compact1, compact2, compact3

javax.net.ssl

Class SSLSocketFactory

java.lang.Object

javax.net.SocketFactory

javax.net.ssl.SSLSocketFactory

public abstract class SSLSocketFactory
extends SocketFactory

SSLSocketFactorys create SSLSockets.

Since:

1.4

See Also:

SSLSocket

Constructor Summary

Constructors

Constructor and Description
SSLSocketFactory() Constructor is used only by subclasses.

Method Summary

Modifier and Type	Method and Description
Socket	createSocket(Socket s, InputStream consumed, boolean autoClose) Creates a server mode Socket layered over an existing connected socket, and is able to read data which has already been consumed/removed from the Socket's underlying InputStream.
abstract Socket	createSocket(Socket s, String host, int port, boolean autoClose) Returns a socket layered over an existing socket connected to the named host, at the given port.
static SocketFactory	getDefault() Returns the default SSL socket factory.
abstract String[]	getDefaultCipherSuites() Returns the list of cipher suites which are enabled by default.
abstract String[]	getSupportedCipherSuites() Returns the names of the cipher suites which could be enabled for use on an SSL connection.

Methods inherited from class javax.net.SocketFactory

createSocket, createSocket, createSocket, createSocket, createSocket

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SSLSocketFactory

public SSLSocketFactory()

Constructor is used only by subclasses.

Method Detail

getDefault

public static SocketFactory getDefault()

Returns the default SSL socket factory.

The first time this method is called, the security property "ssl.SocketFactory.provider" is examined. If it is non-null, a class by that name is loaded and instantiated. If that is successful and the object is an instance of SSLSocketFactory, it is made the default SSL socket factory.

Otherwise, this method returns SSLContext.getDefault().getSocketFactory(). If that call fails, an inoperative factory is returned.

Returns:

the default SocketFactory

See Also:

SSLContext.getDefault()

getDefaultCipherSuites

public abstract String[] getDefaultCipherSuites()

Returns the list of cipher suites which are enabled by default. Unless a different list is enabled, handshaking on an SSL connection will use one of these cipher suites. The minimum quality of service for these defaults requires confidentiality protection and server authentication (that is, no anonymous cipher suites).

Returns:

array of the cipher suites enabled by default

See Also:

getSupportedCipherSuites()

getSupportedCipherSuites

public abstract String[] getSupportedCipherSuites()

Returns the names of the cipher suites which could be enabled for use on an SSL connection. Normally, only a subset of these will actually be enabled by default, since this list may include cipher suites which do not meet quality of service requirements for those defaults. Such cipher suites are useful in specialized applications.

Returns:

an array of cipher suite names

See Also:

getDefaultCipherSuites()

createSocket

public abstract Socket createSocket(Socket s,
                                    String host,
                                    int port,
                                    boolean autoClose)
                             throws IOException

Returns a socket layered over an existing socket connected to the named host, at the given port. This constructor can be used when tunneling SSL through a proxy or when negotiating the use of SSL over an existing socket. The host and port refer to the logical peer destination. This socket is configured using the socket options established for this factory.

Parameters:

s - the existing socket

host - the server host

port - the server port

autoClose - close the underlying socket when this socket is closed

Returns:

a socket connected to the specified host and port

Throws:

IOException - if an I/O error occurs when creating the socket

NullPointerException - if the parameter s is null

createSocket

public Socket createSocket(Socket s,
                           InputStream consumed,
                           boolean autoClose)
                    throws IOException

Creates a server mode Socket layered over an existing connected socket, and is able to read data which has already been consumed/removed from the Socket's underlying InputStream.

This method can be used by a server application that needs to observe the inbound data but still create valid SSL/TLS connections: for example, inspection of Server Name Indication (SNI) extensions (See section 3 of TLS Extensions (RFC6066)). Data that has been already removed from the underlying InputStream should be loaded into the consumed stream before this method is called, perhaps using a ByteArrayInputStream. When this Socket begins handshaking, it will read all of the data in consumed until it reaches EOF, then all further data is read from the underlying InputStream as usual.

The returned socket is configured using the socket options established for this factory, and is set to use server mode when handshaking (see SSLSocket.setUseClientMode(boolean)).

Parameters:

s - the existing socket

consumed - the consumed inbound network data that has already been removed from the existing Socket InputStream. This parameter may be null if no data has been removed.

autoClose - close the underlying socket when this socket is closed.

Returns:

the Socket compliant with the socket options established for this factory

Throws:

IOException - if an I/O error occurs when creating the socket

UnsupportedOperationException - if the underlying provider does not implement the operation

NullPointerException - if s is null

Since:

1.8