ipworksssl
Class Oauth

java.lang.Object
  ipworksssl.Oauth

public class Oauth
extends java.lang.Object

The OAuth bean is used to authorize a client and provide an authorization string used in future requests.

The OAuth bean provides an easy way to obtain an authorization string for future requests to a service. The bean implements an OAuth 2.0 client.

To begin using the bean you will first need to register your application with the service you want to use. During this process you should obtain a ClientId and ClientSecret as well as the ServerAuthURL and ServerTokenURL for the authorization server. Then set ClientProfile to the client type that best describes your situation and call GetAuthorization .

The following client types are currently supported by the bean:

• Application (desktop application)
• WebServer (server side application such as a web site)
• Device (an application without browser access such as a game console)
• Mobile (phone or tablet application)
• Browser (javascript application)

Please see the detailed descriptions below for each client type and how the bean is used to authorize an application using that client type.Application Client TypeThe application client type is applicable to applications that are run by the user directly. For instance a windows form application would use the application client type. To authorize your application (client) using the application client type follow the steps below.

First, set ClientProfile to cfApplication. This defines the client type the bean will use. Set the ClientId , ClientSecret , ServerAuthURL , and ServerTokenURL to the values you obtained when registering your application.

Next, call GetAuthorization to begin the authorization process. When GetAuthorization is called the bean will build the URL to which the user will be directed and fire the LaunchBrowser event. The bean will then launch the browser using the command and URL shown in the LaunchBrowser event.

The user will authenticate to the service, and then be redirected back to an embedded web server that was automatically started when GetAuthorization was called. At this time the ReturnURL event will fire. This event provides an opportunity to provide a custom response to your user that they will see in their browser.

The bean will then automatically exchange the grant that was returned by the authorization server for the access token using the HTTP endpoint specified in ServerTokenURL .

The authorization is now complete and the GetAuthorization method will return the authorization string. To use the authorization string with any of our beans simply pass this value to the Authorization property before making the request.

A simple example is shown below.

 OAuth.ClientId = "MyId";
 OAuth.ClientSecret = "MyPassword";
 OAuth.ServerAuthURL = "https://accounts.google.com/o/oauth2/auth";
 OAuth.ServerTokenURL = "https://accounts.google.com/o/oauth2/token";
 HTTP.Authorization = OAuth.GetAuthorization();
 HTTP.Get("https://www.googleapis.com/oauth2/v1/userinfo"); 

WebServer Client Type

The WebServer client type is applicable to applications that are run on the server side where the user uses the application from a web browser. To authorize your application (client) using this client type follow the steps below.

First, set ClientProfile to cfWebServer. This defines the client type the component will use. Set the ClientId , ClientSecret , ServerAuthURL , and ServerTokenURL to the values you obtained when registering your application. Set ReturnURL to the page on your site that will be the endpoint the user is redirected back to after authentication.

Next, call GetAuthorizationURL . This will return a URL to which the user should be redirected. Redirect the user to this URL.

After the user authenticates and is returned to the page on your site specified by ReturnURL , parse the "code" query string parameter from the incoming request. Set AuthorizationCode to this value.

Call GetAuthorization to exchange the code specified in AuthorizationCode for a token from the server specified by ServerTokenURL . GetAuthorization returns the authorization string. To use the authorization string with any of our components simply pass this value to the Authorization property before making the request.

Device Client Type

The Device client type is applicable to applications that are run on devices where no web browser can be used. For instance a game console would use the device client type. To authorize your application (client) using the device client type follow the steps below.

First, set ClientProfile to cfDevice. This defines the client type the bean will use. Set the ClientId , ClientSecret , ServerAuthURL , and ServerTokenURL to the values you obtained when registering your application. Do not set ReturnURL .

Next, call GetAuthorizationURL . The bean will automatically make a request to ServerAuthURL to obtain a user code for the device. The GetAuthorizationURL method will return the URL your user must visit from another device or computer that has web browser support. The GetAuthorizationURL method will also populate ipworksssl.Oauth#config . This device user code must also be provided to the user. The user will enter the code at the URL returned by {@link ipworksssl.Oauth#getAuthorizationURL GetAuthorizationURL} .

At this time, call {@link ipworksssl.Oauth#getAuthorization GetAuthorization} . The bean will begin polling the server specified in {@link ipworksssl.Oauth#getServerTokenURL ServerTokenURL} . The polling interval is specified (in seconds) by the {@link ipworksssl.Oauth#config setting.

After the user has authenticated, the {@link ipworksssl.Oauth#getAuthorization GetAuthorization} method will return the authorization string. To use the authorization string with any of our components simply pass this value to the Authorization property before making the request.

Mobile Client Type

The Mobile client type is applicable to applications that are run on devices where a web browser can be used. For instance a mobile phone or tablet. The behavior when using this client type is very similar to the Application client type. The only difference between the Mobile and Application client types is the way the browser is launched, when set to Mobile the {@link ipworksssl.OauthLaunchBrowserEvent LaunchBrowser} event will fire but the bean will not attempt to launch the browser automatically. The browser must be launched manually from code. This behavior is the only difference between the Mobile and Application client type. Please read the steps above for the Application client type for a more detailed look at the process.

Field Summary

static int	cfApplication
static int	cfBrowser
static int	cfDevice
static int	cfMobile
static int	cfWebServer
static int	frAlways
static int	frNever
static int	frSameScheme

Constructor Summary

Oauth()
Creates an instance of Oauth Bean.

Oauth(java.lang.String runtimeLicense)
Creates an instance of Oauth Bean with specified run-time license.

Method Summary

void	addCookie(java.lang.String cookieName, java.lang.String cookieValue) Adds a cookie and the corresponding value to the outgoing request headers.
void	addOauthEventListener(OauthEventListener l)
void	addParam(java.lang.String paramName, java.lang.String paramValue) Adds a name-value pair to the query string parameters of outgoing request.
java.lang.String	config(java.lang.String configurationString) Sets or retrieves a {@link ipworksssl.Oauth#config configuration setting.
void	doEvents() Processes events from the internal message queue.
java.lang.String	getAccept() A list of acceptable MIME types for the request.
java.lang.String	getAccessToken() The access token returned by the authorization server.
java.lang.String	getAuthorization() Gets the authorization string required to access the protected resource.
java.lang.String	getAuthorizationCode() The authorization code that is exchanged for an access token.
java.lang.String	getAuthorizationScope() The scope request or response parameter used during authorization.
java.lang.String	getAuthorizationURL() Builds and returns the URL to which the user should be re-directed for authorization.
java.lang.String	getClientId() The id of the client assigned when registering the application.
int	getClientProfile() The type of client that is requesting authorization.
java.lang.String	getClientSecret() The secret value for the client assigned when registering the application.
java.lang.String	getContentType() Content type for posts and puts.
HTTPCookieList	getCookies() Collection of cookies.
Firewall	getFirewall() A set of properties related to firewall access.
int	getFollowRedirects() Determines what happens when the server issues a redirect.
java.lang.String	getFrom() The email address of the HTTP agent (optional).
java.lang.String	getHTTPMethod() The HTTP method used for the request.
java.lang.String	getIfModifiedSince() A date determining the maximum age of the desired document.
java.lang.String	getLocalHost() The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
java.lang.String	getOtherHeaders() Other headers as determined by the user (optional).
OAuthParamList	getParams() The parameters to be included in the request to the authorization server, or received in the response.
HeaderList	getParsedHeaders() Collection of headers returned from the last request.
byte[]	getPostData() The data to post with the URL if the POST method is used.
java.lang.String	getPragma() A browser/server specific header line (optional).
Proxy	getProxy() A set of properties related to proxy access.
java.lang.String	getRange() The byte-range to be sent to the server.
java.lang.String	getReferer() Referer URL/document (optional).
java.lang.String	getRefreshToken() Specifies the refresh token received from or sent to the authorization server.
java.lang.String	getReturnURL() The URL where the user (browser) returns after authenticating.
java.lang.String	getServerAuthURL() The URL of the authorization server.
java.lang.String	getServerTokenURL() The URL used to obtain the access token.
Certificate	getSSLAcceptServerCert() Instructs the bean to unconditionally accept the server certificate that matches the supplied certificate.
Certificate	getSSLCert() The certificate to be used during SSL negotiation.
Certificate	getSSLServerCert() The server certificate for the last established connection.
java.lang.String	getStatusLine() The first line of the last server response.
int	getTimeout() A timeout for the bean.
byte[]	getTransferredData() The contents of the last response from the server.
long	getTransferredDataLimit() The maximum of data to be transferred.
java.lang.String	getTransferredHeaders() The full set of headers as received from the server.
void	interrupt() Interrupt the current method.
boolean	isAllowHTTPCompression() Enables HTTP compression for receiving data.
boolean	isConnected() Shows whether the bean is connected.
boolean	isIdle() The current status of the component.
void	removeOauthEventListener(OauthEventListener l)
void	reset() Reset the bean.
void	setAccept(java.lang.String accept) A list of acceptable MIME types for the request.
void	setAccessToken(java.lang.String accessToken) The access token returned by the authorization server.
void	setAllowHTTPCompression(boolean allowHTTPCompression) Enables HTTP compression for receiving data.
void	setAuthorizationCode(java.lang.String authorizationCode) The authorization code that is exchanged for an access token.
void	setAuthorizationScope(java.lang.String authorizationScope) The scope request or response parameter used during authorization.
void	setClientId(java.lang.String clientId) The id of the client assigned when registering the application.
void	setClientProfile(int clientProfile) The type of client that is requesting authorization.
void	setClientSecret(java.lang.String clientSecret) The secret value for the client assigned when registering the application.
void	setConnected(boolean connected) Shows whether the bean is connected.
void	setContentType(java.lang.String contentType) Content type for posts and puts.
void	setFirewall(Firewall firewall) A set of properties related to firewall access.
void	setFollowRedirects(int followRedirects) Determines what happens when the server issues a redirect.
void	setFrom(java.lang.String from) The email address of the HTTP agent (optional).
void	setHTTPMethod(java.lang.String HTTPMethod) The HTTP method used for the request.
void	setIfModifiedSince(java.lang.String ifModifiedSince) A date determining the maximum age of the desired document.
void	setLocalHost(java.lang.String localHost) The name of the local host or user-assigned IP interface through which connections are initiated or accepted.
void	setOtherHeaders(java.lang.String otherHeaders) Other headers as determined by the user (optional).
void	setPostData(byte[] postData) The data to post with the URL if the POST method is used.
void	setPragma(java.lang.String pragma) A browser/server specific header line (optional).
void	setProxy(Proxy proxy) A set of properties related to proxy access.
void	setRange(java.lang.String range) The byte-range to be sent to the server.
void	setReferer(java.lang.String referer) Referer URL/document (optional).
void	setRefreshToken(java.lang.String refreshToken) Specifies the refresh token received from or sent to the authorization server.
void	setReturnURL(java.lang.String returnURL) The URL where the user (browser) returns after authenticating.
void	setServerAuthURL(java.lang.String serverAuthURL) The URL of the authorization server.
void	setServerTokenURL(java.lang.String serverTokenURL) The URL used to obtain the access token.
void	setSSLAcceptServerCert(Certificate SSLAcceptServerCert) Instructs the bean to unconditionally accept the server certificate that matches the supplied certificate.
void	setSSLCert(Certificate SSLCert) The certificate to be used during SSL negotiation.
void	setTimeout(int timeout) A timeout for the bean.
void	setTransferredDataLimit(long transferredDataLimit) The maximum of data to be transferred.
void	startWebServer() Starts the embedded web server.
void	stopWebServer() Stops the embedded web server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

