Package org.apache.ignite.internal.util.nio.ssl

Class GridNioSslFilter

java.lang.Object

org.apache.ignite.internal.util.nio.GridNioFilterAdapter

org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter

All Implemented Interfaces:

GridNioFilter

public class GridNioSslFilter
extends GridNioFilterAdapter

Implementation of SSL filter using SSLEngine

Field Summary

Fields

Modifier and Type	Field	Description
static int	HANDSHAKE_FUT_META_KEY	SSL handshake future metadata key.
static String	SSL_HANDSHAKE_DURATION_HISTOGRAM_METRIC_NAME	The name of the metric that provides histogram of SSL handshake duration.
static String	SSL_REJECTED_SESSIONS_CNT_METRIC_NAME	The name of the metric that provides sessions count that were rejected due to SSL errors.

Fields inherited from class org.apache.ignite.internal.util.nio.GridNioFilterAdapter

nextFilter, prevFilter

Constructor Summary

Constructors

Constructor	Description
GridNioSslFilter(SSLContext sslCtx, boolean directBuf, ByteOrder order, IgniteLogger log, @Nullable MetricRegistryImpl mreg)	Creates SSL filter.

Method Summary

Modifier and Type	Method	Description
boolean	directMode()
void	directMode(boolean directMode)
void	enabledCipherSuites(String... enabledCipherSuites)	Sets a set of cipher suites that will be enabled for this filter.
void	enabledProtocols(String... enabledProtos)	Sets enabled secure protocols for this filter.
ByteBuffer	encrypt(GridNioSession ses, ByteBuffer input)
boolean	lock(GridNioSession ses)
void	needClientAuth(boolean needClientAuth)	Sets flag indicating whether client authentication will be required.
void	onExceptionCaught(GridNioSession ses, IgniteCheckedException ex)	Invoked when exception is caught in filter processing.
void	onMessageReceived(GridNioSession ses, Object msg)	Invoked when a new messages received.
GridNioFuture<Boolean>	onSessionClose(GridNioSession ses)	Invoked when a session close request is performed on session.
void	onSessionClosed(GridNioSession ses)	Invoked after session get closed.
void	onSessionIdleTimeout(GridNioSession ses)	Called when session is idle for longer time that is allowed by NIO server.
void	onSessionOpened(GridNioSession ses)	Invoked when a new session was created.
GridNioFuture<?>	onSessionWrite(GridNioSession ses, Object msg, boolean fut, IgniteInClosure<IgniteException> ackC)	Invoked when a write request is performed on a session.
void	onSessionWriteTimeout(GridNioSession ses)	Called when session has not empty write buffer that has not been fully flushed during max timeout allowed by NIO server.
void	unlock(GridNioSession ses)
void	wantClientAuth(boolean wantClientAuth)	Sets flag indicating whether client authentication will be requested during handshake.

Methods inherited from class org.apache.ignite.internal.util.nio.GridNioFilterAdapter

nextFilter, nextFilter, onPauseReads, onResumeReads, previousFilter, previousFilter, proceedExceptionCaught, proceedMessageReceived, proceedPauseReads, proceedResumeReads, proceedSessionClose, proceedSessionClosed, proceedSessionIdleTimeout, proceedSessionOpened, proceedSessionWrite, proceedSessionWriteTimeout, start, stop, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

HANDSHAKE_FUT_META_KEY

public static final int HANDSHAKE_FUT_META_KEY

SSL handshake future metadata key.

SSL_HANDSHAKE_DURATION_HISTOGRAM_METRIC_NAME

public static final String SSL_HANDSHAKE_DURATION_HISTOGRAM_METRIC_NAME

The name of the metric that provides histogram of SSL handshake duration.

See Also:

Constant Field Values

SSL_REJECTED_SESSIONS_CNT_METRIC_NAME

public static final String SSL_REJECTED_SESSIONS_CNT_METRIC_NAME

The name of the metric that provides sessions count that were rejected due to SSL errors.

See Also:

Constant Field Values

Constructor Detail

GridNioSslFilter

public GridNioSslFilter(SSLContext sslCtx,
                        boolean directBuf,
                        ByteOrder order,
                        IgniteLogger log,
                        @Nullable
                        @Nullable MetricRegistryImpl mreg)

Creates SSL filter.

