A Simple Client/Server J2SE Application
Let's start with a basic client/server J2SE application. In this app, the client sends a message to the server and the server returns it to the client. To stop the application, the client sends a message to the server saying "Bye!" (obviously the scope of this application is trivial—what's important is that you follow the customization process).
Before taking a look at the client and the server, you'll need to define a certificate using the keytool tool (you have to be familiar with this tool to understand the next paragraph):
C:\>keytool -genkey -keystore SSLcert -storepass e1002qa2
What is your first and last name?
[Unknown]: localhost
What is the name of your organizational unit?
[Unknown]: none
What is the name of your organization?
[Unknown]: none
What is the name of your City or Locality?
[Unknown]: Bucuresti
What is the name of your State or Province?
[Unknown]: Bucuresti
What is the two-letter country code for this unit?
[Unknown]: RO
Is CN=localhost, OU=none, O=none, L=Bucuresti, ST=Bucuresti, C=RO correct?
[no]: yes
Enter key password for <mykey>
(RETURN if same as keystore password): CR
While the CN field is normally represented by the name of server host, in this example, the server will run on the local host, so the CN field has the localhost value. Place this certificate into the C:\j2sse\server\ and C:\j2sse\client\ directories.
Listing 1 shows the server. Listing 2 shows the client.
Notice that if SSL has not been configured properly for your virtual machine, the factories shown in the above listing will report instantiation exceptions.
The SSLContext Class
When you talk about customization of an J2SE application, the first thing to consider is the javax.net.ssl.SSLContext class. This class provides methods for setting and configuring the desired protocol and is the manager of all the SSL socket factories and SSL engines—every SSL socket or SSL engine is controlled by the current SSLContext.
You may not immediately discern an immediate use for SSLContext in the sample J2SSE application, but that's because this class is working for you from behind the scenes. When you call the SSLSocketFactory.getDefault method or the SSLServerSocketFactory.getDefault method, Java creates and initializes a default SSLContext object. For simple applications, like our sample app, this context is all that you need. But if your application is more complex, you'll have create your own contexts (SSLContexts).
To create a SSLContext object, you have to use one of the following static methods:
public static SSLContext getInstance(String protocol) throws
NoSuchAlgorithmException
public static SSLContext getInstance(String protocol, String provider) throws
NoSuchAlgorithmException, NoSuchProviderException
public static SSLContext getInstance(String protocol, Provider provider) throws
NoSuchAlgorithmException
As you can see, the protocol argument is common to all getInstance methods. This argument represents a standard name of a protocol (for example, SSL, SSLv2, SSLv3, TLS, TLSv1). If the specified protocol name is not recognized or is not implemented, a NoSuchAlgorithmException will be thrown. The last two getInstance methods permit you to specify, by name, the provider of the cryptographic services. If the specified provider is not correctly configured, a NoSuchProviderException will be thrown. If the specified protocol is not implemented by the current provider, a NoSuchAlgorithmException will be thrown. Remember that the default provider's name is SunJSSE. Here are two examples of calling the getInstance methods:
SSLContext context=SSLContext.getInstance("SSLv3");
SSLContext context=SSLContext.getInstance("TLS","SunJSSE");
After you get a context you must initialize it. The initialization parameters are:
- A key manager: Represented by the
KeyManager interface.
- A trust certificate manager: Represented by the
TrustManager interface.
- A cryptographically random number generator (RNG): Represented by the
SecureRandom class.
To initialize these parameters, call the SSLContext.init method:
-
public final void init(KeyManager[] KM, TrustManager[] TM, SecureRandom RNG) This throws KeyManagementException. The arguments of this method represent:
-
KM : Represents an array of KeyManagers. If this argument is null, an empty KeyManager will be used.
-
TM: Represents an array of TrustManagers. If this argument is null, J2SSE searches for the right TrustManager in the TrustManagerFactory implementation with the highest priority.
-
RNG: Random Number Generator represents a cryptographically random number generator. If this argument is null, the default generator will be used.
New on the Java Boutique:
New Review:
Time Management Made Easy with the Quartz Enterprise Job Scheduler
Why not just use the Java timer API? This open source scheduling
API boasts simplicity, ease-of-integration, a well-rounded feature
set, and it's free!
New Applet:
Reverse Complement
Reverse Complement is a simple applet that converts DNA or RNA
sequences into three useful formats.
Elsewhere on internet.com:
WebDeveloper Java
Lots of Java information on webdeveloper.com
WDVL Java
Thorough Java resource at the Web Developer's Virtual Library.
ScriptSearch Java
Hundreds of free Java code files to download.
jGuru: Your View of the Java Universe
Customizable portal with online training, FAQs, regular news updates, and tutorials.
|