cfApplication

public static final int cfApplication

See Also:

Constant Field Values

cfWebServer

public static final int cfWebServer

See Also:

Constant Field Values

cfDevice

public static final int cfDevice

See Also:

Constant Field Values

cfMobile

public static final int cfMobile

See Also:

Constant Field Values

cfBrowser

public static final int cfBrowser

See Also:

Constant Field Values

frNever

public static final int frNever

See Also:

Constant Field Values

frAlways

public static final int frAlways

See Also:

Constant Field Values

frSameScheme

public static final int frSameScheme

See Also:

Constant Field Values

Constructor Detail

Oauth

public Oauth()

Creates an instance of Oauth Bean.

Oauth

public Oauth(java.lang.String runtimeLicense)

Creates an instance of Oauth Bean with specified run-time license.

Method Detail

getAccept

public java.lang.String getAccept()

A list of acceptable MIME types for the request.

If this property contains a non-empty string, an HTTP Accept header is added to the request.

The Accept header is used for content negotiation. It provides the server with a comma-separated list of MIME types that are acceptable for its response.

setAccept

public void setAccept(java.lang.String accept)
               throws IPWorksSSLException

A list of acceptable MIME types for the request.

If this property contains a non-empty string, an HTTP Accept header is added to the request.

The Accept header is used for content negotiation. It provides the server with a comma-separated list of MIME types that are acceptable for its response.

Throws:

IPWorksSSLException

getAccessToken

public java.lang.String getAccessToken()

The access token returned by the authorization server.

This property will be populated with the access token returned by the authorization server after a call to GetAuthorization . This will be the raw access token, whereas the return value from the GetAuthorization method will also include the required data so it can be passed directly to the Authorization property of the components or added as the value of the Authorization header in another client implementation.

setAccessToken

public void setAccessToken(java.lang.String accessToken)
                    throws IPWorksSSLException

The access token returned by the authorization server.

This property will be populated with the access token returned by the authorization server after a call to GetAuthorization . This will be the raw access token, whereas the return value from the GetAuthorization method will also include the required data so it can be passed directly to the Authorization property of the components or added as the value of the Authorization header in another client implementation.

Throws:

IPWorksSSLException

isAllowHTTPCompression

public boolean isAllowHTTPCompression()

Enables HTTP compression for receiving data.

This property enables HTTP compression for receiving data. When set to true, the bean will accept compressed data. It will then uncompress the data it has received. The bean will handle data compressed by both GZIP and Deflate compression algorithms.

When true, the bean adds an "Accept-Encoding" header to the outgoing request. The value for this header can be controlled by the ipworksssl.Oauth#config config. The default value for this header is "gzip, deflate".

{@link ipworksssl.Oauth#getTransferredData TransferredData} will contain the decompressed data received by the server, but the {@link ipworksssl.OauthTransferEvent Transfer} event will report exactly what is received by the server (compressed data).

setAllowHTTPCompression

public void setAllowHTTPCompression(boolean allowHTTPCompression)
                             throws IPWorksSSLException

Enables HTTP compression for receiving data.

This property enables HTTP compression for receiving data. When set to true, the bean will accept compressed data. It will then uncompress the data it has received. The bean will handle data compressed by both GZIP and Deflate compression algorithms.

When true, the bean adds an "Accept-Encoding" header to the outgoing request. The value for this header can be controlled by the ipworksssl.Oauth#config config. The default value for this header is "gzip, deflate".

{@link ipworksssl.Oauth#getTransferredData TransferredData} will contain the decompressed data received by the server, but the {@link ipworksssl.OauthTransferEvent Transfer} event will report exactly what is received by the server (compressed data).

Throws:

IPWorksSSLException

getAuthorizationCode

public java.lang.String getAuthorizationCode()

The authorization code that is exchanged for an access token.

When ClientProfile is set to cfWebServer (WebServer flow) the authorization server will return a code when the user is re-directed from the authorization server back to your website. This code is returned as a query string parameter and the bean will automatically populate this property with that value.

Normally this property will only be informational, as the GetAuthorization method will automatically exchange this code for a token with the authorization server specified in ServerTokenURL .

If this property is set before calling GetAuthorization the bean will attempt to exchange the code with the authorization server for an access token.

setAuthorizationCode

public void setAuthorizationCode(java.lang.String authorizationCode)
                          throws IPWorksSSLException

The authorization code that is exchanged for an access token.

When ClientProfile is set to cfWebServer (WebServer flow) the authorization server will return a code when the user is re-directed from the authorization server back to your website. This code is returned as a query string parameter and the bean will automatically populate this property with that value.

Normally this property will only be informational, as the GetAuthorization method will automatically exchange this code for a token with the authorization server specified in ServerTokenURL .

If this property is set before calling GetAuthorization the bean will attempt to exchange the code with the authorization server for an access token.

Throws:

IPWorksSSLException

getAuthorizationScope

public java.lang.String getAuthorizationScope()

The scope request or response parameter used during authorization.

If the scope is not set, the authorization server will use the default access scope for your application as determined by the server. To request a specific access scope set this property to a space separated list of strings as defined by the authorization server.

After calling GetAuthorization this property will be updated with the scope sent in the response from the server and will indicate the scope that was actually granted.

setAuthorizationScope

public void setAuthorizationScope(java.lang.String authorizationScope)
                           throws IPWorksSSLException

The scope request or response parameter used during authorization.

If the scope is not set, the authorization server will use the default access scope for your application as determined by the server. To request a specific access scope set this property to a space separated list of strings as defined by the authorization server.

After calling GetAuthorization this property will be updated with the scope sent in the response from the server and will indicate the scope that was actually granted.

Throws:

IPWorksSSLException

getClientId

public java.lang.String getClientId()

The id of the client assigned when registering the application.

This property holds the id of the client that was assigned when initially registering the application with the authorization server. This value must be specified before calling GetAuthorization or GetAuthorizationURL .

setClientId

public void setClientId(java.lang.String clientId)
                 throws IPWorksSSLException

The id of the client assigned when registering the application.

This property holds the id of the client that was assigned when initially registering the application with the authorization server. This value must be specified before calling GetAuthorization or GetAuthorizationURL .

Throws:

IPWorksSSLException

getClientProfile

public int getClientProfile()

The type of client that is requesting authorization.

This defines the type of client that will be requesting authorization. Set this before calling GetAuthorization to inform the bean to act accordingly. Possible values are:

0 (cfApplication - default)

User application such as a windows form application

1 (cfWebServer)

Server side application such as a website

2 (cfDevice)

Device application without a browser such as a game console

3 (cfMobile)

Mobile application with browser support such as a smart phone or tablet

4 (cfBrowser)

Client side browser application such as javascript

setClientProfile

public void setClientProfile(int clientProfile)
                      throws IPWorksSSLException

The type of client that is requesting authorization.

This defines the type of client that will be requesting authorization. Set this before calling GetAuthorization to inform the bean to act accordingly. Possible values are:

0 (cfApplication - default)

User application such as a windows form application

1 (cfWebServer)

Server side application such as a website

2 (cfDevice)

Device application without a browser such as a game console

3 (cfMobile)

Mobile application with browser support such as a smart phone or tablet

4 (cfBrowser)

Client side browser application such as javascript

Throws:

IPWorksSSLException

getClientSecret

public java.lang.String getClientSecret()

The secret value for the client assigned when registering the application.

This property holds the secret of the client that was assigned when initially registering the application with the authorization server. This value must be specified before calling GetAuthorization or GetAuthorizationURL .

setClientSecret

public void setClientSecret(java.lang.String clientSecret)
                     throws IPWorksSSLException

The secret value for the client assigned when registering the application.

This property holds the secret of the client that was assigned when initially registering the application with the authorization server. This value must be specified before calling GetAuthorization or GetAuthorizationURL .

Throws:

IPWorksSSLException

isConnected

public boolean isConnected()

Shows whether the bean is connected.

This property is used to determine whether or not the bean is connected to the remote host.

setConnected

public void setConnected(boolean connected)
                  throws IPWorksSSLException

Shows whether the bean is connected.

