Module net.shibboleth.utilities.java.support

Package net.shibboleth.utilities.java.support.httpclient

Class TLSSocketFactoryBuilder

java.lang.Object

net.shibboleth.utilities.java.support.httpclient.TLSSocketFactoryBuilder

public class TLSSocketFactoryBuilder
extends Object

A builder for instances of TLSSocketFactory which allows easy specification of the full range of supported factory inputs.

Field Summary

Fields

Modifier and Type	Field	Description
private static String	DEFAULT_CONTEXT_PROTOCOL	The default protocol used when obtaining the SSLContxt instance.
private static HostnameVerifier	DEFAULT_HOSTNAME_VERIFIER	The default hostname verifier used by the socket factory.
private List<String>	enabledCipherSuites	The SSL/TLS cipher suites enabled on sockets produced the socket factory.
private List<String>	enabledProtocols	The SSL/TLS protocols enabled on sockets produced by the socket factory.
private HostnameVerifier	hostnameVerifier	The hostname verifier used by the socket factory.
private List<KeyManager>	keyManagers	The list of KeyManagers used when initializing the SSLContext instance.
private SecureRandom	secureRandom	The SecureRandom instance used when initializing the SSLContext instance.
private String	sslContextProtocol	The protocol used when obtaining the SSLContext instance.
private String	sslContextProvider	The JCA provider used when obtaining the SSLContext instance.
private List<TrustManager>	trustManagers	The list of TrustManagers used when initializing the SSLContext instance.

Constructor Summary

Constructors

Constructor	Description
TLSSocketFactoryBuilder()

Method Summary

Modifier and Type	Method	Description
TLSSocketFactory	build()	Build a new instance of TLSSocketFactory, based on the properties specified to this builder instance.
protected SSLContext	buildSSLContext()	Build a new instance of SSLContext based on the properties specified on this builder instance.
List<String>	getEnabledCipherSuites()	Get the list of enabled SSL/TLS cipher suites on sockets produced by the factory.
List<String>	getEnabledProtocols()	Get the list of enabled SSL/TLS protocols on sockets produced by the factory.
HostnameVerifier	getHostnameVerifier()	Get the HostnameVerifier instance used by the socket factory.
List<KeyManager>	getKeyManagers()	Get the list of KeyManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).
SecureRandom	getSecureRandom()	Get the SecureRandom instance used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).
String	getSSLContextProtocol()	Get the protocol specifier used when obtaining an instance of SSLContext via SSLContext.getInstance(String).
String	getSSLContextProvider()	Get the JCA provider name used when obtaining an instance of SSLContext via SSLContext.getInstance(String, String).
List<TrustManager>	getTrustManagers()	Get the list of TrustManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).
TLSSocketFactoryBuilder	setEnabledCipherSuites(List<String> cipherSuites)	Set the list of enabled SSL/TLS cipher suites on sockets produced by the factory.
TLSSocketFactoryBuilder	setEnabledProtocols(List<String> protocols)	Set the list of enabled SSL/TLS protocols on sockets produced by the factory.
TLSSocketFactoryBuilder	setHostnameVerifier(HostnameVerifier verifier)	Set the HostnameVerifier instance used by the socket factory.
TLSSocketFactoryBuilder	setKeyManagers(List<KeyManager> managers)	Set the list of KeyManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).
TLSSocketFactoryBuilder	setSecureRandom(SecureRandom random)	Set the SecureRandom instance used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).
TLSSocketFactoryBuilder	setSSLContextProtocol(String protocol)	Set the protocol specifier used when obtaining an instance of SSLContext via SSLContext.getInstance(String).
TLSSocketFactoryBuilder	setSSLContextProvider(String provider)	Set the JCA provider name used when obtaining an instance of SSLContext via SSLContext.getInstance(String, String).
TLSSocketFactoryBuilder	setTrustManagers(List<TrustManager> managers)	Set the list of TrustManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_CONTEXT_PROTOCOL

private static final String DEFAULT_CONTEXT_PROTOCOL

The default protocol used when obtaining the SSLContxt instance.

See Also:

Constant Field Values

DEFAULT_HOSTNAME_VERIFIER

private static final HostnameVerifier DEFAULT_HOSTNAME_VERIFIER

The default hostname verifier used by the socket factory.

sslContextProtocol

private String sslContextProtocol

The protocol used when obtaining the SSLContext instance.

sslContextProvider

private String sslContextProvider

The JCA provider used when obtaining the SSLContext instance.

keyManagers

private List<KeyManager> keyManagers

The list of KeyManagers used when initializing the SSLContext instance.

trustManagers

private List<TrustManager> trustManagers

The list of TrustManagers used when initializing the SSLContext instance.

secureRandom

private SecureRandom secureRandom

The SecureRandom instance used when initializing the SSLContext instance.

hostnameVerifier

private HostnameVerifier hostnameVerifier

The hostname verifier used by the socket factory.

enabledProtocols

private List<String> enabledProtocols

The SSL/TLS protocols enabled on sockets produced by the socket factory.

enabledCipherSuites

private List<String> enabledCipherSuites

The SSL/TLS cipher suites enabled on sockets produced the socket factory.

