com.ibm.etill.framework.clientapi
Class PaymentServerSSLClient

java.lang.Object
  com.ibm.etill.framework.clientapi.PaymentServerClient
      com.ibm.etill.framework.clientapi.PaymentServerSSLClient

public class PaymentServerSSLClient
extends PaymentServerClient

A PaymentServerSSLClient communicates with Commerce Payments over an SSL connection.

A SSL context created by the constructor of the PaymentServerSSLClient have the following features.

We are not going to specify the (subset of available) cipher suites to use ... and just have SSL negotiate the suite to use depending on what version of the suites shipped with CAL. Note there may be several versions of CAL depending on where it is sold ... (US, export, etc.). If we later decide to define these: context.setEnabledCipherSuites("SSL_RSA_WITH_RC4_128_MD5 SSL_RSA_WITH_RC4_128_SHA");

There is no standard for SSL compression. IBM has compression methods but no Web Servers currently use them. Hence we're not going to specify it (it wouldn't help). If we later decide to define one: context.setEnabledCompressionMethods("IBM_ZIP_SPEED NULL");

Asynchronous connection support is required for PaymentServerClient#checkSocket to work properly.

There are 3 different timeout values that are SSL related. (We currently use the defaults). All values are set via the SSL context object and are in units of seconds....

          TimeoutName     Min     Default     Max      Description (tells SSL to...) 

          -----------    -----   ---------  -------    ---------------------------------------------------- 

          CONNECT          0        120        600     Give up after X seconds if handshake still not successful 

          CONNECTION       0          0       3600     Allow connection to be up this long.  It brings it 

                                                       down even if it has been recently active when this 

                                                       timer pops.  When it pops, if using an asynchronous 

                                                       connection the connection keys are renegotiated and the 

                                                       session automatically comes back up and the application 

                                                       just sees a small delay. 

                                                       0 means leave up indefinitely (not a secure thing to do). 

          SESSION          0       3600      86400     Session cache last this long (cacheing SSL session data 

                                                       causes 2nd & later connects to the same server to be 

                                                       quicker if they are in the cache.) 
    
IMPORTANT NOTE: The Java SSL library keeps track of cached session information based on the target IP address, TCP port #, and context. When we connect to a payment server through a SOCKS server, it looks to the Java code that the target SSL server is the SOCKS server when in reality is the payment server host (i.e. it queries Java to get the remote IP@ and TCP port and sees the SOCKS server's values.) Because of this if we connect to one payment server through a SOCKS server then drop the connection then try to connect to a different payment server through the same SOCKS server, the Java SSL code will think we have already talked with that payment server and try to use the SSL session information cached for the first server and the connection will NOT come up. SO ... we need to be sure to clear the context's session cache when we have determined that the user is doing the above scenario to prevent this type of failure. To define these timeouts context.setTimeout(SSLContext.CONNECTION, 10);

Field Summary
Fields inherited from class com.ibm.etill.framework.clientapi.PaymentServerClient
dtdPath, hostName, httpHeaderFields, lastRequest, lastXML, socket, socksHostName, socksPort, tcpPort
Constructor Summary
PaymentServerSSLClient()
Create a PaymentServerSSLClient
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort)
This constructor creates a Commerce Payments SSL client.
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.util.Hashtable httpHeaderFields)
This constructor creates a Commerce Payments SSL client.
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort)
This constructor creates a Commerce Payments SSL client.
PaymentServerSSLClient(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
This constructor creates a Commerce Payments SSL client.
Method Summary
protected java.net.Socket connect()
connect - create and connect an SSL-protected socket
void init(java.lang.String dtdPath, java.lang.String hostName, int tcpPort, java.lang.String socksHostName, int socksPort, java.util.Hashtable httpHeaderFields)
This method initializes the PaymentServerSSLClient object.
Methods inherited from class com.ibm.etill.framework.clientapi.PaymentServerClient
addLocaleToHttpHeader, close, finalize, getHostname, getHTTPHeaderFields, getLastRequest, getLastXML, getPort, getSocksHostname, getSocksPort, init, init, init, issueCommand, issueCommand, issueCommand, issueCommand
Methods inherited from class java.lang.Object
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PaymentServerSSLClient

public PaymentServerSSLClient()
Create a PaymentServerSSLClient

PaymentServerSSLClient

public PaymentServerSSLClient(java.lang.String dtdPath,
                              java.lang.String hostName,
                              int tcpPort,
                              java.lang.String socksHostName,
                              int socksPort,
                              java.util.Hashtable httpHeaderFields)
This constructor creates a Commerce Payments SSL client.
Parameters:
hostName - -- host name of Commerce Payments.
tcpPort - -- port number of the HTTP server used by Commerce Payments. Default is 80.
socksHostName - -- socks server's host name.
socksPort - -- socks server's port number.
httpHeaderFields - -- the HTTP header fields hashtable

PaymentServerSSLClient

public PaymentServerSSLClient(java.lang.String dtdPath,
                              java.lang.String hostName,
                              int tcpPort,
                              java.lang.String socksHostName,
                              int socksPort)
This constructor creates a Commerce Payments SSL client.
Parameters:
hostName - -- host name of Commerce Payments.
tcpPort - -- port number of the HTTP server used by Commerce Payments. Default is 80.
socksHostName - -- socks server's host name.
socksPort - -- socks server's port number.

PaymentServerSSLClient

public PaymentServerSSLClient(java.lang.String dtdPath,
                              java.lang.String hostName,
                              int tcpPort,
                              java.util.Hashtable httpHeaderFields)
This constructor creates a Commerce Payments SSL client.
Parameters:
hostName - -- host name of Commerce Payments.
tcpPort - -- port number of the HTTP server used by Commerce Payments. Default is 80.
httpHeaderFields - -- the HTTP header fields hashtable

PaymentServerSSLClient

public PaymentServerSSLClient(java.lang.String dtdPath,
                              java.lang.String hostName,
                              int tcpPort)
This constructor creates a Commerce Payments SSL client.
Parameters:
hostName - -- host name of Commerce Payments.
tcpPort - -- port number of the HTTP server used by Commerce Payments. Default is 80.
Method Detail

init

public void init(java.lang.String dtdPath,
                 java.lang.String hostName,
                 int tcpPort,
                 java.lang.String socksHostName,
                 int socksPort,
                 java.util.Hashtable httpHeaderFields)
This method initializes the PaymentServerSSLClient object. In addition to initialize the value in the superclass of PaymentServerClient, it also sets up SSL related values.
Overrides:
init in class PaymentServerClient
Parameters:
hostName - -- host name of Commerce Payments.
tcpPort - -- port number of the HTTP server used by Commerce Payments. Default is 80.
socksHostName - -- socks server's host name.
socksPort - -- socks server's port number.
httpHeaderFields - -- the HTTP header fields hashtable

connect

protected java.net.Socket connect()
                           throws java.io.IOException
connect - create and connect an SSL-protected socket
Overrides:
connect in class PaymentServerClient
Returns:
SSL socket connection
Throws:
java.io.IOException - if unable to make SSL connection

Feedback