This property is used to determine whether or not the bean is connected to the remote host.

Throws:

IPWorksSSLException

getContentType

public java.lang.String getContentType()

Content type for posts and puts.

If this property contains a non-empty string, a Content-Type HTTP request header is added to the request. The purpose of the header is to show the contents of the data during a Post or Put to the server.

The most common example is posting of HTML form input data. In that case, this property must be set to "application/x-www-form-urlencoded" .

setContentType

public void setContentType(java.lang.String contentType)
                    throws IPWorksSSLException

Content type for posts and puts.

If this property contains a non-empty string, a Content-Type HTTP request header is added to the request. The purpose of the header is to show the contents of the data during a Post or Put to the server.

The most common example is posting of HTML form input data. In that case, this property must be set to "application/x-www-form-urlencoded" .

Throws:

IPWorksSSLException

getCookies

public HTTPCookieList getCookies()

Collection of cookies.

This property contains a collection of cookies. To add cookies to outgoing HTTP requests, add cookies (of type httpcookie ) to this collection.

To see cookies that are set by the server, use the SetCookie event, which displays the cookies and their properties as set by the server. Those cookies are also added to Cookies .

{@link ipworksssl.Oauth#config can be used to control the maximum number of cookies saved.

This collection is indexed from 0 to size - 1.

getFirewall

public Firewall getFirewall()

A set of properties related to firewall access.

This is a Firewall type property which contains fields describing the firewall through which the bean will attempt to connect.

setFirewall

public void setFirewall(Firewall firewall)
                 throws IPWorksSSLException

A set of properties related to firewall access.

This is a Firewall type property which contains fields describing the firewall through which the bean will attempt to connect.

Throws:

IPWorksSSLException

getFollowRedirects

public int getFollowRedirects()

Determines what happens when the server issues a redirect.

This property determines what happens when the server issues a redirect. Normally, the bean returns an error if the server responds with an "Object Moved" message. If this property is set to frAlways (1), the new URL for the object is retrieved automatically every time.

If this property is set to frSameScheme (2), the new URL is retrieved automatically only if the URLScheme is the same, otherwise the bean throws an exception.

Note that following the HTTP specification, unless this property is set to frAlways (1), automatic redirects will be performed only for 'GET' or 'HEAD' requests. Other methods could potentially change the conditions of the initial request and create security vulnerabilities.

Furthermore, if either the new URL server and port are different than the existing one, User and Password are also reset to empty, unless this property is set to frAlways (1), in which case the same credentials are used to connect to the new server.

A Redirect event is fired for every URL the product is redirected to. In the case of automatic redirections, the Redirect event is a good place to set properties related to the new connection (e.g. new authentication parameters).

The default value is frNever (0). In this case, redirects are never followed, and the bean throws an exception instead.

setFollowRedirects

public void setFollowRedirects(int followRedirects)
                        throws IPWorksSSLException

Determines what happens when the server issues a redirect.

This property determines what happens when the server issues a redirect. Normally, the bean returns an error if the server responds with an "Object Moved" message. If this property is set to frAlways (1), the new URL for the object is retrieved automatically every time.

If this property is set to frSameScheme (2), the new URL is retrieved automatically only if the URLScheme is the same, otherwise the bean throws an exception.

Note that following the HTTP specification, unless this property is set to frAlways (1), automatic redirects will be performed only for 'GET' or 'HEAD' requests. Other methods could potentially change the conditions of the initial request and create security vulnerabilities.

Furthermore, if either the new URL server and port are different than the existing one, User and Password are also reset to empty, unless this property is set to frAlways (1), in which case the same credentials are used to connect to the new server.

A Redirect event is fired for every URL the product is redirected to. In the case of automatic redirections, the Redirect event is a good place to set properties related to the new connection (e.g. new authentication parameters).

The default value is frNever (0). In this case, redirects are never followed, and the bean throws an exception instead.

Throws:

IPWorksSSLException

getFrom

public java.lang.String getFrom()

The email address of the HTTP agent (optional).

This property contains the email address of the HTTP agent (optional). If it contains a non-empty string, an HTTP From: header is added to the request. This header generally gives the email address of the requester of the document.

setFrom

public void setFrom(java.lang.String from)
             throws IPWorksSSLException

The email address of the HTTP agent (optional).

This property contains the email address of the HTTP agent (optional). If it contains a non-empty string, an HTTP From: header is added to the request. This header generally gives the email address of the requester of the document.

Throws:

IPWorksSSLException

getHTTPMethod

public java.lang.String getHTTPMethod()

The HTTP method used for the request.

This property contains the HTTP method used for the request. If an empty string is provided, the HTTPMethod is determined automatically by the method being called. You may change it to a custom value if you require an HTTP method other than what is provided by the bean.

setHTTPMethod

public void setHTTPMethod(java.lang.String HTTPMethod)
                   throws IPWorksSSLException

The HTTP method used for the request.

This property contains the HTTP method used for the request. If an empty string is provided, the HTTPMethod is determined automatically by the method being called. You may change it to a custom value if you require an HTTP method other than what is provided by the bean.

Throws:

IPWorksSSLException

isIdle

public boolean isIdle()

The current status of the component.

Idle will be False if the component is currently busy (communicating and/or waiting for an answer), and True at all other times.

getIfModifiedSince

public java.lang.String getIfModifiedSince()

A date determining the maximum age of the desired document.

If this property contains a non-empty string, an If-Modified-Since HTTP header is added to the request. The value of this header is used to make the HTTP request conditional: if the requested documented has not been modified since the time specified in the field, a copy of the document will not be returned from the server; instead, a 304 (not modified) response will be returned by the server and the bean throws an exception

The format of the date value for IfModifiedSince is detailed in the HTTP specs. An example is Sat, 29 Oct 1994 19:43:31 GMT.

setIfModifiedSince

public void setIfModifiedSince(java.lang.String ifModifiedSince)
                        throws IPWorksSSLException

A date determining the maximum age of the desired document.

If this property contains a non-empty string, an If-Modified-Since HTTP header is added to the request. The value of this header is used to make the HTTP request conditional: if the requested documented has not been modified since the time specified in the field, a copy of the document will not be returned from the server; instead, a 304 (not modified) response will be returned by the server and the bean throws an exception

The format of the date value for IfModifiedSince is detailed in the HTTP specs. An example is Sat, 29 Oct 1994 19:43:31 GMT.

Throws:

IPWorksSSLException

getLocalHost

public java.lang.String getLocalHost()

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the bean initiate connections (or accept in the case of server beans) only through that interface.

If the bean is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.

setLocalHost

public void setLocalHost(java.lang.String localHost)
                  throws IPWorksSSLException

The name of the local host or user-assigned IP interface through which connections are initiated or accepted.

The LocalHost property contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.

In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the bean initiate connections (or accept in the case of server beans) only through that interface.

If the bean is connected, the LocalHost property shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

NOTE: LocalHost is not persistent. You must always set it in code, and never in the property window.

Throws:

IPWorksSSLException

getOtherHeaders

public java.lang.String getOtherHeaders()

Other headers as determined by the user (optional).

This property can be set to a string of headers to be appended to the HTTP request headers created from other properties like ContentType , From , etc.

The headers must be of the format "header: value" as described in the HTTP specifications. Header lines should be separated by CRLF ("\r\ n") .

Use this property with caution. If this property contains invalid headers, HTTP requests may fail.

This property is useful for extending the functionality of the bean beyond what is provided.

setOtherHeaders

public void setOtherHeaders(java.lang.String otherHeaders)
                     throws IPWorksSSLException

Other headers as determined by the user (optional).

This property can be set to a string of headers to be appended to the HTTP request headers created from other properties like ContentType , From , etc.

The headers must be of the format "header: value" as described in the HTTP specifications. Header lines should be separated by CRLF ("\r\ n") .

Use this property with caution. If this property contains invalid headers, HTTP requests may fail.

This property is useful for extending the functionality of the bean beyond what is provided.

Throws:

IPWorksSSLException

getParams

public OAuthParamList getParams()

The parameters to be included in the request to the authorization server, or received in the response.

This is a collection of query string parameters to be added in the request when creating the authorization URL. This will also hold the parameters returned in the response.

getParsedHeaders

public HeaderList getParsedHeaders()

Collection of headers returned from the last request.

This property contains a collection of headers returned from the last request. Whenever headers are returned from the server, the headers are parsed into a collection of headers. Each header in this collection contains information describing that header.

{@link ipworksssl.Oauth#config can be used to control the maximum number of headers saved.

This collection is indexed from 0 to size - 1.

getPostData

public byte[] getPostData()

The data to post with the URL if the POST method is used.

If this method is a non-empty string, then if the HTTP Post method is used. The contents of this property are appended to the HTTP request after the HTTP headers.

An HTTP 'Content-Length' header is also added to the request. Its value is the length of the string in PostData , or, if the AttachedFile property has been set, the cumulative length of the string and the file. See the description of the AttachedFile property for details.

If the goal is to upload a file or binary form data to a receiving script, the postdata must be MIME encoded. The WebUpload component is specifically designed for this and will perform all of the MIME encoding for you automatically. The WebForm component can be used for any form data posting.

The most common example is posting of HTML form input data. In that case, the ContentType property must be set to "application/x-www-form-urlencoded".

Example (Performing a Post)

 HTTPControl.ContentType = "application/x-www-form-urlencoded"
 HTTPControl.PostData = "firstname=Tom&lastname=Thompson&country=US"
 HTTPControl.Post(myurl) 

setPostData

public void setPostData(byte[] postData)
                 throws IPWorksSSLException

The data to post with the URL if the POST method is used.

If this method is a non-empty string, then if the HTTP Post method is used. The contents of this property are appended to the HTTP request after the HTTP headers.

