All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.datastax.driver.core.JdkSSLOptions Maven / Gradle / Ivy

Go to download

A driver for DataStax Enterprise (DSE) and Apache Cassandra 1.2+ clusters that works exclusively with the Cassandra Query Language version 3 (CQL3) and Cassandra's binary protocol, supporting DSE-specific features such as geospatial types, DSE Graph and DSE authentication.

There is a newer version: 2.4.0
Show newest version
/*
 * Copyright DataStax, Inc.
 *
 * This software can be used solely with DataStax Enterprise. Please consult the license at
 * http://www.datastax.com/terms/datastax-dse-driver-license-terms
 */
package com.datastax.driver.core;

import io.netty.channel.socket.SocketChannel;
import io.netty.handler.ssl.SslHandler;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import java.security.NoSuchAlgorithmException;

/**
 * {@link SSLOptions} implementation based on built-in JDK classes.
 *
 * @deprecated Use {@link RemoteEndpointAwareJdkSSLOptions} instead.
 */
@SuppressWarnings("DeprecatedIsStillUsed")
@Deprecated
public class JdkSSLOptions implements SSLOptions {

    /**
     * Creates a builder to create a new instance.
     *
     * @return the builder.
     */
    public static Builder builder() {
        return new Builder();
    }

    protected final SSLContext context;
    protected final String[] cipherSuites;

    /**
     * Creates a new instance.
     *
     * @param context      the SSL context.
     * @param cipherSuites the cipher suites to use.
     */
    protected JdkSSLOptions(SSLContext context, String[] cipherSuites) {
        this.context = (context == null) ? makeDefaultContext() : context;
        this.cipherSuites = cipherSuites;
    }

    @Override
    public SslHandler newSSLHandler(SocketChannel channel) {
        SSLEngine engine = newSSLEngine(channel);
        return new SslHandler(engine);
    }

    /**
     * Creates an SSL engine each time a connection is established.
     * 

*

* You might want to override this if you need to fine-tune the engine's configuration * (for example enabling hostname verification). * * @param channel the Netty channel for that connection. * @return the engine. */ protected SSLEngine newSSLEngine(@SuppressWarnings("unused") SocketChannel channel) { SSLEngine engine = context.createSSLEngine(); engine.setUseClientMode(true); if (cipherSuites != null) engine.setEnabledCipherSuites(cipherSuites); return engine; } private static SSLContext makeDefaultContext() throws IllegalStateException { try { return SSLContext.getDefault(); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException("Cannot initialize SSL Context", e); } } /** * Helper class to build JDK-based SSL options. */ public static class Builder { protected SSLContext context; protected String[] cipherSuites; /** * Set the SSL context to use. *

* If this method isn't called, a context with the default options will be used, * and you can use the default * JSSE System properties * to customize its behavior. This may in particular involve * creating a simple keyStore and trustStore. * * @param context the SSL context. * @return this builder. */ public Builder withSSLContext(SSLContext context) { this.context = context; return this; } /** * Set the cipher suites to use. *

* If this method isn't called, the default is to present all the eligible client ciphers to the server. * * @param cipherSuites the cipher suites to use. * @return this builder. */ public Builder withCipherSuites(String[] cipherSuites) { this.cipherSuites = cipherSuites; return this; } /** * Builds a new instance based on the parameters provided to this builder. * * @return the new instance. */ @SuppressWarnings("deprecation") public JdkSSLOptions build() { return new JdkSSLOptions(context, cipherSuites); } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy