Package org.eclipse.jetty.server.ssl

Examples of org.eclipse.jetty.server.ssl.SslSelectChannelConnector


        return startConnector(connector);
    }

    private boolean initializeHttps()
    {
        SslConnector connector = this.config.isUseHttpsNio() ? new SslSelectChannelConnector() : new SslSocketConnector();
        configureConnector(connector, this.config.getHttpsPort());
        configureSslConnector(connector);
        return startConnector(connector);
    }
View Full Code Here


    }

    private static Connector buildSslConnector() {
        SslConnector sslConnector;
        if( usingNIO ) {
            sslConnector = new SslSelectChannelConnector();
        }
        else {
            sslConnector = new SslSocketConnector();
        }
        sslConnector.setPort(jettySSLPort);
View Full Code Here

        }
        return answer;
    }
   
    protected Connector createSslSocketConnector(JettyHttpEndpoint endpoint) throws Exception {
        SslSelectChannelConnector answer = null;
       
        // Note that this was set on the endpoint when it was constructed.  It was
        // either explicitly set at the component or on the endpoint, but either way,
        // the value is already set.  We therefore do not need to look at the component
        // level SSLContextParameters again in this method.
        SSLContextParameters endpointSslContextParameters = endpoint.getSslContextParameters();
       
        if (endpointSslContextParameters != null) {
            SslContextFactory contextFact = createSslContextFactory(endpointSslContextParameters);
            for (Constructor<?> c : SslSelectChannelConnector.class.getConstructors()) {
                if (c.getParameterTypes().length == 1
                    && c.getParameterTypes()[0].isInstance(contextFact)) {
                    answer = (SslSelectChannelConnector)c.newInstance(contextFact);
                }
            }
        } else {
            answer = new SslSelectChannelConnector();
            // with default null values, jetty ssl system properties
            // and console will be read by jetty implementation
   
            String keystoreProperty = System.getProperty(JETTY_SSL_KEYSTORE);
            if (keystoreProperty != null) {
                setKeyStorePath(answer, keystoreProperty);
            } else if (sslKeystore != null) {
                setKeyStorePath(answer, sslKeystore);
            }
   
            String keystorePassword = System.getProperty(JETTY_SSL_KEYPASSWORD);
            if (keystorePassword != null) {
                setKeyManagerPassword(answer, keystorePassword);
            } else if (sslKeyPassword != null) {
                setKeyManagerPassword(answer, sslKeyPassword);
            }
   
            String password = System.getProperty(JETTY_SSL_PASSWORD);
            if (password != null) {
                setKeyStorePassword(answer, password);
            } else if (sslPassword != null) {
                setKeyStorePassword(answer, sslPassword);
            }
        }
       
        if (getSslSocketConnectorProperties() != null) {
            if (endpointSslContextParameters != null) {
                LOG.warn("An SSLContextParameters instance is configured "
                         + "in addition to SslSocketConnectorProperties.  Any SslSocketConnector properties"
                         + "related to the SSLContext will be ignored in favor of the settings provided through"
                         + "SSLContextParameters.");
            }
           
            // must copy the map otherwise it will be deleted
            Map<String, Object> properties = new HashMap<String, Object>(getSslSocketConnectorProperties());
            IntrospectionSupport.setProperties(answer, properties);
            if (properties.size() > 0) {
                throw new IllegalArgumentException("There are " + properties.size()
                    + " parameters that couldn't be set on the SslSocketConnector."
                    + " Check the uri if the parameters are spelt correctly and that they are properties of the SslSocketConnector."
                    + " Unknown parameters=[" + properties + "]");
            }
        }

        if (answer != null && requestBufferSize != null) {
            answer.setRequestBufferSize(requestBufferSize);
        }
        if (answer != null && requestHeaderSize != null) {
            answer.setRequestHeaderSize(requestHeaderSize);
        }
        if (answer != null && responseBufferSize != null) {
            answer.setResponseBufferSize(responseBufferSize);
        }
        if (answer != null && responseHeaderSize != null) {
            answer.setResponseBufferSize(responseHeaderSize);
        }
        return answer;
    }
View Full Code Here

        sslContextFactory.setKeyStorePath(super.getKeyStorePath());
        sslContextFactory.setKeyStorePassword(super.getKeyStorePassword());
        sslContextFactory.setTrustStore(super.getTrustStorePath());
        sslContextFactory.setTrustStorePassword(super.getTrustStorePassword());
        sslContextFactory.setNeedClientAuth(super.getRequireClientCert());
        SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector(sslContextFactory);
        httpsConnector.setPort(super.getHttpsPort());

        WebAppContext webAppContext = new WebAppContext();
        webAppContext.setContextPath(this.getContextPath());
        webAppContext.setWar(this.getWebAppDir());
        webAppContext.getSessionHandler().getSessionManager().setMaxInactiveInterval(super.getSessionTimeout() * 60);
 
View Full Code Here

      SSLContext sslContext = SSLContext.getDefault();
      sslContextFactory.setIncludeCipherSuites(SslPolicy.DEFAULT.getEngineConfig(sslContext)
          .getEnabledCipherSuites());
      sslContextFactory.setIncludeProtocols(SslPolicy.DEFAULT.getEngineConfig(sslContext).getEnabledProtocols());

      SslSelectChannelConnector connector = new SslSelectChannelConnector(sslContextFactory);
      connector.setPort(PORT);
      String host = configuration.lookup("http.host", null);
      if (host != null) {
        connector.setHost(host);
      }

      server.setConnectors(new Connector[] { connector });
    }
View Full Code Here

    public String getKeystore() {
        return sslKeystore;
    }

    protected SslSelectChannelConnector getSslSocketConnector(JettyHttpEndpoint endpoint) throws Exception {
        SslSelectChannelConnector answer = null;
        if (sslSocketConnectors != null) {
            answer = sslSocketConnectors.get(endpoint.getPort());
        }
        if (answer == null) {
            answer = createSslSocketConnector(endpoint);
View Full Code Here

        }
        return answer;
    }
   
    protected SslSelectChannelConnector createSslSocketConnector(JettyHttpEndpoint endpoint) throws Exception {
        SslSelectChannelConnector answer = null;
       
        // Note that this was set on the endpoint when it was constructed.  It was
        // either explicitly set at the component or on the endpoint, but either way,
        // the value is already set.  We therefore do not need to look at the component
        // level SSLContextParameters again in this method.
        SSLContextParameters endpointSslContextParameters = endpoint.getSslContextParameters();
       
        if (endpointSslContextParameters != null) {
            SslContextFactory contextFact = new SslContextFactory() {

                // This method is for Jetty 7.0.x ~ 7.4.x
                @SuppressWarnings("unused")
                public boolean checkConfig() {
                    if (getSslContext() == null) {
                        return checkSSLContextFactoryConfig(this);
                    } else {
                        return true;
                    }
                }
                // This method is for Jetty 7.5.x
                public void checkKeyStore() {
                    // here we don't check the SslContext as it is already created
                }
               
            };
            contextFact.setSslContext(endpointSslContextParameters.createSSLContext());
            for (Constructor<?> c : SslSelectChannelConnector.class.getConstructors()) {
                if (c.getParameterTypes().length == 1
                    && c.getParameterTypes()[0].isInstance(contextFact)) {
                    answer = (SslSelectChannelConnector)c.newInstance(contextFact);
                }
            }
        } else {
            answer = new SslSelectChannelConnector();
            // with default null values, jetty ssl system properties
            // and console will be read by jetty implementation
   
            String keystoreProperty = System.getProperty(JETTY_SSL_KEYSTORE);
            if (keystoreProperty != null) {
                setKeyStorePath(answer, keystoreProperty);
            } else if (sslKeystore != null) {
                setKeyStorePath(answer, sslKeystore);
            }
   
            String keystorePassword = System.getProperty(JETTY_SSL_KEYPASSWORD);
            if (keystorePassword != null) {
                setKeyManagerPassword(answer, keystorePassword);
            } else if (sslKeyPassword != null) {
                setKeyManagerPassword(answer, sslKeyPassword);
            }
   
            String password = System.getProperty(JETTY_SSL_PASSWORD);
            if (password != null) {
                setKeyStorePassword(answer, password);
            } else if (sslPassword != null) {
                setKeyStorePassword(answer, sslPassword);
            }
        }
       
        if (getSslSocketConnectorProperties() != null) {
            if (endpointSslContextParameters != null) {
                LOG.warn("An SSLContextParameters instance is configured "
                         + "in addition to SslSocketConnectorProperties.  Any SslSocketConnector properties"
                         + "related to the SSLContext will be ignored in favor of the settings provided through"
                         + "SSLContextParameters.");
            }
           
            // must copy the map otherwise it will be deleted
            Map<String, Object> properties = new HashMap<String, Object>(getSslSocketConnectorProperties());
            IntrospectionSupport.setProperties(answer, properties);
            if (properties.size() > 0) {
                throw new IllegalArgumentException("There are " + properties.size()
                    + " parameters that couldn't be set on the SslSocketConnector."
                    + " Check the uri if the parameters are spelt correctly and that they are properties of the SslSocketConnector."
                    + " Unknown parameters=[" + properties + "]");
            }
        }

        if (answer != null && requestBufferSize != null) {
            answer.setRequestBufferSize(requestBufferSize);
        }
        if (answer != null && requestHeaderSize != null) {
            answer.setRequestHeaderSize(requestHeaderSize);
        }
        if (answer != null && responseBufferSize != null) {
            answer.setResponseBufferSize(responseBufferSize);
        }
        if (answer != null && responseHeaderSize != null) {
            answer.setResponseBufferSize(responseHeaderSize);
        }
        return answer;
    }
View Full Code Here

    public String getKeystore() {
        return sslKeystore;
    }

    protected SslSelectChannelConnector getSslSocketConnector(JettyHttpEndpoint endpoint) throws Exception {
        SslSelectChannelConnector answer = null;
        if (sslSocketConnectors != null) {
            answer = sslSocketConnectors.get(endpoint.getPort());
        }
        if (answer == null) {
            answer = createSslSocketConnector(endpoint);
View Full Code Here

        }
        return answer;
    }
   
    protected SslSelectChannelConnector createSslSocketConnector(JettyHttpEndpoint endpoint) throws Exception {
        SslSelectChannelConnector answer = null;
       
        // Note that this was set on the endpoint when it was constructed.  It was
        // either explicitly set at the component or on the endpoint, but either way,
        // the value is already set.  We therefore do not need to look at the component
        // level SSLContextParameters again in this method.
        SSLContextParameters endpointSslContextParameters = endpoint.getSslContextParameters();
       
        if (endpointSslContextParameters != null) {
            SslContextFactory contextFact = new SslContextFactory() {

                // This method is for Jetty 7.0.x ~ 7.4.x
                @SuppressWarnings("unused")
                public boolean checkConfig() {
                    if (getSslContext() == null) {
                        return checkSSLContextFactoryConfig(this);
                    } else {
                        return true;
                    }
                }
                // This method is for Jetty 7.5.x
                public void checkKeyStore() {
                    // here we don't check the SslContext as it is already created
                }
               
            };
            contextFact.setSslContext(endpointSslContextParameters.createSSLContext());
            for (Constructor<?> c : SslSelectChannelConnector.class.getConstructors()) {
                if (c.getParameterTypes().length == 1
                    && c.getParameterTypes()[0].isInstance(contextFact)) {
                    answer = (SslSelectChannelConnector)c.newInstance(contextFact);
                }
            }
        } else {
            answer = new SslSelectChannelConnector();
            // with default null values, jetty ssl system properties
            // and console will be read by jetty implementation
   
            String keystoreProperty = System.getProperty(JETTY_SSL_KEYSTORE);
            if (keystoreProperty != null) {
                setKeyStorePath(answer, keystoreProperty);
            } else if (sslKeystore != null) {
                setKeyStorePath(answer, sslKeystore);
            }
   
            String keystorePassword = System.getProperty(JETTY_SSL_KEYPASSWORD);
            if (keystorePassword != null) {
                setKeyManagerPassword(answer, keystorePassword);
            } else if (sslKeyPassword != null) {
                setKeyManagerPassword(answer, sslKeyPassword);
            }
   
            String password = System.getProperty(JETTY_SSL_PASSWORD);
            if (password != null) {
                setKeyStorePassword(answer, password);
            } else if (sslPassword != null) {
                setKeyStorePassword(answer, sslPassword);
            }
        }
       
        if (getSslSocketConnectorProperties() != null) {
            if (endpointSslContextParameters != null) {
                LOG.warn("An SSLContextParameters instance is configured "
                         + "in addition to SslSocketConnectorProperties.  Any SslSocketConnector properties"
                         + "related to the SSLContext will be ignored in favor of the settings provided through"
                         + "SSLContextParameters.");
            }
           
