public class JSSSocketFactory extends java.lang.Object implements java.io.Serializable, LDAPTLSSocketFactory, org.mozilla.jss.ssl.SSLCertificateApprovalCallback
LDAPSocketFactory
interface.
By default, the factory uses "secmod.db", "key*.db" and "cert*.db"
databases in the current directory. If you need to override this default
setting, then you should use the constructor JSSSocketFactory(certdbDir).
LDAPSocketFactory,
LDAPConnection(netscape.ldap.LDAPSocketFactory),
Serialized Form| Constructor and Description |
|---|
JSSSocketFactory()
Constructs a new
JSSSocketFactory, initializing the
JSS security system if it has not already been initialized. |
JSSSocketFactory(java.lang.String certdbDir)
Constructs a new
JSSSocketFactory, initializing the
JSS security system if it has not already been initialized. |
| Modifier and Type | Method and Description |
|---|---|
boolean |
approve(org.mozilla.jss.crypto.X509Certificate serverCert,
org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
The default implementation of the SSLCertificateApprovalCallback
interface.
|
static void |
initialize(java.lang.String certdbDir)
Initialize the JSS security subsystem.
|
java.net.Socket |
makeSocket(java.net.Socket s)
Creates an SSL socket layered over an existing socket.
|
java.net.Socket |
makeSocket(java.lang.String host,
int port)
Creates an SSL socket
|
public JSSSocketFactory()
throws LDAPException
JSSSocketFactory, initializing the
JSS security system if it has not already been initialized.
The current directory is assumed to be the certificate database directory.
LDAPException - on initialization errorJSSSocketFactory(java.lang.String)public JSSSocketFactory(java.lang.String certdbDir)
throws LDAPException
JSSSocketFactory, initializing the
JSS security system if it has not already been initialized.certdbDir - The full path, relative or absolute, of the certificate
database directoryLDAPException - on initialization errorpublic static void initialize(java.lang.String certdbDir)
throws LDAPException
This method allows you to override the current directory as the
default certificate database directory. The directory is expected
to contain secmod.db, key*.db and
cert*.db files as the security module database, key database
and certificate database respectively.
The method may be called only once, before the first instance of
JSSSocketFactory is created. When creating the first
instance, the constructor will automatically initialize the JSS
security subsystem using the defaults, unless it is already initialized.
certdbDir - The full path, relative or absolute, of the certificate
database directory.LDAPException - on initialization errorJSSSocketFactory(String)public java.net.Socket makeSocket(java.lang.String host,
int port)
throws LDAPException
makeSocket in interface LDAPSocketFactoryhost - Host name or IP address of SSL serverport - Port numbers of SSL serverLDAPException - on error creating socketLDAPSSLSocketFactory.makeSocket(java.lang.String,int)public boolean approve(org.mozilla.jss.crypto.X509Certificate serverCert,
org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
This default implementation always returns true. If you need to verify the server certificate validity, then you should override this method.
approve in interface org.mozilla.jss.ssl.SSLCertificateApprovalCallbackserverCert - X509 Certificatestatus - The validity of the server certificatetrue, by default we trust the certificatepublic java.net.Socket makeSocket(java.net.Socket s)
throws LDAPException
makeSocket in interface LDAPTLSSocketFactorys - An existing non-SSL socketLDAPException - on error creating socketLDAPConnection.startTLS()