Package netscape.ldap.factory

Class JSSSocketFactory

  • All Implemented Interfaces:
    java.io.Serializable, LDAPSocketFactory, LDAPTLSSocketFactory, org.mozilla.jss.ssl.SSLCertificateApprovalCallback
    public class JSSSocketFactory
extends java.lang.Object
implements java.io.Serializable, LDAPTLSSocketFactory, org.mozilla.jss.ssl.SSLCertificateApprovalCallback
    Creates an SSL socket connection to a server, using the Netscape/Mozilla JSS package. This class implements the LDAPSocketFactory interface.

    By default, the factory uses "secmod.db", "key*.db" and "cert*.db" databases in the current directory. If you need to override this default setting, then you should use the constructor JSSSocketFactory(certdbDir).

    Version:
    1.1
    See Also:
    LDAPSocketFactory, LDAPConnection(netscape.ldap.LDAPSocketFactory), Serialized Form

    • Nested Class Summary

      • Nested classes/interfaces inherited from interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback

        org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityItem, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus

    • Constructor Summary

      Constructors 
      Constructor Description
      JSSSocketFactory()
      Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.
      JSSSocketFactory​(java.lang.String certdbDir)
      Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean approve​(org.mozilla.jss.crypto.X509Certificate serverCert, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
      The default implementation of the SSLCertificateApprovalCallback interface.
      static void initialize​(java.lang.String certdbDir)
      Initialize the JSS security subsystem.
      java.net.Socket makeSocket​(java.lang.String host, int port)
      Creates an SSL socket
      java.net.Socket makeSocket​(java.net.Socket s)
      Creates an SSL socket layered over an existing socket.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • JSSSocketFactory

        public JSSSocketFactory()
                 throws LDAPException
        Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.

        The current directory is assumed to be the certificate database directory.

        Throws:
        LDAPException - on initialization error
        See Also:
        JSSSocketFactory(java.lang.String)

      • JSSSocketFactory

        public JSSSocketFactory​(java.lang.String certdbDir)
                 throws LDAPException
        Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.
        Parameters:
        certdbDir - The full path, relative or absolute, of the certificate database directory
        Throws:
        LDAPException - on initialization error

    • Method Detail

      • initialize

        public static void initialize​(java.lang.String certdbDir)
                       throws LDAPException
        Initialize the JSS security subsystem.

        This method allows you to override the current directory as the default certificate database directory. The directory is expected to contain secmod.db, key*.db and cert*.db files as the security module database, key database and certificate database respectively.

        The method may be called only once, before the first instance of JSSSocketFactory is created. When creating the first instance, the constructor will automatically initialize the JSS security subsystem using the defaults, unless it is already initialized.

        Parameters:
        certdbDir - The full path, relative or absolute, of the certificate database directory.
        Throws:
        LDAPException - on initialization error
        See Also:
        JSSSocketFactory(String)

      • approve

        public boolean approve​(org.mozilla.jss.crypto.X509Certificate serverCert,
                       org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
        The default implementation of the SSLCertificateApprovalCallback interface.

        This default implementation always returns true. If you need to verify the server certificate validity, then you should override this method.

        Specified by:
        approve in interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback
        Parameters:
        serverCert - X509 Certificate
        status - The validity of the server certificate
        Returns:
        true, by default we trust the certificate

      • makeSocket

        public java.net.Socket makeSocket​(java.net.Socket s)
                           throws LDAPException
        Creates an SSL socket layered over an existing socket. Used for the startTLS implementation (RFC2830).
        Specified by:
        makeSocket in interface LDAPTLSSocketFactory
        Parameters:
        s - An existing non-SSL socket
        Returns:
        A SSL socket layered over the input socket
        Throws:
        LDAPException - on error creating socket
        Since:
        LDAPJDK 4.17
        See Also:
        LDAPConnection.startTLS()