Constructor Detail

TLSSocketFactoryBuilder

public TLSSocketFactoryBuilder()

Method Detail

getSSLContextProtocol

@Nullable
public String getSSLContextProtocol()

Get the protocol specifier used when obtaining an instance of SSLContext via SSLContext.getInstance(String).

If not specified, the value "TLS" will be used.

Returns:

the protocol, or null

setSSLContextProtocol

public TLSSocketFactoryBuilder setSSLContextProtocol(@Nullable
                                                     String protocol)

Set the protocol specifier used when obtaining an instance of SSLContext via SSLContext.getInstance(String).

If not specified, the value "TLS" will be used.

Parameters:

protocol - the protocol, may be null

Returns:

this builder instance

getSSLContextProvider

@Nullable
public String getSSLContextProvider()

Get the JCA provider name used when obtaining an instance of SSLContext via SSLContext.getInstance(String, String).

Returns:

the provider namer, or null

setSSLContextProvider

public TLSSocketFactoryBuilder setSSLContextProvider(@Nullable
                                                     String provider)

Set the JCA provider name used when obtaining an instance of SSLContext via SSLContext.getInstance(String, String).

Parameters:

provider - the provider name, may be null

Returns:

this builder instance

getKeyManagers

@Nullable
public List<KeyManager> getKeyManagers()

Get the list of KeyManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Returns:

the list of key managers, or null

setKeyManagers

public TLSSocketFactoryBuilder setKeyManagers(@Nullable
                                              List<KeyManager> managers)

Set the list of KeyManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Parameters:

managers - the list of key managers, or null

Returns:

this builder instance

getTrustManagers

@Nullable
public List<TrustManager> getTrustManagers()

Get the list of TrustManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Returns:

the list of trust managers, or null

setTrustManagers

public TLSSocketFactoryBuilder setTrustManagers(@Nullable
                                                List<TrustManager> managers)

Set the list of TrustManagers used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Parameters:

managers - the list of trust managers, or null

Returns:

this builder instance

getSecureRandom

@Nullable
public SecureRandom getSecureRandom()

Get the SecureRandom instance used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Returns:

the secure random instance, or null

setSecureRandom

public TLSSocketFactoryBuilder setSecureRandom(@Nullable
                                               SecureRandom random)

Set the SecureRandom instance used to initialize the SSLContext via SSLContext.init(KeyManager[], TrustManager[], SecureRandom).

Parameters:

random - the secure random instance, or null

Returns:

this builder instance

getHostnameVerifier

@Nullable
public HostnameVerifier getHostnameVerifier()

Get the HostnameVerifier instance used by the socket factory.

If not specified, defaults to TLSSocketFactory.STRICT_HOSTNAME_VERIFIER.

Returns:

the hostname verifier, or null

setHostnameVerifier

public TLSSocketFactoryBuilder setHostnameVerifier(@Nullable
                                                   HostnameVerifier verifier)

Set the HostnameVerifier instance used by the socket factory.

If not specified, defaults to TLSSocketFactory.STRICT_HOSTNAME_VERIFIER.

Parameters:

verifier - the hostname verifier, or null

Returns:

this builder instance

getEnabledProtocols

@Nullable
public List<String> getEnabledProtocols()

Get the list of enabled SSL/TLS protocols on sockets produced by the factory.

Returns:

the list of protocols, or null

setEnabledProtocols

public TLSSocketFactoryBuilder setEnabledProtocols(@Nullable
                                                   List<String> protocols)

Set the list of enabled SSL/TLS protocols on sockets produced by the factory.

Parameters:

protocols - the list of protocols, or null

Returns:

this builder instance

getEnabledCipherSuites

@Nullable
public List<String> getEnabledCipherSuites()

Get the list of enabled SSL/TLS cipher suites on sockets produced by the factory.

Returns:

the list of cipher suites, or null

setEnabledCipherSuites

public TLSSocketFactoryBuilder setEnabledCipherSuites(@Nullable
                                                      List<String> cipherSuites)

Set the list of enabled SSL/TLS cipher suites on sockets produced by the factory.

Parameters:

cipherSuites - the list of cipher suites, or null

Returns:

this builder instance

build

@Nonnull
public TLSSocketFactory build()

Build a new instance of TLSSocketFactory, based on the properties specified to this builder instance.

Returns:

a new socket factory instance

buildSSLContext

@Nonnull
protected SSLContext buildSSLContext()

Build a new instance of SSLContext based on the properties specified on this builder instance.

Returns:

a new SSLContext instance