diff --git a/src/main/java/io/cdap/http/SSLConfig.java b/src/main/java/io/cdap/http/SSLConfig.java index 6e513b6..100bad1 100644 --- a/src/main/java/io/cdap/http/SSLConfig.java +++ b/src/main/java/io/cdap/http/SSLConfig.java @@ -27,14 +27,19 @@ public class SSLConfig { private final String certificatePassword; private final File trustKeyStore; private final String trustKeyStorePassword; + private final long sessionTimeoutInSeconds; + private final long sessionCacheSize; private SSLConfig(File keyStore, String keyStorePassword, - String certificatePassword, File trustKeyStore, String trustKeyStorePassword) { + String certificatePassword, File trustKeyStore, String trustKeyStorePassword, + long sessionCacheSize, long sessionTimeoutInSeconds) { this.keyStore = keyStore; this.keyStorePassword = keyStorePassword; this.certificatePassword = certificatePassword; this.trustKeyStore = trustKeyStore; this.trustKeyStorePassword = trustKeyStorePassword; + this.sessionCacheSize = sessionCacheSize; + this.sessionTimeoutInSeconds = sessionTimeoutInSeconds; } /** @@ -72,6 +77,20 @@ public String getTrustKeyStorePassword() { return trustKeyStorePassword; } + /** + * @return size of cache used for storing SSL session objects. + */ + public long getSessionCacheSize() { + return sessionCacheSize; + } + + /** + * @return timeout for the cached SSL session objects, in seconds. + */ + public long getSessionTimeoutInSeconds() { + return sessionTimeoutInSeconds; + } + /** * Creates a builder for the SSLConfig. * @@ -92,10 +111,14 @@ public static class Builder { private String certificatePassword; private File trustKeyStore; private String trustKeyStorePassword; + private long sessionTimeoutInSeconds; + private long sessionCacheSize; private Builder(File keyStore, String keyStorePassword) { this.keyStore = keyStore; this.keyStorePassword = keyStorePassword; + this.sessionCacheSize = 10000L; + this.sessionTimeoutInSeconds = 60L; } /** @@ -120,6 +143,28 @@ public Builder setTrustKeyStore(File trustKeyStore) { return this; } + /** + * Set the SSL session object timeout in seconds. + * + * @param sessionTimeoutInSeconds time in seconds. + * @return an instance of {@code Builder}. + */ + public Builder setSessionTimeoutInSecond(long sessionTimeoutInSeconds) { + this.sessionTimeoutInSeconds = sessionTimeoutInSeconds; + return this; + } + + /** + * Set the SSL session object cache. + * + * @param sessionCacheSize size of SSL session object to be cached. + * @return an instance of {@code Builder}. + */ + public Builder setSessionCacheSize(long sessionCacheSize) { + this.sessionCacheSize = sessionCacheSize; + return this; + } + /** * Set trust KeyStore password. * @@ -144,7 +189,8 @@ public SSLConfig build() { if (keyStorePassword == null) { throw new IllegalArgumentException("KeyStore Password Not Configured"); } - return new SSLConfig(keyStore, keyStorePassword, certificatePassword, trustKeyStore, trustKeyStorePassword); + return new SSLConfig(keyStore, keyStorePassword, certificatePassword, trustKeyStore, trustKeyStorePassword, + sessionCacheSize, sessionTimeoutInSeconds); } } } diff --git a/src/main/java/io/cdap/http/SSLHandlerFactory.java b/src/main/java/io/cdap/http/SSLHandlerFactory.java index 6be7adf..68aac2a 100644 --- a/src/main/java/io/cdap/http/SSLHandlerFactory.java +++ b/src/main/java/io/cdap/http/SSLHandlerFactory.java @@ -58,7 +58,8 @@ public SSLHandlerFactory(SSLConfig sslConfig) { tmf.init(tks); builder.trustManager(tmf); } - + builder.sessionTimeout(sslConfig.getSessionTimeoutInSeconds()); + builder.sessionCacheSize(sslConfig.getSessionCacheSize()); this.sslContext = builder.build(); } catch (Exception e) { throw new IllegalArgumentException("Failed to initialize the server-side SSLContext", e);