public class PaymentServerSSLClient extends PaymentServerClient
A SSL context created by the constructor of the PaymentServerSSLClient have the following features.
We are not going to specify the (subset of available) cipher suites to use ... and just have SSL negotiate the suite to use depending on what version of the suites shipped with CAL. Note there may be several versions of CAL depending on where it is sold ... (US, export, etc.). If we later decide to define these: context.setEnabledCipherSuites("SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA");
There is no standard for SSL compression. IBM has compression methods but no Web Servers currently use them. Hence we're not going to specify it (it wouldn't help). If we later decide to define one: context.setEnabledCompressionMethods("IBM_ZIP_SPEED NULL");
Asynchronous connection support is required for PaymentServerClient#checkSocket to work properly.
There are 3 different timeout values that are SSL related. (We currently use the defaults). All values are set via the SSL context object and are in units of seconds....
TimeoutName Min Default Max Description (tells SSL to...)IMPORTANT NOTE: The Java SSL library keeps track of cached session information based on the target IP address, TCP port #, and context. When we connect to a payment server through a SOCKS server, it looks to the Java code that the target SSL server is the SOCKS server when in reality is the payment server host (i.e. it queries Java to get the remote IP@ and TCP port and sees the SOCKS server's values.) Because of this if we connect to one payment server through a SOCKS server then drop the connection then try to connect to a different payment server through the same SOCKS server, the Java SSL code will think we have already talked with that payment server and try to use the SSL session information cached for the first server and the connection will NOT come up. SO ... we need to be sure to clear the context's session cache when we have determined that the user is doing the above scenario to prevent this type of failure. To define these timeouts context.setTimeout(SSLContext.CONNECTION, 10);
----------- ----- --------- ------- ----------------------------------------------------
CONNECT 0 120 600 Give up after X seconds if handshake still not successful
CONNECTION 0 0 3600 Allow connection to be up this long. It brings it
down even if it has been recently active when this
timer pops. When it pops, if using an asynchronous
connection the connection keys are renegotiated and the
session automatically comes back up and the application
just sees a small delay.
0 means leave up indefinitely (not a secure thing to do).
SESSION 0 3600 86400 Session cache last this long (cacheing SSL session data
causes 2nd & later connects to the same server to be
quicker if they are in the cache.)
Constructor and Description |
---|
PaymentServerSSLClient()
Deprecated.
Create a PaymentServerSSLClient
|
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort)
Deprecated.
This constructor creates a Commerce Payments SSL client.
|
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.util.Hashtable httpHeaderFields)
Deprecated.
This constructor creates a Commerce Payments SSL client.
|
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort)
Deprecated.
This constructor creates a Commerce Payments SSL client.
|
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
Deprecated.
This constructor creates a Commerce Payments SSL client.
|
Modifier and Type | Method and Description |
---|---|
protected java.net.Socket | connect()
Deprecated.
connect - create and connect an SSL-protected socket
|
void | init(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
Deprecated.
This method initializes the PaymentServerSSLClient object.
|
public PaymentServerSSLClient()
public PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
public PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort)
public PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.util.Hashtable httpHeaderFields)
public PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort)
public void init(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
protected java.net.Socket connect() throws java.io.IOException