Class JSSSocketFactory

java.lang.Object
netscape.ldap.factory.JSSSocketFactory
All Implemented Interfaces:
Serializable, LDAPSocketFactory, LDAPTLSSocketFactory, org.mozilla.jss.ssl.SSLCertificateApprovalCallback

public class JSSSocketFactory extends Object implements Serializable, LDAPTLSSocketFactory, org.mozilla.jss.ssl.SSLCertificateApprovalCallback
Creates an SSL socket connection to a server, using the Netscape/Mozilla JSS package. This class implements the LDAPSocketFactory interface.

By default, the factory uses "secmod.db", "key*.db" and "cert*.db" databases in the current directory. If you need to override this default setting, then you should use the constructor JSSSocketFactory(certdbDir).

Version:
1.1
See Also:
  • Nested Class Summary

    Nested classes/interfaces inherited from interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback

    org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityItem, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus
  • Constructor Summary

    Constructors
    Constructor
    Description
    Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.
    Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.
  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    approve(org.mozilla.jss.crypto.X509Certificate serverCert, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
    The default implementation of the SSLCertificateApprovalCallback interface.
    static void
    initialize(String certdbDir)
    Initialize the JSS security subsystem.
    makeSocket(String host, int port)
    Creates an SSL socket
    Creates an SSL socket layered over an existing socket.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Constructor Details

    • JSSSocketFactory

      public JSSSocketFactory() throws LDAPException
      Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.

      The current directory is assumed to be the certificate database directory.

      Throws:
      LDAPException - on initialization error
      See Also:
    • JSSSocketFactory

      public JSSSocketFactory(String certdbDir) throws LDAPException
      Constructs a new JSSSocketFactory, initializing the JSS security system if it has not already been initialized.
      Parameters:
      certdbDir - The full path, relative or absolute, of the certificate database directory
      Throws:
      LDAPException - on initialization error
  • Method Details

    • initialize

      public static void initialize(String certdbDir) throws LDAPException
      Initialize the JSS security subsystem.

      This method allows you to override the current directory as the default certificate database directory. The directory is expected to contain secmod.db, key*.db and cert*.db files as the security module database, key database and certificate database respectively.

      The method may be called only once, before the first instance of JSSSocketFactory is created. When creating the first instance, the constructor will automatically initialize the JSS security subsystem using the defaults, unless it is already initialized.

      Parameters:
      certdbDir - The full path, relative or absolute, of the certificate database directory.
      Throws:
      LDAPException - on initialization error
      See Also:
    • makeSocket

      public Socket makeSocket(String host, int port) throws LDAPException
      Creates an SSL socket
      Specified by:
      makeSocket in interface LDAPSocketFactory
      Parameters:
      host - Host name or IP address of SSL server
      port - Port numbers of SSL server
      Returns:
      A socket for an encrypted session
      Throws:
      LDAPException - on error creating socket
      See Also:
    • approve

      public boolean approve(org.mozilla.jss.crypto.X509Certificate serverCert, org.mozilla.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
      The default implementation of the SSLCertificateApprovalCallback interface.

      This default implementation always returns true. If you need to verify the server certificate validity, then you should override this method.

      Specified by:
      approve in interface org.mozilla.jss.ssl.SSLCertificateApprovalCallback
      Parameters:
      serverCert - X509 Certificate
      status - The validity of the server certificate
      Returns:
      true, by default we trust the certificate
    • makeSocket

      public Socket makeSocket(Socket s) throws LDAPException
      Creates an SSL socket layered over an existing socket. Used for the startTLS implementation (RFC2830).
      Specified by:
      makeSocket in interface LDAPTLSSocketFactory
      Parameters:
      s - An existing non-SSL socket
      Returns:
      A SSL socket layered over the input socket
      Throws:
      LDAPException - on error creating socket
      Since:
      LDAPJDK 4.17
      See Also: