Managing Client-Side Authentication
You can define a KeyManager, if your client application is required to send authentication credentials to the server. The following example adds client authentication to the newTrustOptions method shown in Accessing a Keystore:
protected SecurityOptions newTrustOptions()
throws Exception
{
// Load key store with trusted signing authorities.
KeyStore trustedKeyStore = KeyStore.getInstance("JKS");
trustedKeyStore.load(
new FileInputStream("C:/users/myname/.keystore"),
null);
// Build trust manager to validate server certificates using the
specified key store.
TrustManagerFactory trustManagerFactory =
TrustManagerFactory.getInstance("SunX509");
trustManagerFactory.init(trustedKeyStore);
TrustManager[] trust = trustManagerFactory.getTrustManagers();
// Load key store with client certificates.
KeyStore clientKeyStore = KeyStore.getInstance("JKS");
clientKeyStore.load(
new FileInputStream("C:/users/myname/.keystore"),
null);
// Get key manager to provide client credentials.
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance("SunX509");
keyManagerFactory.init(clientKeyStore, “passphrase”);
KeyManager[] key = keyManagerFactory.getKeyManagers();
// Initialize the SSL context with key and trust managers.
SSLContext sslContext = SSLContext.getInstance("SSLv3");
sslContext.init(key, trust, null);
return new SecurityOptions(sslContext);
}