ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/sec/secjssesvrex.htm

281 lines
9.5 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">
<title>Example: JSSE server servlet</title>
</head>
<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>
<h6><a name="secjssesvrex"></a>Example: JSSE server servlet</h6>
<pre>/*
*
* This material contains programming source code for your
* consideration. These examples have not been thoroughly
* tested under all conditions. IBM, therefore, cannot
* guarantee or imply reliability, serviceability, or function
* of these program. All programs contained herein are
* provided to you &quot;AS IS&quot;. THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* ARE EXPRESSLY DISCLAIMED. IBM provides no program services for
* these programs and files.
*
*/
import java.io.*;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.Security;
import java.security.KeyStore;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSession;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.ibm.net.ssl.SSLContext;
import com.ibm.net.ssl.TrustManagerFactory;
import com.ibm.net.ssl.KeyManagerFactory;
/*
* ServerJsse and ClientJsse
*
* Sample applications to demonstrate a simple client/server interaction using JSSE.
* They will communicate using all enabled cipher suites.
*
* The ServerJsse and ClientJsse use different KeyStore files called
* &quot;clientAppKeys.jks&quot; and &quot;serverAppKeys.jks&quot; protected by a password and assumed
* to be in the current directory. In a real application, the client and server
* should also have their own KeyStore files.
*
* You can build these sample program classes by issuing the following command but
* first make sure that the ibmjsse.jar file shipped in the
* &quot;WAS_PRODUCT_ROOT/java/ext&quot; is in your CLASSPATH or extensions directory.
* This is a servlet, so you also need &quot;WAS_PRODUCT_ROOT/lib/j2ee.jar to compile.
*
* javac ServerJsse.java
* javac ClientJsse.java
*
*
* Running the client/server application requires that the Server is started first
* and then the Client application.
*
* To start the ServerJsse, run the following command:
*
* java ServerJsse <em>port</em>
*
* The ServerJsse uses port 8050 by default. Once ServerJsse has started it waits
* for the ClientJsse connection.
*
* To start the client, issue the following command:
*
* java ClientJsse <em>hostname:port</em>
*
* where <em>hostname:port</em> is the name of the host:port running SeverJsse.
* The default is localhost:8050.
*
*/
public class ServerJsse extends HttpServlet {
static int N = 50, L = 100, R = 2;
static PrintWriter out = new PrintWriter(System.out);
static SSLContext sslContext;
// Open up the KeyStore to obtain the Trusted Certificates.
// KeyStore is of type &quot;JKS&quot;. Filename is &quot;serverAppKeys.jks&quot;
// and password is &quot;myKeys&quot;.
private static void initContext() throws Exception {
try {
Security.addProvider(new com.ibm.jsse.JSSEProvider());
KeyStore ks = KeyStore.getInstance(&quot;JKS&quot;);
ks.load(new FileInputStream(&quot;serverAppKeys.jks&quot;), &quot;myKeys&quot;.toCharArray());
KeyManagerFactory kmf = KeyManagerFactory.getInstance(&quot;IbmX509&quot;);
kmf.init(ks, &quot;myKeys&quot;.toCharArray());
TrustManagerFactory tmf = TrustManagerFactory.getInstance(&quot;IbmX509&quot;);
tmf.init(ks);
sslContext = SSLContext.getInstance(&quot;SSL&quot;);
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
}
catch (Exception e) {
out.println(&quot;Failed to read serverAppKeys.jks file.&quot;);
e.printStackTrace();
throw e;
}
}
public void doGet(HttpServletRequest q, HttpServletResponse r) {
r.setContentType(&quot;text/html&quot;);
String[] args = new String[1];
args[0] = getInitParameter(&quot;port&quot;);
// send result to the caller
try {
out = r.getWriter();
out.println(&quot;&lt;html&gt;&quot;);
out.println(&quot;&lt;head&gt;&lt;title&gt;Server JSSE Session&lt;/title&gt;&lt;/head&gt;&quot;);
out.println(&quot;&lt;body&gt;&quot;);
out.println(&quot;&lt;h1&gt;Server JSSE Session (starting) &lt;/h1&gt;&quot;);
out.flush();
out.println(&quot;&lt;pre&gt;&quot;);
main(args);
out.println(&quot;&lt;/pre&gt;&quot;);
out.println(&quot;&lt;/body&gt;&lt;/html&gt;&quot;);
out.flush();
out.close();
}
catch (Exception e) {
out.println(&quot;Exception in ServerJsse Servlet: &quot; + e.getMessage());
e.printStackTrace();
}
}//end public void doGet(...)