An HTTP 'Content-Length' header is also added to the request. Its value is the length of the string in PostData , or, if the AttachedFile property has been set, the cumulative length of the string and the file. See the description of the AttachedFile property for details.

If the goal is to upload a file or binary form data to a receiving script, the postdata must be MIME encoded. The WebUpload component is specifically designed for this and will perform all of the MIME encoding for you automatically. The WebForm component can be used for any form data posting.

The most common example is posting of HTML form input data. In that case, the ContentType property must be set to "application/x-www-form-urlencoded".

Example (Performing a Post)

 HTTPControl.ContentType = "application/x-www-form-urlencoded"
 HTTPControl.PostData = "firstname=Tom&lastname=Thompson&country=US"
 HTTPControl.Post(myurl) 

Throws:

IPWorksSSLException

getPragma

public java.lang.String getPragma()

A browser/server specific header line (optional).

If this property contains a non-empty string, a Pragma HTTP request header is added to the request. The meaning of the header depends on the implementation and can be used to send/receive proprietary information to/from the server.

setPragma

public void setPragma(java.lang.String pragma)
               throws IPWorksSSLException

A browser/server specific header line (optional).

If this property contains a non-empty string, a Pragma HTTP request header is added to the request. The meaning of the header depends on the implementation and can be used to send/receive proprietary information to/from the server.

Throws:

IPWorksSSLException

getProxy

public Proxy getProxy()

A set of properties related to proxy access.

This property contains fields describing the proxy through which the bean will attempt to connect.

setProxy

public void setProxy(Proxy proxy)
              throws IPWorksSSLException

A set of properties related to proxy access.

This property contains fields describing the proxy through which the bean will attempt to connect.

Throws:

IPWorksSSLException

getRange

public java.lang.String getRange()

The byte-range to be sent to the server.

If this property contains a non-empty string, a Range HTTP request header is added to the request. This header tells the server to only send a certain range of bytes.

The format of this property consists of a range of bytes specified by two numbers separated by '-' (e.g. "0-499")

For example:

First 500 bytes

0-499

Second 500 bytes

500-999

Final 500 bytes

-500

setRange

public void setRange(java.lang.String range)
              throws IPWorksSSLException

The byte-range to be sent to the server.

If this property contains a non-empty string, a Range HTTP request header is added to the request. This header tells the server to only send a certain range of bytes.

The format of this property consists of a range of bytes specified by two numbers separated by '-' (e.g. "0-499")

For example:

First 500 bytes

0-499

Second 500 bytes

500-999

Final 500 bytes

-500

Throws:

IPWorksSSLException

getReferer

public java.lang.String getReferer()

Referer URL/document (optional).

If this property contains a non-empty string, a Referer HTTP request header is added to the request. The purpose of the header is to show the document referring the requested URL.

setReferer

public void setReferer(java.lang.String referer)
                throws IPWorksSSLException

Referer URL/document (optional).

If this property contains a non-empty string, a Referer HTTP request header is added to the request. The purpose of the header is to show the document referring the requested URL.

Throws:

IPWorksSSLException

getRefreshToken

public java.lang.String getRefreshToken()

Specifies the refresh token received from or sent to the authorization server.

When GetAuthorization is called if the authorization server returns a refresh token along with the access token, this property will hold the refresh token. Save this value for later use.

When your access token expires, set this property to the corresponding refresh token. Then call GetAuthorization and the bean will use this token to retrieve a new access token. The new authorization string will be returned by the GetAuthorization method. No user interaction is required when refreshing an access token.

setRefreshToken

public void setRefreshToken(java.lang.String refreshToken)
                     throws IPWorksSSLException

Specifies the refresh token received from or sent to the authorization server.

When GetAuthorization is called if the authorization server returns a refresh token along with the access token, this property will hold the refresh token. Save this value for later use.

When your access token expires, set this property to the corresponding refresh token. Then call GetAuthorization and the bean will use this token to retrieve a new access token. The new authorization string will be returned by the GetAuthorization method. No user interaction is required when refreshing an access token.

Throws:

IPWorksSSLException

getReturnURL

public java.lang.String getReturnURL()

The URL where the user (browser) returns after authenticating.

When ClientProfile is set to cfApplication this will be automatically set to the address of the local embedded web server. In that case this property can be inspected to determine the URL where the user will be redirected, but does not need to be set.

When calling GetAuthorizationURL , which is common when ClientProfile is set to cfWebBrowser, set this property to the URL on your server where the user will be redirected after authenticating with the authorization server.

setReturnURL

public void setReturnURL(java.lang.String returnURL)
                  throws IPWorksSSLException

The URL where the user (browser) returns after authenticating.

When ClientProfile is set to cfApplication this will be automatically set to the address of the local embedded web server. In that case this property can be inspected to determine the URL where the user will be redirected, but does not need to be set.

When calling GetAuthorizationURL , which is common when ClientProfile is set to cfWebBrowser, set this property to the URL on your server where the user will be redirected after authenticating with the authorization server.

Throws:

IPWorksSSLException

getServerAuthURL

public java.lang.String getServerAuthURL()

The URL of the authorization server.

Specifies the URL of the authorization server used when GetAuthorization is called. This value is used when constructing the URL to which the user will be redirected to authenticate and grant access.

This should be specified before calling GetAuthorization .

When this is set, it will clear any value specified in {@link ipworksssl.Oauth#config .

setServerAuthURL

public void setServerAuthURL(java.lang.String serverAuthURL)
                      throws IPWorksSSLException

The URL of the authorization server.

Specifies the URL of the authorization server used when GetAuthorization is called. This value is used when constructing the URL to which the user will be redirected to authenticate and grant access.

This should be specified before calling GetAuthorization .

When this is set, it will clear any value specified in {@link ipworksssl.Oauth#config .

Throws:

IPWorksSSLException

getServerTokenURL

public java.lang.String getServerTokenURL()

The URL used to obtain the access token.

Specifies the URL where the grant will be exchanged for the access token. This is typically a separate HTTP endpoint on the authorization server.

This must be set before calling GetAuthorization .

setServerTokenURL

public void setServerTokenURL(java.lang.String serverTokenURL)
                       throws IPWorksSSLException

The URL used to obtain the access token.

Specifies the URL where the grant will be exchanged for the access token. This is typically a separate HTTP endpoint on the authorization server.

This must be set before calling GetAuthorization .

Throws:

IPWorksSSLException

getSSLAcceptServerCert

public Certificate getSSLAcceptServerCert()

Instructs the bean to unconditionally accept the server certificate that matches the supplied certificate.

If it finds any issues with the certificate presented by the server, the bean will normally terminate the connection with an error.

You may override this behavior by supplying a value for SSLAcceptServerCert . If the certificate supplied in SSLAcceptServerCert is the same as the certificate presented by the server, then the server certificate is accepted unconditionally, and the connection will continue normally.

Please note that this functionality is provided only for cases where you otherwise know that you are communicating with the right server. If used improperly, this property may create a security breach. Use it at your own risk.

setSSLAcceptServerCert

public void setSSLAcceptServerCert(Certificate SSLAcceptServerCert)
                            throws IPWorksSSLException

Instructs the bean to unconditionally accept the server certificate that matches the supplied certificate.

If it finds any issues with the certificate presented by the server, the bean will normally terminate the connection with an error.

You may override this behavior by supplying a value for SSLAcceptServerCert . If the certificate supplied in SSLAcceptServerCert is the same as the certificate presented by the server, then the server certificate is accepted unconditionally, and the connection will continue normally.

Please note that this functionality is provided only for cases where you otherwise know that you are communicating with the right server. If used improperly, this property may create a security breach. Use it at your own risk.

Throws:

IPWorksSSLException

getSSLCert

public Certificate getSSLCert()

The certificate to be used during SSL negotiation.

The digital certificate that the bean will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

setSSLCert

public void setSSLCert(Certificate SSLCert)
                throws IPWorksSSLException

The certificate to be used during SSL negotiation.

The digital certificate that the bean will use during SSL negotiation. Set this property to a valid certificate before starting SSL negotiation. To set a certificate, you may set the Encoded field to the encoded certificate. To select a certificate, use the store and subject fields.

Throws:

IPWorksSSLException

getSSLServerCert

public Certificate getSSLServerCert()

The server certificate for the last established connection.

SSLServerCert contains the server certificate for the last established connection.

SSLServerCert is reset every time a new connection is attempted.

getStatusLine

public java.lang.String getStatusLine()

The first line of the last server response.

This property contains the first line of the last server response. This value can be used for diagnostic purposes. If an HTTP error is returned when calling a method of the bean, the error string is the same as the StatusLine property.

The HTTP protocol specifies the structure of the StatusLine as: [HTTP version] [Result Code] [Description].

getTimeout

public int getTimeout()

A timeout for the bean.

If the Timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If Timeout is set to a positive value, the bean will wait for the operation to complete before returning control.

The bean will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not "freeze" and remains responsive.

If Timeout expires, and the operation is not yet complete, the bean throws an exception.

Please note that by default, all timeouts are inactivity timeouts , i.e. the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

Optionally, the behavior of the bean may be changed to absolute timeouts , i.e. the bean will wait for a maximum of Timeout seconds since the beginning of the operation, without extending the timeout period during communications.

This behavior is controlled by the ipworksssl.Oauth#config configuration setting.

The default value for the {@link ipworksssl.Oauth#getTimeout Timeout} property is 60 (seconds).

setTimeout

public void setTimeout(int timeout)
                throws IPWorksSSLException

A timeout for the bean.

If the Timeout property is set to 0, all operations will run uninterrupted until successful completion or an error condition is encountered.

If Timeout is set to a positive value, the bean will wait for the operation to complete before returning control.

The bean will use DoEvents to enter an efficient wait loop during any potential waiting period, making sure that all system events are processed immediately as they arrive. This ensures that the host application does not "freeze" and remains responsive.

