EMFStoreWebServer.java

/*******************************************************************************
 * Copyright (c) 2011-2014 EclipseSource Muenchen GmbH and others.
 *
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 *
 * Contributors:
 * Edgar Mueller - initial API and implementation
 ******************************************************************************/
package org.eclipse.emf.emfstore.internal.server.connection.xmlrpc;

import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;

import org.apache.xmlrpc.webserver.WebServer;
import org.eclipse.emf.emfstore.internal.common.model.util.ModelUtil;
import org.eclipse.emf.emfstore.internal.server.EMFStoreController;
import org.eclipse.emf.emfstore.internal.server.ServerConfiguration;
import org.eclipse.emf.emfstore.internal.server.connection.ServerKeyStoreManager;
import org.eclipse.emf.emfstore.internal.server.exceptions.FatalESException;
import org.eclipse.emf.emfstore.internal.server.exceptions.ServerKeyStoreException;

/**
 * Customized XML RPC web server implementation that support white listing of SSL ciphers.
 *
 * @author emueller
 *
 */
public class EMFStoreWebServer extends WebServer {

	private final String[] validCiphers;

	/**
	 * Constructor.
	 *
	 * @param port
	 *            the port to be used by the web server
	 */
	public EMFStoreWebServer(int port) {
		super(port);
		validCiphers = ServerConfiguration.getSplittedProperty(
			ServerConfiguration.SSL_CIPHERS);
	}

	/**
	 * {@inheritDoc}
	 *
	 * @see org.apache.xmlrpc.webserver.WebServer#allowConnection(java.net.Socket)
	 */
	@Override
	protected boolean allowConnection(Socket socket) {
		final String[] validCiphers = ServerConfiguration.getSplittedProperty(
			ServerConfiguration.SSL_CIPHERS);

		if (SSLSocket.class.isInstance(socket) && validCiphers != null) {
			final SSLSocket ss = (SSLSocket) socket;
			ss.setEnabledCipherSuites(validCiphers);
		}

		return super.allowConnection(socket);
	}

	@Override
	protected ServerSocket createServerSocket(int pPort, int backlog, InetAddress addr) throws IOException {
		SSLServerSocketFactory serverSocketFactory = null;
		try {
			final SSLContext context = SSLContext.getInstance("TLS"); //$NON-NLS-1$
			context.init(ServerKeyStoreManager.getInstance().getKeyManagerFactory().getKeyManagers(), null,
				null);
			serverSocketFactory = context.getServerSocketFactory();
		} catch (final NoSuchAlgorithmException exception) {
			shutdown(serverSocketFactory, exception);
		} catch (final KeyManagementException exception) {
			shutdown(serverSocketFactory, exception);
		} catch (final ServerKeyStoreException exception) {
			shutdown(serverSocketFactory, exception);
		}

		return serverSocketFactory.createServerSocket(pPort, backlog, addr);
	}

	private void shutdown(SSLServerSocketFactory serverSocketFactory, Exception e) {
		if (serverSocketFactory == null) {
			ModelUtil.logException(Messages.XmlRpcBuiltinWebServer_ServerSocketInitFailed, e);
			EMFStoreController.getInstance().shutdown(new FatalESException());
		}
	}
}