akka.io
Class SslTlsSupport
java.lang.Object
akka.io.PipelineStage<HasLogging,Tcp.Command,Tcp.Command,Tcp.Event,Tcp.Event>
akka.io.SslTlsSupport
public class SslTlsSupport
- extends PipelineStage<HasLogging,Tcp.Command,Tcp.Command,Tcp.Event,Tcp.Event>
This pipeline stage implements SSL / TLS support, using an externally
configured SSLEngine
. It operates on the level of Tcp.Event
and
Tcp.Command
messages, which means that it will typically be one of
the lowest stages in a protocol stack. Since SSLEngine relies on contiguous
transmission of a data stream you will need to handle backpressure from
the TCP connection actor, for example by using a BackpressureBuffer
underneath the SSL stage.
Each instance of this stage has a scratch ByteBuffer
of approx. 18kiB
allocated which is used by the SSLEngine.
One thing to keep in mind is that there's no support for half-closed connections
in SSL (but SSL on the other side requires half-closed connections from its transport
layer).
This means:
1. keepOpenOnPeerClosed is not supported on top of SSL (once you receive PeerClosed
the connection is closed, further CloseCommands are ignored)
2. keepOpenOnPeerClosed should always be enabled on the transport layer beneath SSL so
that one can wait for the other side's SSL level close_notify message without barfing
RST to the peer because this socket is already gone
Constructor Summary |
SslTlsSupport(javax.net.ssl.SSLEngine engine)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SslTlsSupport
public SslTlsSupport(javax.net.ssl.SSLEngine engine)
apply
public java.lang.Object apply(HasLogging ctx)