If Timeout expires, and the operation is not yet complete, the bean throws an exception.

Please note that by default, all timeouts are inactivity timeouts , i.e. the timeout period is extended by Timeout seconds when any amount of data is successfully sent or received.

Optionally, the behavior of the bean may be changed to absolute timeouts , i.e. the bean will wait for a maximum of Timeout seconds since the beginning of the operation, without extending the timeout period during communications.

This behavior is controlled by the ipworksssl.Oauth#config configuration setting.

The default value for the {@link ipworksssl.Oauth#getTimeout Timeout} property is 60 (seconds).

Throws:

IPWorksSSLException

getTransferredData

public byte[] getTransferredData()

The contents of the last response from the server.

This property contains the contents of the last response from the server. If the LocalFile is empty, the data is accumulated in TransferredData , and can also be received in the Transfer event. Otherwise, this property returns an empty string.

TransferredDataLimit controls the maximum amount of data accumulated in TransferredData (by default there is no limit).

getTransferredDataLimit

public long getTransferredDataLimit()

The maximum of data to be transferred.

This property contains the maximum of data to be transferred. The default value is 0, which will not impose any limits on the amount of data accumulated in the TransferredData property.

setTransferredDataLimit

public void setTransferredDataLimit(long transferredDataLimit)
                             throws IPWorksSSLException

The maximum of data to be transferred.

This property contains the maximum of data to be transferred. The default value is 0, which will not impose any limits on the amount of data accumulated in the TransferredData property.

Throws:

IPWorksSSLException

getTransferredHeaders

public java.lang.String getTransferredHeaders()

The full set of headers as received from the server.

This property returns the complete set of raw headers as received from the server.

The Header event shows the individual headers as parsed by the bean.

addCookie

public void addCookie(java.lang.String cookieName,
                      java.lang.String cookieValue)
               throws IPWorksSSLException

Adds a cookie and the corresponding value to the outgoing request headers.

This property adds a cookie and the corresponding value to the outgoing request headers. Please refer to the Cookies property for more information on cookies and how they are managed.

Throws:

IPWorksSSLException

addParam

public void addParam(java.lang.String paramName,
                     java.lang.String paramValue)
              throws IPWorksSSLException

Adds a name-value pair to the query string parameters of outgoing request.

This method can be used to add query string parameters to the outgoing request. One common use for this method would be to add the "state" parameter to the request, which can be used when the ClientProfile is cfWebServer to add user defined data. The authorization server will include the "state" parameter in the response and will be available in the post back to your server which will allow you to maintain state in your application.

Throws:

IPWorksSSLException

config

public java.lang.String config(java.lang.String configurationString)
                        throws IPWorksSSLException

Sets or retrieves a ipworksssl.Oauth#config configuration setting.

{@link ipworksssl.Oauth#config Config} is a generic method available in every bean. It is used to set and retrieve {@link ipworksssl.Oauth#config configuration settingsfor the bean.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the bean, access to these internal properties is provided through the {@link ipworksssl.Oauth#config Config} method.

To set a configuration setting named PROPERTY , you must call Config("PROPERTY=VALUE") , where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a {@link ipworksssl.Oauth#config configuration setting, you must call Config("PROPERTY") . The value will be returned as a string.

The bean accepts one or more of the following configuration settings . Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the bean, access to these internal properties is provided through the {@link ipworksssl.Oauth#config Config} method.

OAuth Configuration Settings

AuthorizationTokenType

The type of access token returned

The applicable values include the following:

Bearer (default)

When the access token returned by the server is a Bearer type, the authorization string returned by {@link ipworksssl.Oauth#getAuthorization GetAuthorization} will be in the format "Bearer access_token". This can be supplied as the value of the HTTP Authorization header.

AuthorizationURL

Specifies the URL used for authorization

Holds the URL that the user should be directed to in order to authenticate. If this value is specified the bean will use this value instead of automatically calculating the value when {@link ipworksssl.Oauth#getAuthorization GetAuthorization} is called.

BrowserResponseTimeout

Specifies the amount of time to wait for a response from the browser

This setting specifies the amount of time (in seconds) the component will wait for a response from the browser in the {@link ipworksssl.OauthLaunchBrowserEvent LaunchBrowser} event. The default value is 0, meaning that the component will wait indefinitely.

DeviceUserCode

The device's user code when the ClientProfile is set to cfDevice

When {@link ipworksssl.Oauth#getClientProfile ClientProfile} is set to cfDevice and {@link ipworksssl.Oauth#getAuthorizationURL GetAuthorizationURL} is called the bean will request a device user code from the server specified by {@link ipworksssl.Oauth#getServerAuthURL ServerAuthURL} . This setting will be populated with the device user code returned by the server. Provide this value along with the URL returned by {@link ipworksssl.Oauth#getAuthorizationURL GetAuthorizationURL} to the user.

PollingInterval

The interval in seconds between polling requests when the device client type is used

When {@link ipworksssl.Oauth#getClientProfile ClientProfile} is set to cfDevice, this determines the interval (in seconds) between polling requests made to {@link ipworksssl.Oauth#getServerTokenURL ServerTokenURL} . The default value is 5.

ReUseWebServer

Determines if the same server instance is used between requests

If set to true (default), the same embedded web server instance will be used for multiple requests. If set to false the embedded web server will be created and destroyed on each call to {@link ipworksssl.Oauth#getAuthorization GetAuthorization}

TokenInfoFieldCount

The number of fields in the tokeninfo service response

This setting returns the number of fields present in the tokeninfo service response. This is populated after calling {@link ipworksssl.Oauth#config .

TokenInfoFieldName[i]

The name of the tokeninfo service response field

This setting returns the name of the tokeninfo service response field specified by index i . Valid values are from 0 to {@link ipworksssl.Oauth#config - 1.

TokenInfoFieldValue[i]

The value of the tokeninfo service response field

This setting returns the value of the tokeninfo service response field specified by index i . Valid values are from 0 to {@link ipworksssl.Oauth#config - 1.

TokenInfoURL

The URL of the tokeninfo service

This setting specifies the URL of the tokeninfo service to which a request is made when {@link ipworksssl.Oauth#config is called. The default value is "https://www.googleapis.com/oauth2/v1/tokeninfo".

ValidateToken

Validates the specified access token with a tokeninfo service

This setting will post the {@link ipworksssl.Oauth#getAccessToken AccessToken} to the tokeninfo service specified by {@link ipworksssl.Oauth#config . This allows a token to be queried for validity and other information before use. When this setting is queried the bean will immediately make a request to the server. {@link ipworksssl.Oauth#config , {@link ipworksssl.Oauth#config [i];, and {@link ipworksssl.Oauth#config [i]; may be used to iterate over the fields in the response.

WebServerFailedResponse

The custom response that will be displayed to the user if authentication failed

When {@link ipworksssl.Oauth#getAuthorization GetAuthorization} is called the user will be redirected to the embedded web server upon completing authentication with the authorization server. If authentication failed, the HTML specified here will be sent to the user's browser.

WebServerPort

The port on which the embedded web server listens

Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be returned when this setting is queried after the server has started listening. This is only applicable when using the embedded web server and calling {@link ipworksssl.Oauth#getAuthorization GetAuthorization} .

WebServerResponse

The custom response that will be displayed to the user

When {@link ipworksssl.Oauth#getAuthorization GetAuthorization} is called the user will be redirected to the embedded web server upon completing authentication with the authorization server. This setting allows you to specify the HTML that will be sent to the user's browser.

WebServerUseSSL

Whether the web server requires SSL connections

This setting specifies whether the web server listens in SSL mode. If True the web server will only accept SSL connections.

WebServerSSLCertStoreType

The type of certificate store

This specifies the type of certificate store. Possible values are:

0

User - default For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.

1

Machine - For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.

2

PFXFile - The certificate store is the name of a PFX (PKCS12) file containing certificates.

3

PFXBlob - The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.

4

JKSFile - The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.

5

JKSBlob - The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.

6

PEMKeyFile - The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.

7

PEMKeyBlob - The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.

14

PPKFile - The certificate store is the name of a file that contains a PPK (PuTTY Private Key).

15

PPKBlob - The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).

16

XMLFile - The certificate store is the name of a file that contains a certificate in XML format.

17

XMLBlob - The certificate store is a string that contains a certificate in XML format.

Note: This is only applicable when {@link ipworksssl.Oauth#config is set to True.

WebServerSSLCertStore

The name of the certificate store for the client certificate

The name of the certificate store for the client certificate.The {@link ipworksssl.Oauth#config field specifies the type of the certificate store specified by {@link ipworksssl.Oauth#config . If the store is password protected, specify the password in {@link ipworksssl.Oauth#config .

{@link ipworksssl.Oauth#config is used in conjunction with the {@link ipworksssl.Oauth#config field in order to specify client certificates.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MY

A certificate store holding personal certificates with their associated private keys.

CA

Certifying authority certificates.

ROOT

Root certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

If the provider is OpenSSL, the certificate store is a file containing a certificate and a private key. This property must be set to the name of the file.

Note: This is only applicable when {@link ipworksssl.Oauth#config is set to True.

WebServerSSLCertStorePassword

The certificate password

If the certificate store is of a type that requires a password, this property is used to specify that password in order to open the certificate store.Note: This is only applicable when {@link ipworksssl.Oauth#config is set to True.

WebServerSSLCertSubject

The certificate subject

The subject of the certificate.The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma separated list of distinguished name fields and values. For instance "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are displayed below.

Field

Meaning

CN

Common Name. This is commonly a host name like www.server.com.

O

Organization

OU

Organizational Unit

L

Locality

S

State

C

Country

E

Email Address

If a field value contains a comma it must be quoted.

Note: This is only applicable when {@link ipworksssl.Oauth#config is set to True.

