001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 018 package org.apache.activemq; 019 020 import java.security.SecureRandom; 021 import javax.jms.JMSException; 022 import javax.net.ssl.KeyManager; 023 import javax.net.ssl.TrustManager; 024 025 import org.apache.activemq.broker.SslContext; 026 import org.apache.activemq.transport.Transport; 027 import org.apache.activemq.transport.tcp.SslTransportFactory; 028 import org.apache.activemq.util.JMSExceptionSupport; 029 030 /** 031 * An ActiveMQConnectionFactory that allows access to the key and trust managers 032 * used for SslConnections. There is no reason to use this class unless SSL is 033 * being used AND the key and trust managers need to be specified from within 034 * code. In fact, if the URI passed to this class does not have an "ssl" scheme, 035 * this class will pass all work on to its superclass. 036 * 037 * @author sepandm@gmail.com 038 */ 039 public class ActiveMQSslConnectionFactory extends ActiveMQConnectionFactory { 040 // The key and trust managers used to initialize the used SSLContext. 041 protected KeyManager[] keyManager; 042 protected TrustManager[] trustManager; 043 protected SecureRandom secureRandom; 044 045 /** 046 * Sets the key and trust managers used when creating SSL connections. 047 * 048 * @param km The KeyManagers used. 049 * @param tm The TrustManagers used. 050 * @param random The SecureRandom number used. 051 */ 052 public void setKeyAndTrustManagers(final KeyManager[] km, final TrustManager[] tm, final SecureRandom random) { 053 keyManager = km; 054 trustManager = tm; 055 secureRandom = random; 056 } 057 058 /** 059 * Overriding to make special considerations for SSL connections. If we are 060 * not using SSL, the superclass's method is called. If we are using SSL, an 061 * SslConnectionFactory is used and it is given the needed key and trust 062 * managers. 063 * 064 * @author sepandm@gmail.com 065 */ 066 protected Transport createTransport() throws JMSException { 067 // If the given URI is non-ssl, let superclass handle it. 068 if (!brokerURL.getScheme().equals("ssl")) { 069 return super.createTransport(); 070 } 071 072 try { 073 SslTransportFactory sslFactory = new SslTransportFactory(); 074 SslContext ctx = new SslContext(keyManager, trustManager, secureRandom); 075 SslContext.setCurrentSslContext(ctx); 076 return sslFactory.doConnect(brokerURL); 077 } catch (Exception e) { 078 throw JMSExceptionSupport.create("Could not create Transport. Reason: " + e, e); 079 } 080 } 081 }