Re: SSL configuration - Support needed

Wed, 08 Dec 2010 09:42:52 -0800 

There are a number of ways to do it, but

you'll need something along the lines of

       final SSLContext sslContext = getSslContext();
       final SslFilter sslFilter = new SslFilter(sslContext);
       // sslFilter.setUseClientMode(false);

       sslFilter.setNeedClientAuth(getMutualAuth());

       final String[] enabledProtocols = getEnabledProtocols();
       if (ValidationUtil.notEmpty(enabledProtocols)) {
           sslFilter.setEnabledProtocols(enabledProtocols);
       }

       final String[] enabledCipherSuites = getEnabledCipherSuites();
       if (ValidationUtil.notEmpty(enabledCipherSuites)) {
           sslFilter.setEnabledCipherSuites(enabledCipherSuites);
       }

       chain.addLast("sslFilter", sslFilter);

and

getSslContext() {

           final URL keyStoreUrl = <url>;
           final KeyStoreFactory keyStoreFactory = new KeyStoreFactory();
           keyStoreFactory.setDataUrl(keyStoreUrl);
           keyStoreFactory.setPassword(keyStorePassword);

           final URL trustStoreUrl = <url>;
           final KeyStoreFactory trustStoreFactory = new KeyStoreFactory();
           trustStoreFactory.setDataUrl(trustStoreUrl);
           trustStoreFactory.setPassword(trustStorePassword);
final SslContextFactory sslContextFactory = new SslContextFactory(); 
           final KeyStore keyStore = keyStoreFactory.newInstance();
           sslContextFactory.setKeyManagerFactoryKeyStore(keyStore);

           final KeyStore trustStore = trustStoreFactory.newInstance();
           sslContextFactory.setTrustManagerFactoryKeyStore(trustStore);
sslContextFactory.setKeyManagerFactoryKeyStorePassword(keyManagerKeyStorePassword); 

           final SSLContext sslContext = sslContextFactory.newInstance();


Note you also have to set up the truststore on the client.


On 12/7/2010 10:00 PM, Gift Samuel wrote:

Hi ,
I am a new bee to Apache mina. I would like to write a client/server program
using Apache mina with SSL. With out SSL the below code works fine,

*MinaTimeClient.java*

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.charset.Charset;
import org.apache.mina.core.RuntimeIoException;
import org.apache.mina.core.future.ConnectFuture;
import org.apache.mina.core.service.IoConnector;
import org.apache.mina.core.session.IdleStatus;
import org.apache.mina.core.session.IoSession;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.apache.mina.filter.codec.textline.TextLineCodecFactory;
import org.apache.mina.filter.logging.LoggingFilter;
import org.apache.mina.transport.socket.nio.NioSocketConnector;

/**
 * @Since
 * @author giftsam
 */
public class MinaTimeClient
{
    private static final int PORT = 9123;

    public static void main(String[] args) throws IOException,
InterruptedException
    {
        IoConnector connector = new NioSocketConnector();
        connector.getSessionConfig().setReadBufferSize(2048);

        connector.getFilterChain().addLast("logger", new LoggingFilter());
        connector.getFilterChain().addLast("codec", new
ProtocolCodecFilter(new TextLineCodecFactory(Charset.forName("UTF-8"))));

        connector.setHandler(new TimeClientHandler("Test"));
        ConnectFuture future = connector.connect(new
InetSocketAddress("192.168.0.28", PORT));
        future.awaitUninterruptibly();

        if (!future.isConnected())
        {
            return;
        }
        IoSession session = future.getSession();

      session.getConfig().setUseReadOperation(true);
      session.getCloseFuture().awaitUninterruptibly();

        System.out.println("After Writing");
        connector.dispose();

    }
}

*MinaTimeServer.java*

import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.charset.Charset;

import org.apache.mina.core.session.IdleStatus;
import org.apache.mina.core.service.IoAcceptor;
import org.apache.mina.filter.codec.ProtocolCodecFilter;
import org.apache.mina.filter.codec.textline.TextLineCodecFactory;
import org.apache.mina.filter.logging.LoggingFilter;
import org.apache.mina.transport.socket.nio.NioSocketAcceptor;

public class MinaTimeServer
{
    private static final int PORT = 9123;

    public static void main(String[] args) throws IOException
    {
        IoAcceptor acceptor = new NioSocketAcceptor();

        acceptor.getFilterChain().addLast("logger", new LoggingFilter());
        acceptor.getFilterChain().addLast("codec", new
ProtocolCodecFilter(new TextLineCodecFactory(Charset.forName("UTF-8"))));

        acceptor.setHandler(new TimeServerHandler());
        acceptor.getSessionConfig().setReadBufferSize(2048);
        acceptor.getSessionConfig().setIdleTime(IdleStatus.BOTH_IDLE, 10);
        acceptor.bind(new InetSocketAddress(PORT));
    }
}

The preceding codes works file without SSL, But what I have to do if I want
made the transactions with SSL. I had investigated a lot. But I couldnt find
the answer. Please help me.

Thanks & Regards,
Gift Sam

Reply via email to