            // must copy the map otherwise it will be deleted
            Map<String, Object> properties = new HashMap<String, Object>(getSslSocketConnectorProperties());
            IntrospectionSupport.setProperties(answer, properties);
            if (properties.size() > 0) {
                throw new IllegalArgumentException("There are " + properties.size()
                    + " parameters that couldn't be set on the SslSocketConnector."
                    + " Check the uri if the parameters are spelt correctly and that they are properties of the SslSocketConnector."
                    + " Unknown parameters=[" + properties + "]");
            }
        }

        if (answer != null && requestBufferSize != null) {
            answer.setRequestBufferSize(requestBufferSize);
        }
        if (answer != null && requestHeaderSize != null) {
            answer.setRequestHeaderSize(requestHeaderSize);
        }
        if (answer != null && responseBufferSize != null) {
            answer.setResponseBufferSize(responseBufferSize);
        }
        if (answer != null && responseHeaderSize != null) {
            answer.setResponseBufferSize(responseHeaderSize);
        }
        return answer;
    }
View Full Code Here

        root.addFilter(new FilterHolder(springSecurityFilter), "/proxy/*", 1);
      }


      //Secured connector for 2-way auth
      SslSelectChannelConnector sslConnectorTwoWay = new
          SslSelectChannelConnector();
      sslConnectorTwoWay.setPort(configs.getTwoWayAuthPort());

      Map<String, String> configsMap = configs.getConfigsMap();
      String keystore = configsMap.get(Configuration.SRVR_KSTR_DIR_KEY) +
          File.separator + configsMap.get(Configuration.KSTR_NAME_KEY);
      String srvrCrtPass = configsMap.get(Configuration.SRVR_CRT_PASS_KEY);
      sslConnectorTwoWay.setKeystore(keystore);
      sslConnectorTwoWay.setTruststore(keystore);
      sslConnectorTwoWay.setPassword(srvrCrtPass);
      sslConnectorTwoWay.setKeyPassword(srvrCrtPass);
      sslConnectorTwoWay.setTrustPassword(srvrCrtPass);
      sslConnectorTwoWay.setKeystoreType("PKCS12");
      sslConnectorTwoWay.setTruststoreType("PKCS12");
      sslConnectorTwoWay.setNeedClientAuth(configs.getTwoWaySsl());

      //Secured connector for 1-way auth
      //SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector();
      SslContextFactory contextFactory = new SslContextFactory(true);
      //sslConnectorOneWay.setPort(AGENT_ONE_WAY_AUTH);
      contextFactory.setKeyStorePath(keystore);
      // sslConnectorOneWay.setKeystore(keystore);
      contextFactory.setTrustStore(keystore);
      // sslConnectorOneWay.setTruststore(keystore);
      contextFactory.setKeyStorePassword(srvrCrtPass);
      // sslConnectorOneWay.setPassword(srvrCrtPass);

      contextFactory.setKeyManagerPassword(srvrCrtPass);

      // sslConnectorOneWay.setKeyPassword(srvrCrtPass);

      contextFactory.setTrustStorePassword(srvrCrtPass);
      //sslConnectorOneWay.setTrustPassword(srvrCrtPass);

      contextFactory.setKeyStoreType("PKCS12");
      //sslConnectorOneWay.setKeystoreType("PKCS12");
      contextFactory.setTrustStoreType("PKCS12");

      //sslConnectorOneWay.setTruststoreType("PKCS12");
      contextFactory.setNeedClientAuth(false);
      // sslConnectorOneWay.setWantClientAuth(false);
      // sslConnectorOneWay.setNeedClientAuth(false);
      SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector(contextFactory);
      sslConnectorOneWay.setPort(configs.getOneWayAuthPort());
      sslConnectorOneWay.setAcceptors(2);
      sslConnectorTwoWay.setAcceptors(2);
      serverForAgent.setConnectors(new Connector[]{ sslConnectorOneWay, sslConnectorTwoWay});

      ServletHolder sh = new ServletHolder(ServletContainer.class);
      sh.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
          "com.sun.jersey.api.core.PackagesResourceConfig");
      sh.setInitParameter("com.sun.jersey.config.property.packages",
          "org.apache.ambari.server.api.rest;" +
              "org.apache.ambari.server.api.services;" +
              "org.apache.ambari.eventdb.webservice;" +
              "org.apache.ambari.server.api");
      sh.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
          "true");
      root.addServlet(sh, "/api/v1/*");
      sh.setInitOrder(2);

