Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.glassfish.grizzly.ssl
Class SSLFilter

java.lang.Object
  extended by org.glassfish.grizzly.filterchain.BaseFilter
      extended by org.glassfish.grizzly.filterchain.AbstractCodecFilter<Buffer,Buffer>
          extended by org.glassfish.grizzly.ssl.SSLFilter
All Implemented Interfaces:
Codec<Buffer,Buffer>, CodecFilter<Buffer,Buffer>, Filter
public class SSLFilter
extends AbstractCodecFilter<Buffer,Buffer>

SSL Filter to operate with SSL encrypted data.

Author:
Alexey Stashok

Nested Class Summary
static class SSLFilter.CertificateEvent
           
 
Field Summary
protected  int maxPendingBytes
           
 
Constructor Summary
SSLFilter()
           
SSLFilter(SSLEngineConfigurator serverSSLEngineConfigurator, SSLEngineConfigurator clientSSLEngineConfigurator)
          Build SSLFilter with the given SSLEngineConfigurator.
SSLFilter(SSLEngineConfigurator serverSSLEngineConfigurator, SSLEngineConfigurator clientSSLEngineConfigurator, boolean renegotiateOnClientAuthWant)
          Build SSLFilter with the given SSLEngineConfigurator.
 
Method Summary
protected  Buffer doHandshakeStep(javax.net.ssl.SSLEngine sslEngine, FilterChainContext context)
           
 int getMaxPendingBytesPerConnection()
           
protected  java.lang.Object[] getPeerCertificateChain(javax.net.ssl.SSLEngine sslEngine, FilterChainContext context, boolean needClientAuth)
           Obtains the certificate chain for this SSL session.
 NextAction handleEvent(FilterChainContext ctx, FilterChainEvent event)
          Handle custom event associated with the Connection.
 NextAction handleRead(FilterChainContext ctx)
          Execute a unit of processing work to be performed, when channel will become available for reading.
 NextAction handleWrite(FilterChainContext ctx)
          Execute a unit of processing work to be performed, when some data should be written on channel.
 void handshake(Connection connection, CompletionHandler<javax.net.ssl.SSLEngine> completionHandler)
           
 void handshake(Connection connection, CompletionHandler<javax.net.ssl.SSLEngine> completionHandler, java.lang.Object dstAddress)
           
 void handshake(Connection connection, CompletionHandler<javax.net.ssl.SSLEngine> completionHandler, java.lang.Object dstAddress, SSLEngineConfigurator sslEngineConfigurator)
           
protected  void renegotiate(javax.net.ssl.SSLEngine sslEngine, FilterChainContext context)
          Performs an SSL renegotiation.
 void setMaxPendingBytesPerConnection(int maxPendingBytes)
          Configures the maximum number of bytes that may be queued to be written for a particular Connection.
 
Methods inherited from class org.glassfish.grizzly.filterchain.AbstractCodecFilter
getDecoder, getEncoder
 
Methods inherited from class org.glassfish.grizzly.filterchain.BaseFilter
createContext, exceptionOccurred, getFilterChain, getIndex, handleAccept, handleClose, handleConnect, onAdded, onFilterChainChanged, onRemoved
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.glassfish.grizzly.filterchain.Filter
exceptionOccurred, handleAccept, handleClose, handleConnect, onAdded, onFilterChainChanged, onRemoved
 

Field Detail

maxPendingBytes

protected volatile int maxPendingBytes
Constructor Detail

SSLFilter

public SSLFilter()

SSLFilter

public SSLFilter(SSLEngineConfigurator serverSSLEngineConfigurator,
                 SSLEngineConfigurator clientSSLEngineConfigurator)
Build SSLFilter with the given SSLEngineConfigurator.

Parameters:
serverSSLEngineConfigurator - SSLEngine configurator for server side connections
clientSSLEngineConfigurator - SSLEngine configurator for client side connections

SSLFilter

public SSLFilter(SSLEngineConfigurator serverSSLEngineConfigurator,
                 SSLEngineConfigurator clientSSLEngineConfigurator,
                 boolean renegotiateOnClientAuthWant)
Build SSLFilter with the given SSLEngineConfigurator.

Parameters:
serverSSLEngineConfigurator - SSLEngine configurator for server side connections
clientSSLEngineConfigurator - SSLEngine configurator for client side connections
Method Detail

handleEvent

public NextAction handleEvent(FilterChainContext ctx,
                              FilterChainEvent event)
                       throws java.io.IOException
Description copied from class: BaseFilter
Handle custom event associated with the Connection. This Filter may either complete the required processing and return StopAction, or delegate remaining processing to the next Filter in a FilterChain containing this Filter by returning InvokeAction.

