org.apache.cxf.configuration.jsse.TLSParameterBase Maven / Gradle / Ivy
/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.configuration.jsse;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;
import org.apache.cxf.configuration.security.CertificateConstraintsType;
import org.apache.cxf.configuration.security.FiltersType;
/**
* This class is the base class for SSL/TLS parameters that are common
* to both client and server sides.
*/
public class TLSParameterBase {
protected KeyManager[] keyManagers;
protected TrustManager[] trustManagers;
protected String provider;
protected List ciphersuites = new ArrayList();
protected FiltersType cipherSuiteFilters;
protected CertificateConstraintsType certConstraints;
protected SecureRandom secureRandom;
protected String protocol;
protected String certAlias;
/**
* Set the JSSE provider. If not set,
* it uses system default.
*/
public final void setJsseProvider(String prov) {
provider = prov;
}
/**
* Return the JSSE provider.
*/
public String getJsseProvider() {
return provider;
}
/**
* Sets the KeyManagers for this endpoint.
* This parameter may be set to null for system default behavior.
*/
public final void setKeyManagers(KeyManager[] keyMgrs) {
keyManagers = keyMgrs;
}
/**
* Returns the key managers for the endpoint.
*/
public KeyManager[] getKeyManagers() {
return keyManagers;
}
/**
* Sets the TrustManagers associated with this endpoint.
* This parameter may be set to null for system default behavior.
*/
public final void setTrustManagers(TrustManager[] trustMgrs) {
trustManagers = trustMgrs;
}
/**
* Returns the TrustManagers associated with the endpoint.
*/
public TrustManager[] getTrustManagers() {
return trustManagers;
}
/**
* This parameter sets the cipher suites list to use. If left unset
* it uses system defaults.
*/
public final void setCipherSuites(List cs) {
ciphersuites = cs;
}
/**
* Returns the CipherSuites associated with this endpoint.
*/
public List getCipherSuites() {
if (ciphersuites == null) {
ciphersuites = new ArrayList();
}
return ciphersuites;
}
/**
* This parameter sets the filter to include and/or exclude the
* cipher suites to use from the set list or system defaults.
*/
public final void setCipherSuitesFilter(FiltersType filters) {
cipherSuiteFilters = filters;
}
/**
* Returns the cipher suites filter
*/
public FiltersType getCipherSuitesFilter() {
return cipherSuiteFilters;
}
/**
* This sets the secure random provider and algorithm. If left unset or set
* to null, it uses the system default.
*/
public final void setSecureRandom(SecureRandom random) {
secureRandom = random;
}
/**
* Get the certificate constraints type
*/
public CertificateConstraintsType getCertConstraints() {
return certConstraints;
}
/**
* Set the certificate constraints type
*/
public final void setCertConstraints(CertificateConstraintsType constraints) {
certConstraints = constraints;
}
/**
* Returns the secure random algorithm.
*/
public SecureRandom getSecureRandom() {
return secureRandom;
}
/**
* This sets the protocol to use. The system default is usually
* "TLS".
*/
public final void setSecureSocketProtocol(String proto) {
protocol = proto;
}
/**
* Returns the secure socket protocol in use.
*/
public String getSecureSocketProtocol() {
return protocol;
}
/**
* This parameter configures the cert alias used on server side
* this is useful when keystore has multiple certs
*/
public final void setCertAlias(String ctAlias) {
certAlias = ctAlias;
}
/**
* This parameter retrieves the cert alias specified on server side
*/
public String getCertAlias() {
return certAlias;
}
}