Java Reference
In-Depth Information
javax.net.ssl.SSLServerSocketFactory.
The server program uses this
class to obtain an SSLServerSocket object.
javax.net.ssl.SSLSocketFactory.
The client program uses this class to
obtain an SSLSocket object.
The steps involved in creating a secure socket connection are slightly differ-
ent from those in a non-secure-socket connection (using the Socket and Sock-
etServer classes in the java.net package), so let's go through the details.
Secure Server Socket
The server application performs the following steps to create a secure server
socket:
1.
The server program starts with an SSLServerSocketFactory object,
which is not instantiated using the new keyword, but instead is
obtained using the following static method found in the SSLServer-
SocketFactory class:
public static ServerSocketFactory getDefault()
The getDefault() method returns the default SSL server socket factory. If
you have written your own factory, you can override the default factory by
denoting its class name using the ssl.ServerSocketFactory.provider
property.
2.
Use the server socket factory to create an SSLServerSocket object, which
listens on a specified port for client requests.
3.
Initialize the server socket with any necessary security settings.
4.
The SSLServerSocket invokes the accept() method to block and wait for
client connections.
The first step is to locate a server socket factory using the getDefault()
method. Notice that the return type of getDefault() is javax.net.ServerSocket-
Factory, the parent class of SSLServerSocketFactory. The ServerSocketFactory
class has four methods for creating a ServerSocket:
public ServerSocket createServerSocket(int port) throws IOException.
Creates a ServerSocket on the given port.
public ServerSocket createServerSocket(int port, int backlog) throws
IOException.
Creates a ServerSocket on the given port with the speci-
fied backlog, which determines the size of the queue containing clients
waiting to connect.