Specified by:
handleEvent in interface Filter
Overrides:
handleEvent in class BaseFilter
Parameters:
ctx - FilterChainContext
Returns:
NextAction instruction for FilterChain, how it should continue the execution
Throws:
java.io.IOException

handleRead

public NextAction handleRead(FilterChainContext ctx)
                      throws java.io.IOException
Description copied from class: BaseFilter
Execute a unit of processing work to be performed, when channel will become available for reading. This Filter may either complete the required processing and return false, or delegate remaining processing to the next Filter in a FilterChain containing this Filter by returning true.

Specified by:
handleRead in interface Filter
Overrides:
handleRead in class AbstractCodecFilter<Buffer,Buffer>
Parameters:
ctx - FilterChainContext
Returns:
NextAction instruction for FilterChain, how it should continue the execution
Throws:
java.io.IOException

handleWrite

public NextAction handleWrite(FilterChainContext ctx)
                       throws java.io.IOException
Description copied from class: BaseFilter
Execute a unit of processing work to be performed, when some data should be written on channel. This Filter may either complete the required processing and return false, or delegate remaining processing to the next Filter in a FilterChain containing this Filter by returning true.

Specified by:
handleWrite in interface Filter
Overrides:
handleWrite in class AbstractCodecFilter<Buffer,Buffer>
Parameters:
ctx - FilterChainContext
Returns:
NextAction instruction for FilterChain, how it should continue the execution
Throws:
java.io.IOException

getMaxPendingBytesPerConnection

public int getMaxPendingBytesPerConnection()
Returns:
the maximum number of bytes that may be queued to be written to a particular Connection. This value is related to the situation when we try to send application data before SSL handshake completes, so the data should be stored and sent on wire once handshake will be completed.

setMaxPendingBytesPerConnection

public void setMaxPendingBytesPerConnection(int maxPendingBytes)
Configures the maximum number of bytes that may be queued to be written for a particular Connection. This value is related to the situation when we try to send application data before SSL handshake completes, so the data should be stored and sent on wire once handshake will be completed.

Parameters:
maxPendingBytes - maximum number of bytes that may be queued to be written for a particular Connection

handshake

public void handshake(Connection connection,
                      CompletionHandler<javax.net.ssl.SSLEngine> completionHandler)
               throws java.io.IOException
Throws:
java.io.IOException

handshake

public void handshake(Connection connection,
                      CompletionHandler<javax.net.ssl.SSLEngine> completionHandler,
                      java.lang.Object dstAddress)
               throws java.io.IOException
Throws:
java.io.IOException

handshake

public void handshake(Connection connection,
                      CompletionHandler<javax.net.ssl.SSLEngine> completionHandler,
                      java.lang.Object dstAddress,
                      SSLEngineConfigurator sslEngineConfigurator)
               throws java.io.IOException
Throws:
java.io.IOException

doHandshakeStep

protected Buffer doHandshakeStep(javax.net.ssl.SSLEngine sslEngine,
                                 FilterChainContext context)
                          throws java.io.IOException
Throws:
java.io.IOException

renegotiate

protected void renegotiate(javax.net.ssl.SSLEngine sslEngine,
                           FilterChainContext context)
                    throws java.io.IOException
Performs an SSL renegotiation.

Parameters:
sslEngine - the SSLEngine associated with this this renegotiation request.
context - the FilterChainContext associated with this this renegotiation request.
Throws:
java.io.IOException - if an error occurs during SSL renegotiation.

getPeerCertificateChain

protected java.lang.Object[] getPeerCertificateChain(javax.net.ssl.SSLEngine sslEngine,
                                                     FilterChainContext context,
                                                     boolean needClientAuth)
                                              throws java.io.IOException

Obtains the certificate chain for this SSL session. If no certificates are available, and needClientAuth is true, an SSL renegotiation will be be triggered to request the certificates from the client.

Parameters:
sslEngine - the SSLEngine associated with this certificate request.
context - the FilterChainContext associated with this this certificate request.
needClientAuth - determines whether or not SSL renegotiation will be attempted to obtain the certificate chain.
Returns:
the certificate chain as an Object[]. If no certificate chain can be determined, this method will return null.
Throws:
java.io.IOException - if an error occurs during renegotiation.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2012 Oracle Corporation. All Rights Reserved.