HTTP Configuration Settings

AcceptEncoding

Used to tell the server which types of content encodings the client supports

When {@link ipworksssl.Oauth#isAllowHTTPCompression AllowHTTPCompression} is true, the bean adds an "Accept-Encoding: " header to the request being sent to the server. By default, this header's value is "gzip, deflate". This config allows you to change the value of the "Accept-Encoding" header. NOTE: The bean only supports gzip and deflate decompression algorithms.

AllowHTTPCompression

This property enables HTTP compression for receiving data

This is the same as the {@link ipworksssl.Oauth#isAllowHTTPCompression AllowHTTPCompression} property. This setting is exposed here for use by beans that inherit from HTTP.

Authorization

The Authorization string to be sent to the server

If the {@link ipworksssl.Oauth#config property contains a non-empty string, an Authorization HTTP request header is added to the request. This header conveys Authorization information to the server.This property is provided so that the HTTP bean can be extended with other security schemes in addition to the authorization schemes already implemented by the bean.

The {@link ipworksssl.Oauth#getAuthScheme AuthScheme} property defines the authentication scheme used. In the case of HTTP Basic Authentication (default), every time {@link ipworksssl.Oauth#getUser User} and {@link ipworksssl.Oauth#getPassword Password} are set, they are Base64 encoded, and the result is put in the Authorization property in the form "Basic [encoded-user-password]".

BytesTransferred

Contains the number of bytes transferred in the response data

Returns the raw number of bytes from the HTTP response data, prior to the component processing the data, whether it is chunked and/or compressed. This returns the same value as the {@link ipworksssl.OauthTransferEvent Transfer} event, by BytesTransferred .

EncodeURL

If set to true the URL will be encoded by the bean

The default value is false. If set to true the URL passed to the bean will be URL encoded.

FollowRedirects

Determines what happens when the server issues a redirect

This option determines what happens when the server issues a redirect. Normally, the bean returns an error if the server responds with an "Object Moved" message. If this property is set to 1 (always), the new {@link ipworksssl.Oauth#getURL URL} for the object is retrieved automatically every time.If this property is set to 2 (Same Scheme), the new {@link ipworksssl.Oauth#getURL URL} is retrieved automatically only if the URL Scheme is the same, otherwise the bean throws an exception.

Note that following the HTTP specification, unless this option is set to 1 (Always), automatic redirects will be performed only for 'GET' or 'HEAD' requests. Other methods could potentially change the conditions of the initial request and create security vulnerabilities.

Furthermore, if either the new URL server and port are different than the existing one, {@link ipworksssl.Oauth#getUser User} and {@link ipworksssl.Oauth#getPassword Password} are also reset to empty, unless this property is set to 1 (Always), in which case the same credentials are used to connect to the new server.

A {@link ipworksssl.OauthRedirectEvent Redirect} event is fired for every URL the product is redirected to. In the case of automatic redirections, the {@link ipworksssl.OauthRedirectEvent Redirect} event is a good place to set properties related to the new connection (e.g. new authentication parameters).

The default value is 0 (Never). In this case, redirects are never followed, and the bean throws an exception instead.

Valid options are:

• 0 - Never
• 1 - Always
• 2 - Same Scheme

GetOn302Redirect

If set to true the bean will perform a GET on the new location

The default value is false. If set to true the bean will perform a GET on the new location. Otherwise it will use the same HTTP method again.

HTTPVersion

The version of HTTP used by the bean

Possible values include "1.0", and "1.1". The default is "1.1".

IfModifiedSince

A date determining the maximum age of the desired document

This is the same as the {@link ipworksssl.Oauth#getIfModifiedSince IfModifiedSince} property. This setting is exposed here for use by beans that inherit from HTTP.

KeepAlive

Determines whether the HTTP connection is closed after completion of the request

If true, the component will not send the 'Connection: Close' header. The absence of the Connection header indicates to the server that HTTP persistent connections should be used if supported. Note that not all server support persistent connections. You may also explicitly add the Keep-Alive header to the request headers by setting {@link ipworksssl.Oauth#getOtherHeaders OtherHeaders} to 'Connection: Keep-Alive'. If false, the connection will be closed immediately after the server response is received.The default value for {@link ipworksssl.Oauth#config is false.

MaxHeaders

Instructs bean to save the amount of headers specified that are returned by the server after a Header event has been fired

This config should be set when the {@link ipworksssl.Oauth#getTransferredHeaders TransferredHeaders} collection is to be populated when a {@link ipworksssl.OauthHeaderEvent Header} event has been fired. This value represents the number of headers that are to be saved in the collection.To save all items to the collection , set this config to -1. If no items are wanted, set this to 0, which will not save any to the collection . The default for this config is -1, so all items will be included in the collection .

NOTE: This functionality is only available in Java and .NET.

MaxHTTPCookies

Instructs bean to save the amount of cookies specified that are returned by the server when a SetCookie event is fired

This config should be set when populating the {@link ipworksssl.Oauth#getCookies Cookies} collection as a result of an HTTP request. This value represents the number of cookies that are to be saved in the collection .To save all items to the collection , set this config to -1. If no items are wanted, set this to 0, which will not save any to the collection . The default for this config is -1, so all items will be included in the collection .

NOTE: This functionality is only available in Java and .NET.

MaxRedirectAttempts

Limits the number of redirects that are followed in a request

When {@link ipworksssl.Oauth#getFollowRedirects FollowRedirects} is set to any value besides frNever the bean will follow redirects until this maximum number of redirect attempts are made. The default value is 20.

OtherHeaders

Other headers as determined by the user (optional)

This configuration option can be set to a string of headers to be appended to the HTTP request headers.The headers must be of the format "header: value" as described in the HTTP specifications. Header lines should be separated by CRLF ("\r\ n") .

Use this configuration option with caution. If this configuration option contains invalid headers, HTTP requests may fail.

This configuration option is useful for extending the functionality of the bean beyond what is provided.

ProxyAuthorization

The authorization string to be sent to the proxy server

Similar to the {@link ipworksssl.Oauth#config config, but for proxy authorization. If this config contains a non-empty string, a Proxy-Authorization HTTP request header is added to the request. This header conveys proxy authorization information to the server. If User and Password are specified, this value is calculated using the algorithm specified by AuthScheme .

ProxyAuthScheme

The authorization scheme to be used for the proxy

This is the same as AuthScheme . This setting is provided for use by beans that do not directly expose Proxy properties.

ProxyPassword

A password if authentication is to be used for the proxy

This is the same as Password . This setting is provided for use by beans that do not directly expose Proxy properties.

ProxyPort

Port for the proxy server (default 80)

This is the same as Port . This setting is provided for use by beans that do not directly expose Proxy properties.

ProxyServer

Name or IP address of a proxy server (optional)

This is the same as Server . This setting is provided for use by beans that do not directly expose Proxy properties.

ProxyUser

A user name if authentication is to be used for the proxy

This is the same as User . This setting is provided for use by beans that do not directly expose Proxy properties.

TransferredDataLimit

The maximum number of incoming bytes to be stored by the bean

If {@link ipworksssl.Oauth#config is set to 0 (default), no limits are imposed. Otherwise this reflects the maximum number of incoming bytes that can be stored by the bean. If {@link ipworksssl.Oauth#config is set to 0, no limits are imposed.

TransferredHeaders

The full set of headers as received from the server

This configuration setting returns the complete set of raw headers as received from the server.

UseChunkedEncoding

Enables or Disables HTTP chunked encoding for transfers

If UseChunkedEncoding is set to true, the bean will use HTTP chunked encoding when posting if possible. HTTP chunked encoding allows large files to be sent in chunks instead of all at once. If set to false, the bean will not use HTTP chunked encoding. The default value is false. Note: Some servers (such as the ASP.NET Development Server) may not support chunked encoding.

ChunkSize

Specifies the chunk size in bytes when using chunked encoding

This is only applicable when {@link ipworksssl.Oauth#config is true. This setting specifies the chunk size in bytes to be used when posting data. The default value is 16384.

UsePlatformHTTPClient

Whether or not to use the platform HTTP client

If True, the component will use the default HTTP client for the platform ( URLConnection in Java or WebRequest in .NET) instead of the internal HTTP implementation. This is important for environments where direct access to sockets is limited or not allowed (as in the Google AppEngine for instance).

UserAgent

Information about the user agent (browser)

This is the value supplied in the HTTP User-Agent header. The default setting is "/n software IPWorks HTTP/S Component - www.nsoftware.com".Override the default with the name and version of your software.

KerberosSPN

The Service Principal Name for the Kerberos Domain Controller

If the Service Principal Name on the Kerberos Domain Controller is not the same as the URL that you are authenticating to, the Service Principal Name should be set here.

IPPort Configuration Settings

ConnectionTimeout

Sets a separate timeout value for establishing a connection

When set, this configuration setting allows you to specify a different timeout value for establishing a connection. Otherwise, the bean will use {@link ipworksssl.Oauth#getTimeout Timeout} for establishing a connection and transmitting/receiving data.

FirewallAutoDetect

Tells the bean whether or not to automatically detect and use firewall system settings, if available

This is the same as AutoDetect . This setting is provided for use by beans that do not directly expose Firewall properties.

FirewallHost

Name or IP address of firewall (optional)

If a {@link ipworksssl.Oauth#config is given, requested connections will be authenticated through the specified firewall when connecting.If the {@link ipworksssl.Oauth#config setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the {@link ipworksssl.Oauth#config setting is set to the corresponding address. If the search is not successful, an error is returned.

NOTE: This is the same as Host . This setting is provided for use by beans that do not directly expose Firewall properties.

