/** * {@inheritDoc} * * <p>This implementation allows for configuration of the need and want settings for client * authentication, but ignores the enabled cipher suites and protocols as they are not client and * server side specific in an {@code SSLEngine}. Consequently, overriding them here would be a bit * odd as the server side specific configuration shouldn't really override a shared client/server * configuration option. */ @Override protected List<Configurer<SSLEngine>> getSSLEngineConfigurers(SSLContext context) { // NOTE: if the super class gets additional shared configuration options beyond // cipher suites and protocols, this method needs to address that. // As is, we do NOT pass the configurers along for those two settings. List<Configurer<SSLEngine>> sslEngineConfigurers = new LinkedList<Configurer<SSLEngine>>(); if (this.getClientAuthentication() != null) { final ClientAuthentication clientAuthValue = ClientAuthentication.valueOf(this.parsePropertyValue(this.getClientAuthentication())); Configurer<SSLEngine> sslEngineConfigurer = new Configurer<SSLEngine>() { @Override public SSLEngine configure(SSLEngine engine) { switch (clientAuthValue) { case NONE: engine.setWantClientAuth(false); engine.setNeedClientAuth(false); break; case WANT: engine.setWantClientAuth(true); break; case REQUIRE: engine.setNeedClientAuth(true); break; default: throw new RuntimeCamelException( "Unknown ClientAuthentication value: " + clientAuthValue); } return engine; } }; sslEngineConfigurers.add(sslEngineConfigurer); } return sslEngineConfigurers; }
@Override protected List<Configurer<SSLServerSocket>> getSSLServerSocketFactorySSLServerSocketConfigurers( SSLContext context) { List<Configurer<SSLServerSocket>> sslServerSocketConfigurers = super.getSSLServerSocketFactorySSLServerSocketConfigurers(context); if (this.getClientAuthentication() != null) { final ClientAuthentication clientAuthValue = ClientAuthentication.valueOf(this.parsePropertyValue(this.getClientAuthentication())); Configurer<SSLServerSocket> sslServerSocketConfigurer = new Configurer<SSLServerSocket>() { @Override public SSLServerSocket configure(SSLServerSocket socket) { switch (clientAuthValue) { case NONE: socket.setWantClientAuth(false); socket.setNeedClientAuth(false); break; case WANT: socket.setWantClientAuth(true); break; case REQUIRE: socket.setNeedClientAuth(true); break; default: throw new RuntimeCamelException( "Unknown ClientAuthentication value: " + clientAuthValue); } return socket; } }; sslServerSocketConfigurers.add(sslServerSocketConfigurer); } return sslServerSocketConfigurers; }