Index: server/openejb-server/src/main/java/org/apache/openejb/server/ServiceDaemon.java =================================================================== --- server/openejb-server/src/main/java/org/apache/openejb/server/ServiceDaemon.java (revision 652071) +++ server/openejb-server/src/main/java/org/apache/openejb/server/ServiceDaemon.java (working copy) @@ -16,12 +16,22 @@ */ package org.apache.openejb.server; +import org.apache.openejb.util.LogCategory; import org.apache.openejb.util.Logger; -import org.apache.openejb.util.LogCategory; -import java.io.*; -import java.net.*; -import java.util.*; +import javax.net.ServerSocketFactory; +import javax.net.ssl.SSLServerSocket; +import javax.net.ssl.SSLServerSocketFactory; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.InetAddress; +import java.net.ServerSocket; +import java.net.Socket; +import java.net.SocketException; +import java.net.SocketTimeoutException; +import java.net.UnknownHostException; +import java.util.Properties; /** */ @@ -44,8 +54,10 @@ boolean stop = true; private int backlog; + private String ip; + private boolean secure; public ServiceDaemon(ServerService next) { this.next = next; @@ -76,6 +88,16 @@ } } + public static boolean getBoolean(Properties p, String property, boolean defaultValue){ + String value = p.getProperty(property); + try { + if (value != null) return Boolean.parseBoolean(value); + else return defaultValue; + } catch (NumberFormatException e) { + return defaultValue; + } + } + public void setSoTimeout(int timeout) throws SocketException { this.timeout = timeout; if (socketListener != null) { @@ -108,6 +130,8 @@ backlog = getInt(props, "backlog", threads); + secure = getBoolean(props, "secure", false); + next.init(props); } @@ -122,7 +146,15 @@ ServerSocket serverSocket; try { - serverSocket = new ServerSocket(port, backlog, address); + if (secure) { + ServerSocketFactory factory = SSLServerSocketFactory.getDefault(); + serverSocket = factory.createServerSocket(port, backlog, address); + final String[] enabledCipherSuites = { "SSL_DH_anon_WITH_RC4_128_MD5" }; + ((SSLServerSocket) serverSocket).setEnabledCipherSuites(enabledCipherSuites); + } else { + serverSocket = new ServerSocket(port, backlog, address); + } + port = serverSocket.getLocalPort(); serverSocket.setSoTimeout(timeout); } catch (Exception e) { Index: server/openejb-client/src/main/java/org/apache/openejb/client/SocketConnectionFactory.java =================================================================== --- server/openejb-client/src/main/java/org/apache/openejb/client/SocketConnectionFactory.java (revision 652071) +++ server/openejb-client/src/main/java/org/apache/openejb/client/SocketConnectionFactory.java (working copy) @@ -24,6 +24,8 @@ import java.net.URI; import java.net.ConnectException; import java.util.Properties; +import javax.net.ssl.SSLSocketFactory; +import javax.net.ssl.SSLSocket; public class SocketConnectionFactory implements ConnectionFactory { @@ -45,11 +47,24 @@ InputStream socketIn = null; protected void open(URI uri) throws IOException { + /*-----------------------*/ /* Open socket to server */ /*-----------------------*/ try { - socket = new Socket(uri.getHost(), uri.getPort()); + if (uri.getScheme().equalsIgnoreCase("ejbds")) { + SSLSocket sslSocket = (SSLSocket) SSLSocketFactory.getDefault().createSocket(uri.getHost(), uri.getPort()); + // use an anonymous cipher suite so that a KeyManager or + // TrustManager is not needed + // NOTE: this assumes that the cipher suite is known. A check + // -should- be done first. + final String[] enabledCipherSuites = {"SSL_DH_anon_WITH_RC4_128_MD5"}; + sslSocket.setEnabledCipherSuites(enabledCipherSuites); + socket = sslSocket; + } else { + socket = new Socket(uri.getHost(), uri.getPort()); + } + socket.setTcpNoDelay(true); } catch (ConnectException e) { throw new ConnectException("Cannot connect to server '"+uri.toString()+"'. Check that the server is started and that the specified serverURL is correct.");