FirewallListener

If true, the component binds to a SOCKS firewall as a server (IPPort only)

This entry is for IPPort only and does not work for other components that descend from IPPort.If this entry is set, the bean acts as a server. {@link ipworksssl.Oauth#getRemoteHost RemoteHost} and {@link ipworksssl.Oauth#getRemotePort RemotePort} are used to tell the SOCKS firewall in which address and port to listen to. The firewall rules may ignore {@link ipworksssl.Oauth#getRemoteHost RemoteHost} , and it is recommended that {@link ipworksssl.Oauth#getRemoteHost RemoteHost} be set to empty string in this case.

{@link ipworksssl.Oauth#getRemotePort RemotePort} is the port in which the firewall will listen to. If set to 0, the firewall will select a random port. The binding (address and port) is provided through the {@link ipworksssl.OauthConnectionStatusEvent ConnectionStatus} event.

The connection to the firewall is made by calling the {@link ipworksssl.Oauth#connect Connect} method.

FirewallPassword

Password to be used if authentication is to be used when connecting through the firewall

If {@link ipworksssl.Oauth#config is specified, the {@link ipworksssl.Oauth#config and {@link ipworksssl.Oauth#config settings are used to connect and authenticate to the given firewall. If the authentication fails, the bean throws an exception.NOTE: This is the same as Password . This setting is provided for use by beans that do not directly expose Firewall properties.

FirewallPort

The TCP port for the FirewallHost;

Note that the {@link ipworksssl.Oauth#config is set automatically when {@link ipworksssl.Oauth#config is set to a valid value.NOTE: This is the same as Port . This setting is provided for use by beans that do not directly expose Firewall properties.

FirewallType

Determines the type of firewall to connect through

The appropriate values are as follows:

0

No firewall (default setting).

1

Connect through a tunneling proxy. {@link ipworksssl.Oauth#config is set to 80.

2

Connect through a SOCKS4 Proxy. {@link ipworksssl.Oauth#config is set to 1080.

3

Connect through a SOCKS5 Proxy. {@link ipworksssl.Oauth#config is set to 1080.

NOTE: This is the same as FirewallType . This setting is provided for use by beans that do not directly expose Firewall properties.

FirewallUser

A user name if authentication is to be used connecting through a firewall

If the {@link ipworksssl.Oauth#config is specified, the {@link ipworksssl.Oauth#config and {@link ipworksssl.Oauth#config settings are used to connect and authenticate to the Firewall. If the authentication fails, the bean throws an exception.NOTE: This is the same as User . This setting is provided for use by beans that do not directly expose Firewall properties.

KeepAliveTime

The inactivity time in milliseconds before a TCP keep-alive packet is sent

When set, {@link ipworksssl.Oauth#config will automatically be set to true. By default the operating system will determine the time a connection is idle before a TCP keep-alive packet is sent. This system default if this value is not specified here is 2 hours. In many cases a shorter interval is more useful. Set this value to the desired interval in milliseconds.Note: This value is not applicable in Java.

KeepAliveInterval

The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received

When set, {@link ipworksssl.Oauth#config will automatically be set to true. A TCP keep-alive packet will be sent after a period of inactivity as defined by {@link ipworksssl.Oauth#config . If no acknowledgement is received from the remote host the keep-alive packet will be re-sent. This setting specifies the interval at which the successive keep-alive packets are sent in milliseconds. This system default if this value is not specified here is 1 second.Note: This value is not applicable in Java or MAC.

Linger

When set to True, connections are terminated gracefully

This property controls how a connection is closed. The default is True.In the case that Linger is True (default), there are two scenarios for determining how long the connection will linger. The first, if {@link ipworksssl.Oauth#config is 0 (default), the system will attempt to send pending data for a connection until the default IP protocol timeout expires.

In the second scenario, {@link ipworksssl.Oauth#config is a positive value, the system will attempt to send pending data until the specified {@link ipworksssl.Oauth#config is reached. If this attempt fails, then the system will reset the connection.

The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the bean returns control immediately, the system could hold system resources until all pending data is sent (even after your application closes).

Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (by a client acknowledgment, for example), setting this property to False might be the appropriate course of action.

LingerTime

Time in seconds to have the connection linger

LingerTime is the time, in seconds, to leave the socket connection linger. This value is 0 by default, which means it will use the default IP protocol timeout.

LocalHost

The name of the local host through which connections are initiated or accepted

The {@link ipworksssl.Oauth#getLocalHost LocalHost} setting contains the name of the local host as obtained by the gethostname() system call, or if the user has assigned an IP address, the value of that address.In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the bean initiate connections (or accept in the case of server beans) only through that interface.

If the bean is connected, the {@link ipworksssl.Oauth#getLocalHost LocalHost} setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface).

LocalPort

The TCP port in the local host where the bean binds

This must be set before a connection is attempted. It instructs the bean to bind to a specific port (or communication endpoint) in the local machine.Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by {@link ipworksssl.Oauth#getLocalPort LocalPort} after the connection is established.

{@link ipworksssl.Oauth#getLocalPort LocalPort} cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error.

This; setting is useful when trying to connect to services that require a trusted port in the client side. An example is the remote shell (rsh) service in UNIX systems.

MaxLineLength

The maximum amount of data to accumulate when no EOL is found

{@link ipworksssl.Oauth#config is the size of an internal buffer, which holds received data while waiting for an {@link ipworksssl.Oauth#getEOL EOL} string.If an {@link ipworksssl.Oauth#getEOL EOL} string is found in the input stream before {@link ipworksssl.Oauth#config bytes are received, the {@link ipworksssl.OauthDataInEvent DataIn} event is fired with the EOL parameter set to True, and the buffer is reset.

If no {@link ipworksssl.Oauth#getEOL EOL} is found, and {@link ipworksssl.Oauth#config bytes are accumulated in the buffer, the {@link ipworksssl.OauthDataInEvent DataIn} event is fired with the EOL parameter set to False, and the buffer is reset.

The minimum value for {@link ipworksssl.Oauth#config is 256 bytes. The default value is 2048 bytes. The maximum value is 65536 bytes.

MaxTransferRate

The transfer rate limit in bytes per second

This setting can be used to throttle outbound TCP traffic. Set this to the number of bytes to be sent per second. By default this is not set and there is no limit.

TCPKeepAlive

Determines whether or not the keep alive socket option is enabled

If set to true, the socket's keep-alive option is enabled and keep-alive packets will be sent periodically to maintain the connection. Set {@link ipworksssl.Oauth#config and {@link ipworksssl.Oauth#config to configure the timing of the keep-alive packets.Note: This value is not applicable in Java.

UseIPv6

Whether or not to use IPv6

By default, the component expects an IPv4 address for local and remote host properties, and will create an IPv4 socket. To use IPv6 instead, set this to True.

CloseStreamAfterTransfer

If true, the component will close the upload or download stream after the transfer

This setting determines whether the input or output stream is closed after the transfer completes. When set to True (default), all streams will be closed after a transfer is completed. In order to keep streams open after the transfer of data, set this to False. the default value is True.

TcpNoDelay

Whether or not to delay when sending packets

When true, the socket will send all data that is ready to send at once. When false, the socket will send smaller buffered packets of data at small intervals. This is known as the Nagle algorithm.By default, this config is set to false.

SSL Configuration Settings

ReuseSSLSession

Determines if the SSL session is reused

If set to true, the component will reuse the context if and only if the following criteria are met:

• The target host name is the same.
• The system cache entry has not expired (default timeout is 10 hours).
• The application process that calls the function is the same.
• The logon session is the same.
• The instance of the component is the same.

SSLCipherStrength

The minimum cipher strength used for bulk encryption

This minimum cipher strength largely dependent on the security modules installed on the system. If the cipher strength specified is not supported, an error will be returned when connections are initiated.Please note that this setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the {@link ipworksssl.OauthSSLStatusEvent SSLStatus} event.

Use this setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application.

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the {@link ipworksssl.Oauth#config config setting.

SSLEnabledProtocols

Used to enable/disable the supported security protocols

Used to enable/disable the supported security protocols.Not all supported protocols are enabled by default (the value of this setting is 192). If you want more granular control over the enabled protocols, you can set this property to the binary 'OR' of one or more of the following values:

TLS1.2

3072 (Hex C00)

TLS1.1

768 (Hex 300)

TLS1

192 (Hex C0) (Default)

SSL3

48 (Hex 30)

SSL2

12 (Hex 0C)

Please note that although a number of sites still support SSL2, it is usually a good idea to disable it because of potential security vulnerabilities.

When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the {@link ipworksssl.Oauth#config config setting.

TLS 1.1 and TLS1.2 support are only available starting with Windows 7.

SSLProvider

The name of the security provider to use

Change this setting to use security providers other than the system default.Use this setting with caution. Disabling SSL security or pointing to the wrong provider could potentially cause serious security vulnerabilities in your application.

The special value "*" (default) picks the default SSL provider defined in the system.

Note: On Windows systems, the default SSL Provider is "Microsoft Unified Security Protocol Provider" and cannot be changed.

SSLSecurityFlags

Flags that control certificate verification

The following flags are defined (specified in hexadecimal notation). They can be or-ed together to exclude multiple conditions:

0x00000001

Ignore time validity status of certificate.

0x00000002

Ignore time validity status of CTL.

0x00000004

Ignore non-nested certificate times.

0x00000010

Allow unknown Certificate Authority.

0x00000020

Ignore wrong certificate usage.

0x00000100

Ignore unknown certificate revocation status.

0x00000200

Ignore unknown CTL signer revocation status.

0x00000400

Ignore unknown Certificate Authority revocation status.

0x00000800

Ignore unknown Root revocation status.

0x00008000

Allow test Root certificate.

0x00004000

Trust test Root certificate.

0x80000000

Ignore non-matching CN (certificate CN not-matching server name).

This functionality is currently not available in Java or when the provider is OpenSSL.

