javax.net.ssl.SSLParameters#setNeedClientAuth ( )源码实例Demo

下面列出了javax.net.ssl.SSLParameters#setNeedClientAuth ( ) 实例代码，或者点击链接到github查看源代码，也可以在右侧发表评论。

源代码1 项目： openjdk-jdk9 文件： Utils.java

public static SSLParameters copySSLParameters(SSLParameters p) {
    SSLParameters p1 = new SSLParameters();
    p1.setAlgorithmConstraints(p.getAlgorithmConstraints());
    p1.setCipherSuites(p.getCipherSuites());
    // JDK 8 EXCL START
    p1.setEnableRetransmissions(p.getEnableRetransmissions());
    p1.setMaximumPacketSize(p.getMaximumPacketSize());
    // JDK 8 EXCL END
    p1.setEndpointIdentificationAlgorithm(p.getEndpointIdentificationAlgorithm());
    p1.setNeedClientAuth(p.getNeedClientAuth());
    String[] protocols = p.getProtocols();
    if (protocols != null) {
        p1.setProtocols(protocols.clone());
    }
    p1.setSNIMatchers(p.getSNIMatchers());
    p1.setServerNames(p.getServerNames());
    p1.setUseCipherSuitesOrder(p.getUseCipherSuitesOrder());
    p1.setWantClientAuth(p.getWantClientAuth());
    return p1;
}

源代码2 项目： vespa 文件： DefaultTlsContext.java

private SSLParameters createSslParameters() {
    SSLParameters newParameters = sslContext.getDefaultSSLParameters();
    newParameters.setCipherSuites(validCiphers);
    newParameters.setProtocols(validProtocols);
    switch (peerAuthentication) {
        case WANT:
            newParameters.setWantClientAuth(true);
            break;
        case NEED:
            newParameters.setNeedClientAuth(true);
            break;
        case DISABLED:
            break;
        default:
            throw new UnsupportedOperationException("Unknown peer authentication: " + peerAuthentication);
    }
    return newParameters;
}

源代码3 项目： Bytecoder 文件： SSLConfiguration.java

SSLParameters getSSLParameters() {
    SSLParameters params = new SSLParameters();

    params.setAlgorithmConstraints(this.algorithmConstraints);
    params.setProtocols(ProtocolVersion.toStringArray(enabledProtocols));
    params.setCipherSuites(CipherSuite.namesOf(enabledCipherSuites));
    switch (this.clientAuthType) {
        case CLIENT_AUTH_REQUIRED:
            params.setNeedClientAuth(true);
            break;
        case CLIENT_AUTH_REQUESTED:
            params.setWantClientAuth(true);
            break;
        default:
            params.setWantClientAuth(false);
    }
    params.setEndpointIdentificationAlgorithm(this.identificationProtocol);

    if (serverNames.isEmpty() && !noSniExtension) {
        // 'null' indicates none has been set
        params.setServerNames(null);
    } else {
        params.setServerNames(this.serverNames);
    }

    if (sniMatchers.isEmpty() && !noSniMatcher) {
        // 'null' indicates none has been set
        params.setSNIMatchers(null);
    } else {
        params.setSNIMatchers(this.sniMatchers);
    }

    params.setApplicationProtocols(this.applicationProtocols);
    params.setUseCipherSuitesOrder(this.preferLocalCipherSuites);
    params.setEnableRetransmissions(this.enableRetransmissions);
    params.setMaximumPacketSize(this.maximumPacketSize);

    return params;
}

源代码4 项目： Tomcat8-Source-Read 文件： AbstractJsseEndpoint.java

protected SSLEngine createSSLEngine(String sniHostName, List<Cipher> clientRequestedCiphers,
        List<String> clientRequestedApplicationProtocols) {
    SSLHostConfig sslHostConfig = getSSLHostConfig(sniHostName);

    SSLHostConfigCertificate certificate = selectCertificate(sslHostConfig, clientRequestedCiphers);

    SSLContext sslContext = certificate.getSslContext();
    if (sslContext == null) {
        throw new IllegalStateException(
                sm.getString("endpoint.jsse.noSslContext", sniHostName));
    }

    SSLEngine engine = sslContext.createSSLEngine();
    engine.setUseClientMode(false);
    engine.setEnabledCipherSuites(sslHostConfig.getEnabledCiphers());
    engine.setEnabledProtocols(sslHostConfig.getEnabledProtocols());

    SSLParameters sslParameters = engine.getSSLParameters();
    String honorCipherOrderStr = sslHostConfig.getHonorCipherOrder();
    if (honorCipherOrderStr != null) {
        boolean honorCipherOrder = Boolean.parseBoolean(honorCipherOrderStr);
        JreCompat.getInstance().setUseServerCipherSuitesOrder(sslParameters, honorCipherOrder);
    }

    if (JreCompat.isJre9Available() && clientRequestedApplicationProtocols != null
            && clientRequestedApplicationProtocols.size() > 0
            && negotiableProtocols.size() > 0) {
        // Only try to negotiate if both client and server have at least
        // one protocol in common
        // Note: Tomcat does not explicitly negotiate http/1.1
        // TODO: Is this correct? Should it change?
        List<String> commonProtocols = new ArrayList<>();
        commonProtocols.addAll(negotiableProtocols);
        commonProtocols.retainAll(clientRequestedApplicationProtocols);
        if (commonProtocols.size() > 0) {
            String[] commonProtocolsArray = commonProtocols.toArray(new String[commonProtocols.size()]);
            JreCompat.getInstance().setApplicationProtocols(sslParameters, commonProtocolsArray);
        }
    }
    switch (sslHostConfig.getCertificateVerification()) {
    case NONE:
        sslParameters.setNeedClientAuth(false);
        sslParameters.setWantClientAuth(false);
        break;
    case OPTIONAL:
    case OPTIONAL_NO_CA:
        sslParameters.setWantClientAuth(true);
        break;
    case REQUIRED:
        sslParameters.setNeedClientAuth(true);
        break;
    }
    // The getter (at least in OpenJDK and derivatives) returns a defensive copy
    engine.setSSLParameters(sslParameters);

    return engine;
}

方法所在类

javax.net.ssl.SSLParameters