netscape.ldap.factory
Class JSSSocketFactory
java.lang.Object
netscape.ldap.factory.JSSSocketFactory
- Serializable, LDAPSocketFactory, LDAPTLSSocketFactory, SSLCertificateApprovalCallback
public class JSSSocketFactory
extends java.lang.Object
Creates an SSL socket connection to a server, using the Netscape/Mozilla
JSS package.
This class implements the
LDAPSocketFactory
interface.
By default, the factory uses "secmod.db", "key*.db" and "cert*.db"
databases in the current directory. If you need to override this default
setting, then you should use the constructor
JSSSocketFactory(certdbDir)
.
JSSSocketFactory() - Constructs a new
JSSSocketFactory , initializing the
JSS security system if it has not already been initialized.
|
JSSSocketFactory(String certdbDir) - Constructs a new
JSSSocketFactory , initializing the
JSS security system if it has not already been initialized.
|
boolean | approve(X509Certificate serverCert, ValidityStatus status) - The default implementation of the SSLCertificateApprovalCallback
interface.
|
static void | initialize(String certdbDir) - Initialize the JSS security subsystem.
|
Socket | makeSocket(Socket s) - Creates an SSL socket layered over an existing socket.
|
Socket | makeSocket(String host, int port) - Creates an SSL socket
|
JSSSocketFactory
public JSSSocketFactory()
throws LDAPException
Constructs a new
JSSSocketFactory
, initializing the
JSS security system if it has not already been initialized.
The current directory is assumed to be the certificate database directory.
netscape.ldap.factory.JSSSocketFactory.JSSSocketFactory(java.lang.String)
JSSSocketFactory
public JSSSocketFactory(String certdbDir)
throws LDAPException
Constructs a new JSSSocketFactory
, initializing the
JSS security system if it has not already been initialized.
certdbDir
- The full path, relative or absolute, of the certificate
database directory
approve
public boolean approve(X509Certificate serverCert,
ValidityStatus status)
The default implementation of the SSLCertificateApprovalCallback
interface.
This default implementation always returns true. If you need to
verify the server certificate validity, then you should override
this method.
serverCert
- X509 Certificatestatus
- The validity of the server certificate
true
, by default we trust the certificate
initialize
public static void initialize(String certdbDir)
throws LDAPException
Initialize the JSS security subsystem.
This method allows you to override the current directory as the
default certificate database directory. The directory is expected
to contain
secmod.db
,
key*.db
and
cert*.db
files as the security module database, key database
and certificate database respectively.
The method may be called only once, before the first instance of
JSSSocketFactory
is created. When creating the first
instance, the constructor will automatically initialize the JSS
security subsystem using the defaults, unless it is already initialized.
certdbDir
- The full path, relative or absolute, of the certificate
database directory.
makeSocket
public Socket makeSocket(Socket s)
throws LDAPException
Creates an SSL socket layered over an existing socket.
Used for the startTLS implementation (RFC2830).
- makeSocket in interface LDAPTLSSocketFactory
s
- An existing non-SSL socket
- A SSL socket layered over the input socket
makeSocket
public Socket makeSocket(String host,
int port)
throws LDAPException
Creates an SSL socket
- makeSocket in interface LDAPSocketFactory
host
- Host name or IP address of SSL serverport
- Port numbers of SSL server
- A socket for an encrypted session