SSLContextProtocol

The protocol used when getting an SSLContext instance

Possible values are SSL, SSLv2, SSLv3, TLS and TLSv1. Use it only in case your security provider does not support TLS. This is the parameter "protocol" inside the SSLContext.getInstance(protocol) call.

SSLTrustManagerFactoryAlgorithm

The algorithm to be used to create a TrustManager through TrustManagerFactory

Possible values include SunX509. This is the parameter "algorithm" inside the TrustManagerFactory.getInstance(algorithm) call.

SSLEnabledCipherSuites

The cipher suite to be used in an SSL negotiation

The enabled cipher suites to be used in SSL negotiation.By default, the enabled cipher suites will include all available ciphers ("*").

The special value "*" means that the component will pick all of the supported cipher suites. If SSLEnabledCipherSuites is set to any other value, only the specified cipher suites will be considered.

Multiple cipher suites are separated by semicolons.

Example values:

 obj.config("SSLEnabledCipherSuites=*");
 obj.config("SSLEnabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA");
 obj.config("SSLEnabledCipherSuites=SSL_RSA_WITH_RC4_128_SHA; SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"); 

Possible values include:

• SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
• SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
• SSL_RSA_WITH_RC4_128_SHA
• SSL_RSA_WITH_DES_CBC_SHA
• SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
• SSL_DH_anon_WITH_DES_CBC_SHA
• SSL_RSA_EXPORT_WITH_RC4_40_MD5
• SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
• SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
• SSL_DHE_DSS_WITH_DES_CBC_SHA
• SSL_RSA_WITH_NULL_MD5
• SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
• SSL_DHE_RSA_WITH_DES_CBC_SHA
• SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
• SSL_RSA_WITH_NULL_SHA
• SSL_DH_anon_WITH_RC4_128_MD5
• SSL_RSA_WITH_RC4_128_MD5
• SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
• SSL_RSA_WITH_3DES_EDE_CBC_SHA
• TLS_ECDH_ECDSA_WITH_NULL_SHA
• TLS_DH_anon_WITH_AES_128_CBC_SHA256
• TLS_ECDH_anon_WITH_RC4_128_SHA
• TLS_DH_anon_WITH_AES_128_CBC_SHA
• TLS_DHE_RSA_WITH_AES_128_CBC_SHA
• TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
• TLS_KRB5_WITH_3DES_EDE_CBC_SHA
• TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
• TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
• TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
• TLS_KRB5_EXPORT_WITH_RC4_40_SHA
• TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_RSA_WITH_RC4_128_SHA
• TLS_ECDH_ECDSA_WITH_RC4_128_SHA
• TLS_ECDH_anon_WITH_NULL_SHA
• TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
• TLS_RSA_WITH_NULL_SHA256
• TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
• TLS_KRB5_WITH_RC4_128_MD5
• TLS_ECDHE_ECDSA_WITH_NULL_SHA
• TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
• TLS_ECDH_RSA_WITH_RC4_128_SHA
• TLS_EMPTY_RENEGOTIATION_INFO_SCSV
• TLS_KRB5_WITH_3DES_EDE_CBC_MD5
• TLS_KRB5_WITH_RC4_128_SHA
• TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
• TLS_ECDH_RSA_WITH_NULL_SHA
• TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
• TLS_KRB5_WITH_DES_CBC_MD5
• TLS_KRB5_EXPORT_WITH_RC4_40_MD5
• TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
• TLS_ECDH_anon_WITH_AES_128_CBC_SHA
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
• TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
• TLS_KRB5_WITH_DES_CBC_SHA
• TLS_RSA_WITH_AES_128_CBC_SHA
• TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
• TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
• TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_RSA_WITH_NULL_SHA
• TLS_RSA_WITH_AES_128_CBC_SHA256
• TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
• TLS_DHE_DSS_WITH_AES_128_CBC_SHA

SSLEnabledCipherSuites is used together with SSLCipherStrength .

Note: This configuration setting is available only in .NET and Java.

SSLAlgorithmList

A string that controls the cipher algorithms to be used by SSL

This configuration option takes a semicolon (;) delimited list of cipher algorithms to specify what algorithms may be used by SSL. This option can be used in conjunction with SSLEnabledProtocols to control which ciphers are used.For example:

 obj.Config("SSLEnabledProtocols=3072"); // TLS1.2  (supports SHA_256)
   obj.Config("SSLAlgorithmList=CALG_SHA_256;CALG_MD5"); 

Possible values include:

• CALG_3DES
• CALG_3DES_112
• CALG_AES
• CALG_AES_128
• CALG_AES_192
• CALG_AES_256
• CALG_AGREEDKEY_ANY
• CALG_CYLINK_MEK
• CALG_DES
• CALG_DESX
• CALG_DH_EPHEM
• CALG_DH_SF
• CALG_DSS_SIGN
• CALG_ECDH
• CALG_ECDSA
• CALG_ECMQV
• CALG_HASH_REPLACE_OWF
• CALG_HUGHES_MD5
• CALG_HMAC
• CALG_KEA_KEYX
• CALG_MAC
• CALG_MD2
• CALG_MD4
• CALG_MD5
• CALG_NO_SIGN
• CALG_OID_INFO_CNG_ONLY
• CALG_OID_INFO_PARAMETERS
• CALG_PCT1_MASTER
• CALG_RC2
• CALG_RC4
• CALG_RC5
• CALG_RSA_KEYX
• CALG_RSA_SIGN
• CALG_SCHANNEL_ENC_KEY
• CALG_SCHANNEL_MAC_KEY
• CALG_SCHANNEL_MASTER_HASH
• CALG_SEAL
• CALG_SHA
• CALG_SHA1
• CALG_SHA_256
• CALG_SHA_384
• CALG_SHA_512
• CALG_SKIPJACK
• CALG_SSL2_MASTER
• CALG_SSL3_MASTER
• CALG_SSL3_SHAMD5
• CALG_TEK
• CALG_TLS1_MASTER
• CALG_TLS1PRF

This option is only valid in Windows.

Socket Configuration Settings

AbsoluteTimeout

Determines whether timeouts are inactivity timeouts or absolute timeouts

If AbsoluteTimeout is set to True, any method which does not complete within Timeout seconds will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout.Note: This option is not valid for UDP ports.

FirewallData

Used to send extra data to the firewall

When the firewall is a tunneling proxy, use this property to send custom (additional) headers to the firewall (e.g. headers for custom authentication schemes).

InBufferSize

The size in bytes of the incoming queue of the socket

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be receiving. Increasing the value of the InBufferSize setting can provide significant improvements in performance in some cases.Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the bean is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

OutBufferSize

The size in bytes of the outgoing queue of the socket

This is the size of an internal queue in the TCP/IP stack. You can increase or decrease its size depending on the amount of data that you will be sending. Increasing the value of the OutBufferSize setting can provide significant improvements in performance in some cases.Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the bean is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small.

Base Configuration Settings

GUIAvailable

Tells the bean whether or not a message loop is available for processing events

In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The bean will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.In some non-GUI applications an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GuiAvailable to false will ensure that the bean does not attempt to process external events.

UseDaemonThreads

Whether threads created by the bean are daemon threads

If set to True, when the bean creates a thread the thread's Daemon property will be explicitly set to True. By default this setting is False and the bean will not set the Daemon property on the created thread.

Throws:

IPWorksSSLException

doEvents

public void doEvents()
              throws IPWorksSSLException

Processes events from the internal message queue.

When DoEvents is called, the bean processes any available events. If no events are available, it waits for a preset period of time, and then returns.

Throws:

IPWorksSSLException

getAuthorization

public java.lang.String getAuthorization()
                                  throws IPWorksSSLException

Gets the authorization string required to access the protected resource.

This method performs several operations automatically depending on the value of ClientProfile . Please see the introduction section for the OAUTH bean for a detailed overview of the typical scenarios.

After authorization is completed this method will return the authorization string which can be passed directly to the Authorization property of any other component. This can also be passed as the value of the HTTP Authorization header to other implementations that access the protected resource as well.

Throws:

IPWorksSSLException

getAuthorizationURL

public java.lang.String getAuthorizationURL()
                                     throws IPWorksSSLException

Builds and returns the URL to which the user should be re-directed for authorization.

When this method is called, the bean will return the URL used for authorization. The bean will not make any connections itself, but instead return the URL to you so that you may re-direct the user to this location. This is useful when ClientProfile is set to cfWebServer. Before calling this method set:

• ClientId
• ClientSecret
• ReturnURL
• AuthorizationScope (optional)

Throws:

IPWorksSSLException

interrupt

public void interrupt()
               throws IPWorksSSLException

Interrupt the current method.

If there is no method in progress, Interrupt simply returns, doing nothing.

Throws:

IPWorksSSLException

reset

public void reset()
           throws IPWorksSSLException

Reset the bean.

This method will reset the bean properties to their default value when called.

Throws:

IPWorksSSLException

startWebServer

public void startWebServer()
                    throws IPWorksSSLException

Starts the embedded web server.

Starts the embedded web server. This method can be used to manually start the embedded web server. Under normal circumstances this is not needed as the component will automatically start and stop the web server when GetAuthorization is called. However, you may decide to start the web server manually before calling GetAuthorization . When called this method will also populate ReturnURL with the address of the embedded server.

Throws:

IPWorksSSLException

stopWebServer

public void stopWebServer()
                   throws IPWorksSSLException

Stops the embedded web server.

Stops the embedded web server. Under normal circumstances the web server will be stopped automatically during the authorization process when GetAuthorization is called. If {@link ipworksssl.Oauth#config is set to true the server will not be automatically stopped, and this method must be called to stop the embedded web server.

Throws:

IPWorksSSLException

addOauthEventListener

public void addOauthEventListener(OauthEventListener l)
                           throws java.util.TooManyListenersException

Throws:

java.util.TooManyListenersException

removeOauthEventListener

public void removeOauthEventListener(OauthEventListener l)