public void setClientSSLConfigResolver(SNIClientConfigResolver resolver)

Sets SNIClientConfigResolver, which is responsible for customizing SSLEngineConfigurator and SNI host name to be sent to a server.

Parameters:

resolver -

createOptimizedTransportFilter

protected org.glassfish.grizzly.ssl.SSLBaseFilter.SSLTransportFilterWrapper createOptimizedTransportFilter(org.glassfish.grizzly.filterchain.TransportFilter childFilter)

Overrides:

createOptimizedTransportFilter in class org.glassfish.grizzly.ssl.SSLBaseFilter

handleConnect

public org.glassfish.grizzly.filterchain.NextAction handleConnect(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
                                                           throws IOException

Specified by:

handleConnect in interface org.glassfish.grizzly.filterchain.Filter

Overrides:

handleConnect in class org.glassfish.grizzly.filterchain.BaseFilter

Throws:

IOException

handleRead

public org.glassfish.grizzly.filterchain.NextAction handleRead(org.glassfish.grizzly.filterchain.FilterChainContext ctx)
                                                        throws IOException

Specified by:

handleRead in interface org.glassfish.grizzly.filterchain.Filter

Overrides:

handleRead in class org.glassfish.grizzly.ssl.SSLBaseFilter

Throws:

IOException