Directory SDK 4.1 for Java API Specification: Class JSSSocketFactory

Overview

Package

Class

Tree

Deprecated

Index

Help

LDAPJDK 4.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

netscape.ldap.factory
Class JSSSocketFactory

netscape.ldap.factory.JSSSocketFactory

public class JSSSocketFactory
implements java.io.Serializable, LDAPSocketFactory

Creates an SSL socket connection to a server, using the iPlanet JSS package. This class implements the LDAPSocketFactory interface.

NOTE: This class is iPlanet internal and is distributed only with iPlanet products.

By default, the factory is using "secmod.db", "key3.db" and "cert7.db" databases in the current directory. If you need to override this default setting, then you should call the static initialize method before creating the first instance of JSSSocketFactory.

       ...
       JSSSocketFactory.initialize("../mySecModDB", "../myKeyDB", "../myCertDB");
       LDAPConnection ld = new LDAPConnection(new JSSSocketFactory());
       ...

See Also:: LDAPSocketFactory, LDAPConnection.LDAPConnection(netscape.ldap.LDAPSocketFactory), Serialized Form

Field Summary

static java.lang.String defaultCertDB
          Default certificate database path "cert7.db".

static java.lang.String defaultKeyDB
          Default key database path = "key3.db".

static java.lang.String defaultModDB
          Default security module database path = "secmod.db".

Constructor Summary

JSSSocketFactory()
          Constructs a new JSSSocketFactory.

Method Summary

boolean approve(com.netscape.jss.crypto.X509Certificate serverCert, com.netscape.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)
          The default implementation of the SSLCertificateApprovalCallback interface.

java.lang.String getCertDB()
          Returns the full path of the certificate database.

static java.lang.String getKeyDB()
          Returns the full path of the key database.

static java.lang.String getModDB()
          Returns the full path of the security module database.

static void initialize(java.lang.String moddb, java.lang.String keydb, java.lang.String certdb)
          Initialize the JSS security subsystem.

java.net.Socket makeSocket(java.lang.String host, int port)
          Creates an SSL socket

Field Detail

defaultModDB

public static final java.lang.String defaultModDB

Default security module database path = "secmod.db".

defaultKeyDB

public static final java.lang.String defaultKeyDB

Default key database path = "key3.db".

defaultCertDB

public static final java.lang.String defaultCertDB

Default certificate database path "cert7.db".

Constructor Detail

JSSSocketFactory

public JSSSocketFactory()
                 throws LDAPException

Constructs a new JSSSocketFactory.

If the security system is not already initialized, initialize it using the default name and location for the security module database, key database and certificate databases. If you need to use non-default database files, then you must explicitly call the initialize method before calling this constructor.

Throws:: LDAPException - on initialization error
See Also:: initialize(java.lang.String, java.lang.String, java.lang.String)

Method Detail

initialize

public static void initialize(java.lang.String moddb,
                              java.lang.String keydb,
                              java.lang.String certdb)
                       throws LDAPException

Initialize the JSS security subsystem.

This method allows you to override the default name and location of the security module database, key database and certificate databases. The method may be called only once, before the first instance of JSSSocketFactory is created. When the first instance of JSSSocketFactory is created, the constructor will automatically initialize the security subsystem using the default database names, unless the security subsystem is already initialized.

Parameters:: moddb - The full path, relative or absolute, of the security module database.; keydb - The full path, relative or absolute, of the key database.; keydb - The full path, relative or absolute, of the certificate database.
Throws:: LDAPException - on initialization error

getModDB

public static java.lang.String getModDB()

Returns the full path of the security module database.

Returns:: The full path, relative or absolute, of the security module database.

getKeyDB

public static java.lang.String getKeyDB()

Returns the full path of the key database.

Returns:: The full path, relative or absolute, of the key database.

getCertDB

public java.lang.String getCertDB()

Returns the full path of the certificate database.

Returns:: The full path, relative or absolute, of the certificate database.

makeSocket

public java.net.Socket makeSocket(java.lang.String host,
                                  int port)
                           throws LDAPException

Creates an SSL socket

Specified by:: makeSocket in interface LDAPSocketFactory

Parameters:: host - Host name or IP address of SSL server; port - Port numbers of SSL server
Returns:: A socket for an encrypted session
Throws:: LDAPException - on error creating socket

approve

public boolean approve(com.netscape.jss.crypto.X509Certificate serverCert,
                       com.netscape.jss.ssl.SSLCertificateApprovalCallback.ValidityStatus status)

The default implementation of the SSLCertificateApprovalCallback interface.

This default implementation always returns true. If you need to verify the server certificate validity, then you should override this method.

Parameters:: serverCert - X509 Certificate; status - The validity of the server certificate
Returns:: true, by default we trust the certificate