Examples of javax.rmi.ssl.SslRMIClientSocketFactory

• javax.rmi.ssl.SslRMIClientSocketFactory

  An SslRMIClientSocketFactory instance is used by the RMI runtime in order to obtain client sockets for RMI calls via SSL.

  This class implements RMIClientSocketFactory over the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols.

  This class creates SSL sockets using the default SSLSocketFactory (see {@link SSLSocketFactory#getDefault}). All instances of this class are functionally equivalent. In particular, they all share the same truststore, and the same keystore when client authentication is required by the server. This behavior can be modified in subclasses by overriding the {@link #createSocket(String,int)}method; in that case, {@link #equals(Object) equals} and {@link #hashCode() hashCode} may also need to be overridden.

  If the system property javax.rmi.ssl.client.enabledCipherSuites is specified, the {@link #createSocket(String,int)} method will call {@link SSLSocket#setEnabledCipherSuites(String[])} before returning thesocket. The value of this system property is a string that is a comma-separated list of SSL/TLS cipher suites to enable.

  If the system property javax.rmi.ssl.client.enabledProtocols is specified, the {@link #createSocket(String,int)} method will call {@link SSLSocket#setEnabledProtocols(String[])} before returning thesocket. The value of this system property is a string that is a comma-separated list of SSL/TLS protocol versions to enable.

  @see javax.net.ssl.SSLSocketFactory @see javax.rmi.ssl.SslRMIServerSocketFactory @since 1.5

                           appRegistry.getConfiguration().getManagementKeyStorePassword());
                }
            }

            //create the SSL RMI socket factories
            csf = new SslRMIClientSocketFactory();
            ssf = new SslRMIServerSocketFactory();

            _log.warn("Starting JMX ConnectorServer on port '"+ port + "' (+" +
                     (port +PORT_EXPORT_OFFSET) + ") with SSL");
            _startupLog.warn("Starting JMX ConnectorServer on port '"+ port + "' (+" +

public class SslRMIClientSocketFactoryTest extends TestCase {

    public void testSslRMIClientSocketFactory() {

        SslRMIClientSocketFactory factory = new SslRMIClientSocketFactory();
        SslRMIClientSocketFactory factory1 = new SslRMIClientSocketFactory();
        assertTrue(factory.equals(factory1));
        assertTrue(factory1.equals(factory));
    }

        assertTrue(factory1.equals(factory));
    }

    public void testCreateSocket() throws Exception {

        SslRMIClientSocketFactory factoryCln = new SslRMIClientSocketFactory();
        SslRMIServerSocketFactory factorySrv = new SslRMIServerSocketFactory();

        ServerSocket ssocket = factorySrv.createServerSocket(0);
        SSLSocket csocket = (SSLSocket) factoryCln.createSocket("localhost",
                ssocket.getLocalPort());
        csocket.close();
        ssocket.close();

        String old = System
                .getProperty("javax.rmi.ssl.client.enabledCipherSuites");
        try {
            System.setProperty("javax.rmi.ssl.client.enabledCipherSuites",
                    "Incorrect");
            ssocket = factorySrv.createServerSocket(0);
            try {
                factoryCln.createSocket("localhost", ssocket.getLocalPort());
                fail("No expected IOException");
            } catch (IOException e) {
            }
            ssocket.close();
        } finally {

            RMIClientSocketFactory csf = null;
            RMIServerSocketFactory ssf = null;

            // Configure SSL for RMI connection if required
            if (rmiSSL) {
                csf = new SslRMIClientSocketFactory();
                ssf = new SslRMIServerSocketFactory(ciphers, protocols,
                            clientAuth);
            }

            // Force the use of local ports if required

        final Map<String, Object> jmxEnv = new HashMap<String, Object>();

        //SSL Options
        final String enableSSL = System.getProperty(JMX_SSL_PROPERTY);
        if (Boolean.getBoolean(enableSSL)) {
            SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
            jmxEnv.put(RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE, csf);

            SslRMIServerSocketFactory ssf = new SslRMIServerSocketFactory();
            jmxEnv.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, ssf);
        }

                           appRegistry.getConfiguration().getManagementKeyStorePassword());
                }
            }

            //create the SSL RMI socket factories
            csf = new SslRMIClientSocketFactory();
            ssf = new SslRMIServerSocketFactory();
        }
        else
        {
            //Do not specify any specific RMI socket factories, resulting in use of the defaults.

        if (enableSsl) {
          // Environment map
          log.debug("Initialize the environment map");
          env = new HashMap();
          // Provide SSL-based RMI socket factories
          SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
          SslRMIServerSocketFactory ssf = new SslRMIServerSocketFactory();
          env
              .put(
                  RMIConnectorServer.RMI_CLIENT_SOCKET_FACTORY_ATTRIBUTE,
                  csf);

            final Map<String,Object> env = new HashMap<String,Object>();
            // Provide the SSL/TLS-based RMI Client Socket Factory required
            // by the JNDI/RMI Registry Service Provider to communicate with
            // the SSL/TLS-protected RMI Registry

            SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
            env.put("com.sun.jndi.rmi.factory.socket", csf);
                    String urlStr = "service:jmx:rmi:///jndi/rmi://" +
                            MbeanService.getInstance().getHost(instanceName) + ":" +
                            MbeanService.getInstance().getJMXPort(instanceName) + "/jmxrmi";
                    JMXServiceURL url = new JMXServiceURL(urlStr);

            Logging.initializeErrorLog(dataDirectory + "logs/error.log"); // the error log is needed by the userbase

            // SOCKET FACTORIES
            // Because these things don't throw any exceptions that can be caught when they crash and burn, there's little we can do about usability.
            SslRMIClientSocketFactory csf = new SslRMIClientSocketFactory();
            SslRMIServerSocketFactory ssf = new SslRMIServerSocketFactory(null, null, true); // if we need client authentication, we should pass "true" here as the last argument (hopefully it will work with the other values set to null)

            // REGISTRY
            // w00t, since we use .createRegistry(..) we don't need to have the rmiregistry app running in the background. this is more user friendly
            // this is also the only way, since we are using ssl sockets for the registry

    public RmiRemoteUserbase(String host, int port, int retry) throws IOException, NotBoundException {
        this.host = host;
        this.port = port;
        this.retry = retry;
        registry = LocateRegistry.getRegistry(host, port, new SslRMIClientSocketFactory());
        rmi = (RmiDelegateUserbase) registry.lookup("userbase");
        if (rmi.isUp()) {
            System.out.println("Located remote userbase at " + host + ':' + port);
        } else {
            //System.err.println("Failed to connect to userbase. (Found registry)");