/* * * Copyright (c) 2006, Oracle and/or its affiliates. All rights reserved. * * Redistribution and use in source and binary forms, with or * without modification, are permitted provided that the following * conditions are met: * * -Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * -Redistribution in binary form must reproduct the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * Neither the name of Oracle nor the names of * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. * * This software is provided "AS IS," without a warranty of any * kind. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND * WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE HEREBY * EXCLUDED. SUN AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY * DAMAGES OR LIABILITIES SUFFERED BY LICENSEE AS A RESULT OF OR * RELATING TO USE, MODIFICATION OR DISTRIBUTION OF THE SOFTWARE OR * ITS DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE * FOR ANY LOST REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, * SPECIAL, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER * CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, ARISING OUT OF * THE USE OF OR INABILITY TO USE SOFTWARE, EVEN IF SUN HAS BEEN * ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. * * You acknowledge that Software is not designed, licensed or * intended for use in the design, construction, operation or * maintenance of any nuclear facility. */ import java.io.*; import java.net.*; import javax.net.ssl.*; import java.util.Date; import java.security.PrivilegedExceptionAction; import java.security.Principal; /* * Tests support for RFC 2712. Specify use of only a KRB5 cipher for both * client and server, by first doing a JAAS login for the server * without first doing a JAAS login for the client. */ public class JsseServer { private static final String KRB5_CIPHER = "TLS_KRB5_WITH_3DES_EDE_CBC_SHA"; private static final int PORT = 4569; private static final boolean verbose = false; private static final int LOOP_LIMIT = 1; private static int loopCount = 0; public static void main(String[] args) throws Exception { PrivilegedExceptionAction action = new JsseServerAction(PORT); Jaas.loginAndAction("server", action); } static class JsseServerAction implements PrivilegedExceptionAction { private int localPort; JsseServerAction(int port) { this.localPort = port; } public Object run() throws Exception { SSLServerSocketFactory sslssf = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault(); SSLServerSocket sslServerSocket = (SSLServerSocket) sslssf.createServerSocket(localPort); // Enable only a KRB5 cipher suite. String enabledSuites[] = { KRB5_CIPHER }; sslServerSocket.setEnabledCipherSuites(enabledSuites); // Should check for exception if enabledSuites is not supported while (loopCount++ < LOOP_LIMIT) { System.out.println("Waiting for incoming connection..."); SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept(); System.out.println("Got connection from client " + sslSocket.getInetAddress()); BufferedReader in = new BufferedReader(new InputStreamReader( sslSocket.getInputStream())); BufferedWriter out = new BufferedWriter(new OutputStreamWriter( sslSocket.getOutputStream())); String inStr = in.readLine(); System.out.println("Received " + inStr); String outStr = inStr + " " + new Date().toString() + "\n"; out.write(outStr); System.out.println("Sending " + outStr); out.flush(); String cipherSuiteChosen = sslSocket.getSession().getCipherSuite(); System.out.println("Cipher suite in use: " + cipherSuiteChosen); Principal self = sslSocket.getSession().getLocalPrincipal(); System.out.println("I am: " + self.toString()); Principal peer = sslSocket.getSession().getPeerPrincipal(); System.out.println("Client is: " + peer.toString()); sslSocket.close(); } return null; } } }