Parameters:

sslCtx - SSL context.

directBuf - Direct buffer flag.

order - Byte order.

log - Logger to use.

mreg - Optional metric registry.

Method Detail

directMode

public void directMode(boolean directMode)

Parameters:

directMode - Flag indicating whether direct mode is used.

directMode

public boolean directMode()

Returns:

Flag indicating whether direct mode is used.

wantClientAuth

public void wantClientAuth(boolean wantClientAuth)

Sets flag indicating whether client authentication will be requested during handshake.

Parameters:

wantClientAuth - True if client authentication should be requested.

needClientAuth

public void needClientAuth(boolean needClientAuth)

Sets flag indicating whether client authentication will be required.

Parameters:

needClientAuth - True if client authentication is required.

enabledCipherSuites

public void enabledCipherSuites(String... enabledCipherSuites)

Sets a set of cipher suites that will be enabled for this filter.

Parameters:

enabledCipherSuites - Enabled cipher suites.

enabledProtocols

public void enabledProtocols(String... enabledProtos)

Sets enabled secure protocols for this filter.

Parameters:

enabledProtos - Enabled protocols.

onSessionOpened

public void onSessionOpened(GridNioSession ses)
                     throws IgniteCheckedException

Invoked when a new session was created.

Parameters:

ses - Opened session.

Throws:

IgniteCheckedException - If GridNioException occurred while handling event.

onSessionClosed

public void onSessionClosed(GridNioSession ses)
                     throws IgniteCheckedException

Invoked after session get closed.

Parameters:

ses - Closed session.

Throws:

IgniteCheckedException - If GridNioException occurred while handling event.

onExceptionCaught

public void onExceptionCaught(GridNioSession ses,
                              IgniteCheckedException ex)
                       throws IgniteCheckedException

Invoked when exception is caught in filter processing.

Parameters:

ses - Session that caused IgniteCheckedException.

ex - GridNioException instance.

Throws:

IgniteCheckedException - If IgniteCheckedException occurred while handling event.

lock

public boolean lock(GridNioSession ses)

Parameters:

ses - Session.

Returns:

SSL handshake flag.

unlock

public void unlock(GridNioSession ses)

Parameters:

ses - NIO session.

encrypt

public ByteBuffer encrypt(GridNioSession ses,
                          ByteBuffer input)
                   throws SSLException

Parameters:

ses - Session.

input - Data to encrypt.

Returns:

Output buffer with encrypted data.

Throws:

SSLException - If failed to encrypt.

onSessionWrite

public GridNioFuture<?> onSessionWrite(GridNioSession ses,
                                       Object msg,
                                       boolean fut,
                                       IgniteInClosure<IgniteException> ackC)
                                throws IgniteCheckedException

Invoked when a write request is performed on a session.

Parameters:

ses - Session on which message should be written.

msg - Message being written.

fut - True if write future should be created.

ackC - Closure invoked when message ACK is received.

Returns:

Write future or null.

Throws:

GridNioException - If GridNioException occurred while handling event.

IgniteCheckedException

onMessageReceived

public void onMessageReceived(GridNioSession ses,
                              Object msg)
                       throws IgniteCheckedException

Invoked when a new messages received.

Parameters:

ses - Session on which message was received.

msg - Received message.

Throws:

IgniteCheckedException - If IgniteCheckedException occurred while handling event.

onSessionClose

public GridNioFuture<Boolean> onSessionClose(GridNioSession ses)
                                      throws IgniteCheckedException

Invoked when a session close request is performed on session.

Parameters:

ses - Session to close.

Returns:

Close future.

Throws:

IgniteCheckedException - If IgniteCheckedException occurred while handling event.

onSessionIdleTimeout

public void onSessionIdleTimeout(GridNioSession ses)
                          throws IgniteCheckedException

Called when session is idle for longer time that is allowed by NIO server.

Parameters:

ses - Session that is idle.

Throws:

IgniteCheckedException - If filter is not in chain or GridNioException occurred in the underlying filter.

onSessionWriteTimeout

public void onSessionWriteTimeout(GridNioSession ses)
                           throws IgniteCheckedException

Called when session has not empty write buffer that has not been fully flushed during max timeout allowed by NIO server.

Parameters:

ses - Session that has timed out writes.

Throws:

IgniteCheckedException - If filter is not in chain or GridNioException occurred in the underlying filter.