      HandlerList handlerList = new HandlerList();

      ViewRegistry viewRegistry = ViewRegistry.getInstance();
      for (ViewInstanceEntity entity : viewRegistry.readViewArchives(configs)){
        handlerList.addHandler(viewRegistry.getWebAppContext(entity));
      }
      handlerList.addHandler(root);

      server.setHandler(handlerList);

      ServletHolder agent = new ServletHolder(ServletContainer.class);
      agent.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
          "com.sun.jersey.api.core.PackagesResourceConfig");
      agent.setInitParameter("com.sun.jersey.config.property.packages",
          "org.apache.ambari.server.agent.rest;" + "org.apache.ambari.server.api");
      agent.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
          "true");
      agentroot.addServlet(agent, "/agent/v1/*");
      agent.setInitOrder(3);

      ServletHolder cert = new ServletHolder(ServletContainer.class);
      cert.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
          "com.sun.jersey.api.core.PackagesResourceConfig");
      cert.setInitParameter("com.sun.jersey.config.property.packages",
          "org.apache.ambari.server.security.unsecured.rest;" + "org.apache.ambari.server.api");
      cert.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature",
          "true");
      agentroot.addServlet(cert, "/*");
      cert.setInitOrder(4);

      ServletHolder proxy = new ServletHolder(ServletContainer.class);
      proxy.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
                             "com.sun.jersey.api.core.PackagesResourceConfig");
      proxy.setInitParameter("com.sun.jersey.config.property.packages",
                             "org.apache.ambari.server.proxy");
      proxy.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature", "true");
      root.addServlet(proxy, "/proxy/*");
      proxy.setInitOrder(5);

      ServletHolder resources = new ServletHolder(ServletContainer.class);
      resources.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
          "com.sun.jersey.api.core.PackagesResourceConfig");
      resources.setInitParameter("com.sun.jersey.config.property.packages",
          "org.apache.ambari.server.resources.api.rest;");
      root.addServlet(resources, "/resources/*");
      resources.setInitOrder(6);

      if (configs.csrfProtectionEnabled()) {
        sh.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
                    "com.sun.jersey.api.container.filter.CsrfProtectionFilter");
        proxy.setInitParameter("com.sun.jersey.spi.container.ContainerRequestFilters",
                    "com.sun.jersey.api.container.filter.CsrfProtectionFilter");
      }

      //Set jetty thread pool
      serverForAgent.setThreadPool(new QueuedThreadPool(25));
      server.setThreadPool(new QueuedThreadPool(25));

      /* Configure the API server to use the NIO connectors */
      SelectChannelConnector apiConnector;

      if (configs.getApiSSLAuthentication()) {
        String httpsKeystore = configsMap.get(Configuration.CLIENT_API_SSL_KSTR_DIR_NAME_KEY) +
          File.separator + configsMap.get(Configuration.CLIENT_API_SSL_KSTR_NAME_KEY);
        LOG.info("API SSL Authentication is turned on. Keystore - " + httpsKeystore);

        String httpsCrtPass = configsMap.get(Configuration.CLIENT_API_SSL_CRT_PASS_KEY);

        SslSelectChannelConnector sapiConnector = new SslSelectChannelConnector();
        sapiConnector.setPort(configs.getClientSSLApiPort());
        sapiConnector.setKeystore(httpsKeystore);
        sapiConnector.setTruststore(httpsKeystore);
        sapiConnector.setPassword(httpsCrtPass);
        sapiConnector.setKeyPassword(httpsCrtPass);
        sapiConnector.setTrustPassword(httpsCrtPass);
        sapiConnector.setKeystoreType("PKCS12");
        sapiConnector.setTruststoreType("PKCS12");
        sapiConnector.setMaxIdleTime(configs.getConnectionMaxIdleTime());
        apiConnector = sapiConnector;
      }
      else  {
        apiConnector = new SelectChannelConnector();
        apiConnector.setPort(configs.getClientApiPort());
View Full Code Here

TOP

Related Classes of org.eclipse.jetty.server.ssl.SslSelectChannelConnector

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.