/* Entry point for ServerJsse as stand alone application.
* @param args no parameters required
*/
public static void main(String args[]) throws Exception {
int i, j, len, portint;
String port = &quot;8050&quot;;
if ((args != null) &amp;&amp; (args.length &gt; 0)) {
port = args[0];
}
portint = (new Integer(port)).intValue();
if (args.length &gt; 1)
N = Integer.parseInt(args[0]);
if (args.length &gt; 2)
L = Integer.parseInt(args[1]);
byte buffer[] = new byte[L];
out.println(&quot;SERVER: started.&quot;);
initContext();
try {
out.println(&quot;ServerJsse: SSL server context created.&quot;);
SSLServerSocketFactory factory = sslContext.getServerSocketFactory();
// Get and print the list of supported enabled cipher suites
String enabled[] = factory.getSupportedCipherSuites();
out.println(&quot;ServerJsse: enabled cipher suites&quot;);
for (i=0; i &lt; enabled.length; i++)
out.println(enabled[i]);
out.flush();
// Create an SSL session over port 8050
SSLServerSocket ssl_server_sock =
(SSLServerSocket)factory.createServerSocket(portint);
SSLSocket ssl_sock;
InputStream istr;
OutputStream ostr;
long t;
while (buffer[0] != -1) {
for (int n=0; n&lt;R; n++) {
try {
ssl_sock = (SSLSocket)(ssl_server_sock.accept());
ssl_sock.setEnabledCipherSuites(enabled);
ssl_sock.startHandshake();
SSLSession session = ssl_sock.getSession();
out.println(&quot; &quot;);
out.println(&quot;\nServerJsse: SSL connection established&quot;);
out.println(&quot; cipher suite: &quot; + session.getCipherSuite());
}
catch (IOException se) {
out.println(&quot;ServerJsse: client connection refused\n&quot; + se);
break;
}
if (L &gt; 0) {
istr = ssl_sock.getInputStream();
ostr = ssl_sock.getOutputStream();
t = System.currentTimeMillis();
for (j=0;j&lt;N;j++) {
for (len = 0;;) {
try {
if ((i = istr.read(buffer, len, L-len)) == -1) {
out.println(&quot;ServerJsse: connection dropped by partner.&quot;);
ssl_sock.close();
return;
}
}
catch (InterruptedIOException e) {
out.println(&quot;waiting&quot;);
continue;
}
if ((len+=i) == L) break;
}
ostr.write(buffer, 0, L);
}
out.println(&quot;Messages = &quot; + N*2 + &quot;; Time = &quot; +
(System.currentTimeMillis() - t));
}
ssl_sock.close();
}
}
ssl_server_sock.close();
out.println(&quot;ServerJsse: SSL connection closed.&quot;);
out.flush();
Thread.sleep(1000);
// Example using plain sockets
if (L &gt; 0) {
ServerSocket server_sock = new ServerSocket(portint);
Socket sock = server_sock.accept();
out.println(&quot; &quot;);
out.println(&quot;\nServerJsse: Plain Socket connection accepted.&quot;);
istr = sock.getInputStream();
ostr = sock.getOutputStream();
t = System.currentTimeMillis();
for (j=0;j&lt;N;j++) {
for (len = 0;;) {
if ((i = istr.read(buffer, len, L-len)) == -1) {
out.println(&quot;ServerJsse: connection dropped by partner.&quot;);
return;
}
if ((len+=i) == L) break;
}
ostr.write(buffer, 0, L);
}
out.println(&quot;Messages = &quot; + N*2 + &quot;; Time = &quot; +
(System.currentTimeMillis() - t));
sock.close();
server_sock.close();
out.println(&quot;ServerJsse: Plain Socket connection closed.&quot;);
Thread.sleep(1000);
}
}
catch (IOException e) {
e.printStackTrace();
}
catch (InterruptedException f) {
f.printStackTrace();
}
out.println(&quot; &quot;);
out.println(&quot;ServerJsse: terminated.&quot;);
out.flush();
}//end main(...)
}//end class</pre>
</body>
</html>