Package org.jivesoftware.openfire.spi
Class ConnectionConfiguration
- java.lang.Object
-
- org.jivesoftware.openfire.spi.ConnectionConfiguration
-
public class ConnectionConfiguration extends Object
Configuration for a socket connection. Instances of this class are thread-safe, with the exception of the internal state of the #bindAddress property.- Author:
- Guus der Kinderen, guus.der.kinderen@gmail.com
-
-
Constructor Summary
Constructors Constructor Description ConnectionConfiguration(ConnectionType type, boolean enabled, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocols, Set<String> encryptionCipherSuites, Connection.CompressionPolicy compressionPolicy, boolean strictCertificateValidation)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description InetAddress
getBindAddress()
Connection.ClientAuth
getClientAuth()
Connection.CompressionPolicy
getCompressionPolicy()
Set<String>
getEncryptionCipherSuites()
A collection of cipher suite names that can be used for encryption of connections.Set<String>
getEncryptionProtocols()
A collection of protocol names that can be used for encryption of connections.IdentityStore
getIdentityStore()
CertificateStoreConfiguration
getIdentityStoreConfiguration()
int
getMaxBufferSize()
int
getMaxThreadPoolSize()
int
getPort()
Connection.TLSPolicy
getTlsPolicy()
TrustStore
getTrustStore()
CertificateStoreConfiguration
getTrustStoreConfiguration()
ConnectionType
getType()
boolean
isAcceptSelfSignedCertificates()
A boolean that indicates if self-signed peer certificates can be used to establish an encrypted connection.boolean
isEnabled()
boolean
isStrictCertificateValidation()
A boolean that indicates if the connection should be aborted if certificate validation fails.boolean
isVerifyCertificateValidity()
A boolean that indicates if the current validity of certificates (based on their 'notBefore' and 'notAfter' property values) is used when they are used to establish an encrypted connection.
-
-
-
Constructor Detail
-
ConnectionConfiguration
public ConnectionConfiguration(ConnectionType type, boolean enabled, int maxThreadPoolSize, int maxBufferSize, Connection.ClientAuth clientAuth, InetAddress bindAddress, int port, Connection.TLSPolicy tlsPolicy, CertificateStoreConfiguration identityStoreConfiguration, CertificateStoreConfiguration trustStoreConfiguration, boolean acceptSelfSignedCertificates, boolean verifyCertificateValidity, Set<String> encryptionProtocols, Set<String> encryptionCipherSuites, Connection.CompressionPolicy compressionPolicy, boolean strictCertificateValidation)
- Parameters:
type
- the connection typeenabled
- is the connection enabled or disabledmaxThreadPoolSize
- The maximum number of threads that are to be used to processing network activity. Must be equal to or larger than one.maxBufferSize
- The maximum amount of bytes of the read buffer that I/O processor allocates per each read, or a non-positive value to configure no maximum.clientAuth
- specification if peers should be authenticated ('mutual authentication') (cannot be null).bindAddress
- The network address on which connections are accepted, or null when any local address can be used.port
- The TCP port number on which connections are accepted (must be a valid TCP port number).tlsPolicy
- The TLS policy that is applied to connections (cannot be null).identityStoreConfiguration
- the certificates the server identify astrustStoreConfiguration
- the certificates the server trustsacceptSelfSignedCertificates
-true
to accept self-signed certificates, otherwisefalse
verifyCertificateValidity
-true
to accept self-signed certificates, otherwisefalse
encryptionProtocols
- the set of protocols supportedencryptionCipherSuites
- the set of ciphers supportedcompressionPolicy
- the compression policystrictCertificateValidation
-true
to abort connections if certificate validation fails, otherwisefalse
-
-
Method Detail
-
getTlsPolicy
public Connection.TLSPolicy getTlsPolicy()
-
getCompressionPolicy
public Connection.CompressionPolicy getCompressionPolicy()
-
getType
public ConnectionType getType()
-
getMaxThreadPoolSize
public int getMaxThreadPoolSize()
-
getMaxBufferSize
public int getMaxBufferSize()
-
getClientAuth
public Connection.ClientAuth getClientAuth()
-
getBindAddress
public InetAddress getBindAddress()
-
getPort
public int getPort()
-
getIdentityStoreConfiguration
public CertificateStoreConfiguration getIdentityStoreConfiguration()
-
getTrustStoreConfiguration
public CertificateStoreConfiguration getTrustStoreConfiguration()
-
isAcceptSelfSignedCertificates
public boolean isAcceptSelfSignedCertificates()
A boolean that indicates if self-signed peer certificates can be used to establish an encrypted connection.- Returns:
- true when self-signed certificates are accepted, otherwise false.
-
isVerifyCertificateValidity
public boolean isVerifyCertificateValidity()
A boolean that indicates if the current validity of certificates (based on their 'notBefore' and 'notAfter' property values) is used when they are used to establish an encrypted connection.- Returns:
- true when certificates are required to be valid to establish an encrypted connection, otherwise false.
-
getEncryptionProtocols
public Set<String> getEncryptionProtocols()
A collection of protocol names that can be used for encryption of connections. When non-empty, the list is intended to specify those protocols (from a larger collection of implementation- supported protocols) that can be used to establish encryption. The order over which values are iterated in the result is equal to the order of values in the comma-separated configuration string. This can, but is not guaranteed to, indicate preference.- Returns:
- An (ordered) set of protocols, never null but possibly empty.
-
getEncryptionCipherSuites
public Set<String> getEncryptionCipherSuites()
A collection of cipher suite names that can be used for encryption of connections. When non-empty, the list is intended to specify those cipher suites (from a larger collection of implementation- supported cipher suites) that can be used to establish encryption. The order over which values are iterated in the result is equal to the order of values in the comma-separated configuration string. This can, but is not guaranteed to, indicate preference.- Returns:
- An (ordered) set of cipher suites, never null but possibly empty.
-
getIdentityStore
public IdentityStore getIdentityStore()
-
getTrustStore
public TrustStore getTrustStore()
-
isEnabled
public boolean isEnabled()
-
isStrictCertificateValidation
public boolean isStrictCertificateValidation()
A boolean that indicates if the connection should be aborted if certificate validation fails. When true Openfire strictly follows RFC 6120, section 13.7.2- Returns:
- true when connections are aborted if certificate validation fails, otherwise false.
-
-