Class ConnectionConfiguration


  • public class ConnectionConfiguration
    extends Object
    Configuration for a socket connection. Instances of this class are thread-safe, with the exception of the internal state of the #bindAddress property.
    Author:
    Guus der Kinderen, guus.der.kinderen@gmail.com
    • Constructor Detail

      • ConnectionConfiguration

        public ConnectionConfiguration​(ConnectionType type,
                                       boolean enabled,
                                       int maxThreadPoolSize,
                                       int maxBufferSize,
                                       Connection.ClientAuth clientAuth,
                                       InetAddress bindAddress,
                                       int port,
                                       Connection.TLSPolicy tlsPolicy,
                                       CertificateStoreConfiguration identityStoreConfiguration,
                                       CertificateStoreConfiguration trustStoreConfiguration,
                                       boolean acceptSelfSignedCertificates,
                                       boolean verifyCertificateValidity,
                                       Set<String> encryptionProtocols,
                                       Set<String> encryptionCipherSuites,
                                       Connection.CompressionPolicy compressionPolicy,
                                       boolean strictCertificateValidation)
        Parameters:
        type - the connection type
        enabled - is the connection enabled or disabled
        maxThreadPoolSize - The maximum number of threads that are to be used to processing network activity. Must be equal to or larger than one.
        maxBufferSize - The maximum amount of bytes of the read buffer that I/O processor allocates per each read, or a non-positive value to configure no maximum.
        clientAuth - specification if peers should be authenticated ('mutual authentication') (cannot be null).
        bindAddress - The network address on which connections are accepted, or null when any local address can be used.
        port - The TCP port number on which connections are accepted (must be a valid TCP port number).
        tlsPolicy - The TLS policy that is applied to connections (cannot be null).
        identityStoreConfiguration - the certificates the server identify as
        trustStoreConfiguration - the certificates the server trusts
        acceptSelfSignedCertificates - true to accept self-signed certificates, otherwise false
        verifyCertificateValidity - true to accept self-signed certificates, otherwise false
        encryptionProtocols - the set of protocols supported
        encryptionCipherSuites - the set of ciphers supported
        compressionPolicy - the compression policy
        strictCertificateValidation - true to abort connections if certificate validation fails, otherwise false
    • Method Detail

      • getMaxThreadPoolSize

        public int getMaxThreadPoolSize()
      • getMaxBufferSize

        public int getMaxBufferSize()
      • getPort

        public int getPort()
      • isAcceptSelfSignedCertificates

        public boolean isAcceptSelfSignedCertificates()
        A boolean that indicates if self-signed peer certificates can be used to establish an encrypted connection.
        Returns:
        true when self-signed certificates are accepted, otherwise false.
      • isVerifyCertificateValidity

        public boolean isVerifyCertificateValidity()
        A boolean that indicates if the current validity of certificates (based on their 'notBefore' and 'notAfter' property values) is used when they are used to establish an encrypted connection.
        Returns:
        true when certificates are required to be valid to establish an encrypted connection, otherwise false.
      • getEncryptionProtocols

        public Set<String> getEncryptionProtocols()
        A collection of protocol names that can be used for encryption of connections. When non-empty, the list is intended to specify those protocols (from a larger collection of implementation- supported protocols) that can be used to establish encryption. The order over which values are iterated in the result is equal to the order of values in the comma-separated configuration string. This can, but is not guaranteed to, indicate preference.
        Returns:
        An (ordered) set of protocols, never null but possibly empty.
      • getEncryptionCipherSuites

        public Set<String> getEncryptionCipherSuites()
        A collection of cipher suite names that can be used for encryption of connections. When non-empty, the list is intended to specify those cipher suites (from a larger collection of implementation- supported cipher suites) that can be used to establish encryption. The order over which values are iterated in the result is equal to the order of values in the comma-separated configuration string. This can, but is not guaranteed to, indicate preference.
        Returns:
        An (ordered) set of cipher suites, never null but possibly empty.
      • getTrustStore

        public TrustStore getTrustStore()
      • isEnabled

        public boolean isEnabled()
      • isStrictCertificateValidation

        public boolean isStrictCertificateValidation()
        A boolean that indicates if the connection should be aborted if certificate validation fails. When true Openfire strictly follows RFC 6120, section 13.7.2
        Returns:
        true when connections are aborted if certificate validation fails, otherwise false.