javax.net.ssl
Class SSLServerSocket

java.lang.Object
  |
  +--java.net.ServerSocket
        |
        +--javax.net.ssl.SSLServerSocket

public abstract class SSLServerSocket
extends java.net.ServerSocket

This class is extended by server sockets which return connections which are protected using the Secure Sockets Layer (SSL) protocol, and which extend the SSLSocket class.

Version:
1.8
Author:
David Brownell
See Also:
ServerSocket, SSLSocket

Method Summary
abstract  java.lang.String[] getEnabledCipherSuites()
          Returns the list of cipher suites which are currently enabled for use by newly accepted connections.
abstract  boolean getEnableSessionCreation()
          Returns true if new SSL sessions may be established by the sockets which are created from this server socket.
abstract  boolean getNeedClientAuth()
          Returns true if client authentication is required on newly accepted connections.
abstract  java.lang.String[] getSupportedCipherSuites()
          Returns the names of the cipher suites which could be enabled for use on an SSL connection.
abstract  boolean getUseClientMode()
          Returns true if accepted connections will be in SSL client mode.
abstract  void setEnabledCipherSuites(java.lang.String[] suites)
          Controls which particular SSL cipher suites are enabled for use by accepted connections.
abstract  void setEnableSessionCreation(boolean flag)
          Controls whether new SSL sessions may be established by the sockets which are created from this server socket.
abstract  void setNeedClientAuth(boolean flag)
          Controls whether the connections which are accepted must include client authentication.
abstract  void setUseClientMode(boolean flag)
          Controls whether accepted connections are in the (default) SSL server mode, or the SSL client mode.
 
Methods inherited from class java.net.ServerSocket
accept, close, getInetAddress, getLocalPort, getSoTimeout, setSocketFactory, setSoTimeout, toString
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Method Detail

getEnabledCipherSuites

public abstract java.lang.String[] getEnabledCipherSuites()
Returns the list of cipher suites which are currently enabled for use by newly accepted connections. If this has not been explicitly modified, a system-provided default guarantees a minimum quality of service in all enabled cipher suites.

There are several reasons why an enabled cipher suite might not actually be used. For example: the server socket might not have appropriate private keys available to it or the cipher suite might be anonymous, precluding the use of client authentication, while the server socket has been told to require that sort of authentication.

See Also:
getSupportedCipherSuites(), setEnabledCipherSuites(java.lang.String[])

setEnabledCipherSuites

public abstract void setEnabledCipherSuites(java.lang.String[] suites)
Controls which particular SSL cipher suites are enabled for use by accepted connections. The cipher suites must have been listed by getSupportedCipherSuites() as being supported. Suites which require authentication information which is not available in this ServerSocket's authentication context will not be used in any case, even if they are enabled.
Parameters:
suites - Names of all the cipher suites to enable; null means to accept system defaults.
See Also:
getSupportedCipherSuites(), getEnabledCipherSuites()

getSupportedCipherSuites

public abstract java.lang.String[] getSupportedCipherSuites()
Returns the names of the cipher suites which could be enabled for use on an SSL connection. Normally, only a subset of these will actually be enabled by default, since this list may include cipher suites which do not meet quality of service requirements for those defaults. Such cipher suites are useful in specialized applications.
Returns:
an array of cipher suite names
See Also:
getEnabledCipherSuites(), setEnabledCipherSuites(java.lang.String[])

setNeedClientAuth

public abstract void setNeedClientAuth(boolean flag)
Controls whether the connections which are accepted must include client authentication. By default, clients do not need to provide authentication information. This control requires the connection to be in the (default) SSL server mode.
Parameters:
flag - true if the clients must authenticate themselves.

getNeedClientAuth

public abstract boolean getNeedClientAuth()
Returns true if client authentication is required on newly accepted connections.
Returns:
true if the clients must authenticate themselves.
See Also:
setNeedClientAuth(boolean)

setUseClientMode

public abstract void setUseClientMode(boolean flag)
Controls whether accepted connections are in the (default) SSL server mode, or the SSL client mode. In rare cases, TCP servers need to act in the SSL client mode on newly accepted connections in order to reuse sessions. For example, FTP clients acquire server sockets and listen there for reverse connections, from the server. FTP clients would use SSLServerSockets in "client" mode, in order to reuse existing SSL sessions where the FTP client is acting as a client.
Parameters:
flag - true if newly accepted connections should use SSL client mode.

getUseClientMode

public abstract boolean getUseClientMode()
Returns true if accepted connections will be in SSL client mode.
Returns:
true if the connection should use SSL client mode.
See Also:
setUseClientMode(boolean)

setEnableSessionCreation

public abstract void setEnableSessionCreation(boolean flag)
Controls whether new SSL sessions may be established by the sockets which are created from this server socket.
Parameters:
flag - true indicates that sessions may be created; this is the default. false indicates that an existing session must be resumed.

getEnableSessionCreation

public abstract boolean getEnableSessionCreation()
Returns true if new SSL sessions may be established by the sockets which are created from this server socket.
Returns:
true indicates that sessions may be created; this is the default. false indicates that an existing session must be resumed.