1
/*___INFO__MARK_BEGIN__*/
2
/*************************************************************************
4
* The Contents of this file are made available subject to the terms of
5
* the Sun Industry Standards Source License Version 1.2
7
* Sun Microsystems Inc., March, 2001
10
* Sun Industry Standards Source License Version 1.2
11
* =================================================
12
* The contents of this file are subject to the Sun Industry Standards
13
* Source License Version 1.2 (the "License"); You may not use this file
14
* except in compliance with the License. You may obtain a copy of the
15
* License at http://gridengine.sunsource.net/Gridengine_SISSL_license.html
17
* Software provided under this License is provided on an "AS IS" basis,
18
* WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING,
19
* WITHOUT LIMITATION, WARRANTIES THAT THE SOFTWARE IS FREE OF DEFECTS,
20
* MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE, OR NON-INFRINGING.
21
* See the License for the specific provisions governing your rights and
22
* obligations concerning the Software.
24
* The Initial Developer of the Original Code is: Sun Microsystems, Inc.
26
* Copyright: 2006 by Sun Microsystems, Inc
28
* All Rights Reserved.
30
************************************************************************/
31
/*___INFO__MARK_END__*/
32
package com.sun.grid.jgdi.management;
34
import javax.net.ssl.KeyManager;
37
import com.sun.grid.security.login.GECATrustManager;
38
import com.sun.grid.security.login.GECAKeyManager;
40
import java.security.KeyStore;
41
import java.util.HashMap;
43
import java.util.concurrent.locks.Lock;
44
import java.util.concurrent.locks.ReentrantLock;
45
import javax.net.ssl.SSLContext;
46
import javax.net.ssl.SSLSocketFactory;
47
import javax.net.ssl.TrustManager;
50
* Helper class for SSL setup.
52
public final class SSLHelper {
54
private final static String SSL_PROTOCOL = "SSL";
55
private static SSLContext ctx;
56
private static final GECAKeyManager keyManager = new GECAKeyManager();
57
private static final GECATrustManager trustManager = new GECATrustManager();
58
private static final Lock lock = new ReentrantLock();
60
private SSLHelper(File caTop) {
61
trustManager.setCaTop(caTop);
64
private static final Lock instanceLock = new ReentrantLock();
65
private static final Map<File,SSLHelper> instanceMap = new HashMap<File,SSLHelper>();
68
* Get the instance of the SSLHelper by the caTop directory
69
* @param caTop the caTop directory
70
* @return the SSLHelper
72
public static SSLHelper getInstanceByCaTop(File caTop) {
76
ret = instanceMap.get(caTop);
79
ret = new SSLHelper(caTop);
80
instanceMap.put(caTop, ret);
83
instanceLock.unlock();
89
* Get the instance of the SSLHelper
90
* @param sgeRoot the sge root directory of the addressed cluster
91
* @param cell the cell name of of the addressed cluster
92
* @return the SSLHelper
94
public static SSLHelper getInstance(File sgeRoot, String cell) {
95
File caTop = new File(sgeRoot, cell + File.separator + "common" + File.separator + "sgeCA");
96
return getInstanceByCaTop(caTop);
100
private void initSSLContext() {
105
ctx = SSLContext.getInstance(SSL_PROTOCOL);
106
ctx.init(new KeyManager[]{keyManager},
107
new TrustManager[]{trustManager},
109
} catch (Exception ex) {
110
throw new SecurityException("Cannot create SSLContext", ex);
119
* Set the keystore for the JGDI ssl context
120
* @param ks the keystore
121
* @param pw the password for the keystore
123
void setKeystore(KeyStore ks, char [] pw) {
127
keyManager.setKeystore(ks, pw);
134
* Set the keystore for the JGDI ssl context
135
* @param keystore the keystore file
136
* @param pw the password for the keystore
138
void setKeystore(File keystore, char [] pw) {
142
keyManager.setKeystore(keystore, pw);
149
* Reset the JGDI ssl context
162
* Get the ssl socket factory for the application
163
* @return the socket factor for the application
165
SSLSocketFactory getSocketFactory() {
169
return (SSLSocketFactory) SSLSocketFactory.getDefault();
171
return ctx.getSocketFactory();