Java Examples for org.eclipse.jetty.http.ssl.SslContextFactory
The following java examples will help you to understand the usage of org.eclipse.jetty.http.ssl.SslContextFactory. These source code samples are taken from different open source projects.
Example 1
Project: org.ops4j.pax.url-master File: TestBase.java View source code |
@Before public void startHttp() throws Exception { /** client setup */ /** TODO should work w/o this ? */ Util.setupClientSSL(); /** server setup */ server = new Server(); final SslContextFactory factory = new SslContextFactory(); factory.setKeyStore(Util.getTestKeystore().getAbsolutePath()); factory.setKeyStorePassword(Util.getTestKeystorePassword()); factory.setTrustStore(Util.getTestKeystore().getAbsolutePath()); factory.setKeyManagerPassword(Util.getTestKeystorePassword()); final SslSocketConnector connector = new SslSocketConnector(factory); connector.setPort(Util.getPort()); server.addConnector(connector); server.setHandler(new RepoHandler()); server.start(); log.info("init"); }
Example 2
Project: blog-cdidemo-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStore(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 3
Project: justaddwater-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStore(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 4
Project: wicked-forms-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStore(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 5
Project: wicket-sample-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStore(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 6
Project: apachecon-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStore(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 7
Project: cagrid2-master File: AbstractTrustManager.java View source code |
public void reload(List<TrustedCAEntry> trustedCAList) {
this.trustManager = null;
if ((trustedCAList != null) && (trustedCAList.size() > 0)) {
List<X509Certificate> certs = new ArrayList<X509Certificate>();
Set<CRL> crls = new HashSet<CRL>();
for (TrustedCAEntry ca : trustedCAList) {
certs.add(ca.getCertificate());
if (ca.getCRL() != null) {
crls.add(ca.getCRL());
}
}
try {
// load keystore from specified cert store (or default)
KeyStore ts = KeyStore.getInstance("jks");
ts.load(null);
// add all temporary certs to KeyStore (ts)
for (Certificate cert : certs) {
ts.setCertificateEntry(UUID.randomUUID().toString(), cert);
}
PKIXBuilderParameters pbParams = new PKIXBuilderParameters(ts, new X509CertSelector());
pbParams.setSigProvider("BC");
// Set maximum certification path length
pbParams.setMaxPathLength(-1);
// Make sure revocation checking is enabled
pbParams.setRevocationEnabled(isRevocationEnabled());
if (crls != null && !crls.isEmpty()) {
pbParams.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(crls)));
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SslContextFactory.DEFAULT_TRUSTMANAGERFACTORY_ALGORITHM);
trustManagerFactory.init(new CertPathTrustManagerParameters(pbParams));
// acquire X509 trust manager from factory
TrustManager tms[] = trustManagerFactory.getTrustManagers();
for (int i = 0; i < tms.length; i++) {
if (tms[i] instanceof X509TrustManager) {
trustManager = (X509TrustManager) tms[i];
if (log.isDebugEnabled()) {
StringBuffer msg = new StringBuffer("Successfully loaded the trust manager with the following certificates:\n");
int count = 1;
for (X509Certificate cert : certs) {
msg.append(" (" + count + ") " + cert.getSubjectDN().getName() + "\n");
count = count + 1;
}
log.debug(msg.toString());
}
return;
}
}
throw new NoSuchAlgorithmException("No X509TrustManager in TrustManagerFactory");
} catch (Exception e) {
log.error("An unexpected error occurred reloading the trust manager:", e);
}
}
}
Example 8
Project: de.flapdoodle.wicket-master File: Start.java View source code |
public static void main(String[] args) throws Exception { int timeout = (int) Duration.ONE_HOUR.getMilliseconds(); Server server = new Server(); SocketConnector connector = new SocketConnector(); // Set some timeout options to make debugging easier. connector.setMaxIdleTime(timeout); connector.setSoLingerTime(-1); connector.setPort(8080); server.addConnector(connector); // check if a keystore for a SSL certificate is available, and // if so, start a SSL connector on port 8443. By default, the // quickstart comes with a Apache Wicket Quickstart Certificate // that expires about half way september 2021. Do not use this // certificate anywhere important as the passwords are available // in the source. Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { connector.setConfidentialPort(8443); SslContextFactory factory = new SslContextFactory(); factory.setKeyStoreResource(keystore); factory.setKeyStorePassword("wicket"); factory.setTrustStoreResource(keystore); factory.setKeyManagerPassword("wicket"); SslSocketConnector sslConnector = new SslSocketConnector(factory); sslConnector.setMaxIdleTime(timeout); sslConnector.setPort(8443); sslConnector.setAcceptors(4); server.addConnector(sslConnector); System.out.println("SSL access to the quickstart has been enabled on port 8443"); System.out.println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // START JMX SERVER // MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); // MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); // server.getContainer().addEventListener(mBeanContainer); // mBeanContainer.start(); server.setHandler(bb); try { System.out.println(">>> STARTING EMBEDDED JETTY SERVER, PRESS ANY KEY TO STOP"); server.start(); System.in.read(); System.out.println(">>> STOPPING EMBEDDED JETTY SERVER"); server.stop(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(1); } }
Example 9
Project: eclipse-jetty-plugin-master File: Jetty7ServerConfiguration.java View source code |
/**
* {@inheritDoc}
*
* @see net.sourceforge.eclipsejetty.jetty.AbstractServerConfiguration#buildHttpsConfig(net.sourceforge.eclipsejetty.jetty.JettyConfigBuilder)
*/
@Override
protected void buildHttpsConfig(JettyConfigBuilder builder) {
if (getSslPort() == null) {
return;
}
builder.comment("HTTPs Config");
builder.beginNew("sslContextFactory", "org.eclipse.jetty.http.ssl.SslContextFactory");
{
builder.set("KeyStore", getKeyStorePath());
builder.set("KeyStorePassword", getKeyStorePassword());
builder.set("KeyManagerPassword", getKeyManagerPassword());
builder.set("TrustStore", getKeyStorePath());
builder.set("TrustStorePassword", getKeyStorePassword());
}
builder.end();
}
Example 10
Project: freedomotic-master File: RestJettyServer.java View source code |
public void startServer() throws Exception { webServer = new Server(); LOG.info("Starting RestAPI Server..."); /** * TODO WHEN MOVING TO JETTY 9 refactor connectors code and add spdy * support * http://download.eclipse.org/jetty/stable-9/xref/org/eclipse/jetty/embedded/SpdyConnector.html * */ if (!master.configuration.getBooleanProperty("enable-ssl", false)) { SelectChannelConnector selectChannelConnector = new SelectChannelConnector(); selectChannelConnector.setPort(master.configuration.getIntProperty("http-port", 9111)); webServer.addConnector(selectChannelConnector); } else { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePassword(master.configuration.getStringProperty("KEYSTORE_SERVER_PWD", "freedomotic")); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(new FileInputStream(master.getFile().getParent() + "/data/" + master.configuration.getStringProperty("KEYSTORE_SERVER_FILE", "keystore_server")), master.configuration.getStringProperty("KEYSTORE_SERVER_PWD", "freedomotic").toCharArray()); sslContextFactory.setKeyStore(keyStore); SslSelectChannelConnector sslSelectChannelConnector = new SslSelectChannelConnector(sslContextFactory); sslSelectChannelConnector.setPort(master.configuration.getIntProperty("https-port", 9113)); webServer.addConnector(sslSelectChannelConnector); } ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setContextPath("/"); // atmpsphere servlet ServletHolder atmosphereServletHolder = new ServletHolder(AtmosphereServlet.class); atmosphereServletHolder.setInitParameter("jersey.config.server.provider.packages", RestAPIv3.ATMOSPHRE_RESOURCE_PKG); atmosphereServletHolder.setInitParameter("org.atmosphere.websocket.messageContentType", "application/json"); atmosphereServletHolder.setInitParameter("org.atmosphere.cpr.AtmosphereInterceptor", "org.atmosphere.interceptor.ShiroInterceptor"); // atmosphereServletHolder.setInitParameter("org.atmosphere.cpr.broadcasterClass", "org.atmosphere.jersey.JerseyBroadcaster"); atmosphereServletHolder.setAsyncSupported(true); atmosphereServletHolder.setInitParameter("org.atmosphere.useWebSocket", "true"); atmosphereServletHolder.setInitOrder(2); context.addServlet(atmosphereServletHolder, "/" + API_VERSION + "/ws/*"); // jersey servlet ServletHolder jerseyServletHolder = new ServletHolder(ServletContainer.class); jerseyServletHolder.setInitParameter("javax.ws.rs.Application", JerseyApplication.class.getCanonicalName()); jerseyServletHolder.setInitParameter("jersey.config.server.wadl.disableWadl", "true"); jerseyServletHolder.setInitOrder(1); context.addServlet(jerseyServletHolder, "/" + API_VERSION + "/*"); // cors filter if (master.configuration.getBooleanProperty("enable-cors", false)) { FilterHolder corsFilterHolder = new FilterHolder(CrossOriginFilter.class); corsFilterHolder.setInitParameter("allowedOrigins", master.configuration.getStringProperty("Access-Control-Allow-Origin", "*")); corsFilterHolder.setInitParameter("allowedMethods", master.configuration.getStringProperty("Access-Control-Allow-Methods", "GET,PUT,HEAD,POST,DELETE")); corsFilterHolder.setInitParameter("allowedHeaders", master.configuration.getStringProperty("Access-Control-Allow-Headers", "Accept,Accept-Version,Authorization,Content-Length,Content-MD5,Content-Type,Date," + "Origin,X-Access-Token,X-Api-Version,X-CSRF-Token,X-File-Name,X-Requested-With")); corsFilterHolder.setInitParameter("allowCredentials", "true"); context.addFilter(corsFilterHolder, "/*", null); } // shiro filter if (master.getApi().getAuth().isInited()) { context.addEventListener(new ShiroListener()); context.addFilter(ShiroFilter.class, "/*", null); } // guice filter context.addEventListener(guiceServletConfig); context.addFilter(GuiceFilter.class, "/*", null); //static files handler String staticDir = master.configuration.getStringProperty("serve-static", "swagger"); context.setResourceBase(new File(master.getFile().getParent() + "/data/" + staticDir + "/").getAbsolutePath()); context.addServlet(DefaultServlet.class, "/*"); // serve resource files (images and so on) ServletHolder resHolder = new ServletHolder("static-home", DefaultServlet.class); resHolder.setInitParameter("resourceBase", Info.PATHS.PATH_RESOURCES_FOLDER.getAbsolutePath()); resHolder.setInitParameter("dirAllowed", "true"); resHolder.setInitParameter("pathInfoOnly", "true"); context.addServlet(resHolder, "/res/*"); HandlerList handlers = new HandlerList(); handlers.addHandler(context); handlers.addHandler(new DefaultHandler()); webServer.setHandler(handlers); webServer.start(); LOG.info("Started RestAPI Server"); }
Example 11
Project: opennms_dashboard-master File: JettyServer.java View source code |
/** {@inheritDoc} */ @Override protected void onInit() { Properties p = System.getProperties(); File homeDir = new File(p.getProperty("opennms.home")); File webappsDir = new File(homeDir, "jetty-webapps"); m_server = new Server(); Connector connector = new SelectChannelConnector(); Integer port = Integer.getInteger("org.opennms.netmgt.jetty.port", m_port); connector.setPort(port); String host = System.getProperty("org.opennms.netmgt.jetty.host"); if (host != null) { connector.setHost(host); } Integer requestHeaderSize = Integer.getInteger("org.opennms.netmgt.jetty.requestHeaderSize"); if (requestHeaderSize != null) { connector.setRequestHeaderSize(requestHeaderSize); } m_server.addConnector(connector); Integer ajp_port = Integer.getInteger("org.opennms.netmgt.jetty.ajp-port"); if (ajp_port != null) { Ajp13SocketConnector ajpConnector = new Ajp13SocketConnector(); ajpConnector.setPort(ajp_port); // Apache AJP connector freaks out with anything larger ajpConnector.setHeaderBufferSize(8096); m_server.addConnector(ajpConnector); } Integer https_port = Integer.getInteger("org.opennms.netmgt.jetty.https-port"); if (https_port != null) { String keyStorePath = System.getProperty("org.opennms.netmgt.jetty.https-keystore", homeDir + File.separator + "etc" + File.separator + "examples" + File.separator + "jetty.keystore"); String keyStorePassword = System.getProperty("org.opennms.netmgt.jetty.https-keystorepassword", "changeit"); String keyManagerPassword = System.getProperty("org.opennms.netmgt.jetty.https-keypassword", "changeit"); SslContextFactory contextFactory = new SslContextFactory(keyStorePath); contextFactory.setKeyStorePassword(keyStorePassword); contextFactory.setKeyManagerPassword(keyManagerPassword); excludeCipherSuites(contextFactory, https_port); SslSocketConnector sslConnector = new SslSocketConnector(contextFactory); sslConnector.setPort(https_port); String httpsHost = System.getProperty("org.opennms.netmgt.jetty.https-host"); if (httpsHost != null) { sslConnector.setHost(httpsHost); } m_server.addConnector(sslConnector); } HandlerCollection handlers = new HandlerCollection(); if (webappsDir.exists()) { File rootDir = null; for (File file : webappsDir.listFiles()) { if (file.isDirectory()) { String contextPath; if ("ROOT".equals(file.getName())) { // Defer this to last to avoid nested context order problems rootDir = file; continue; } else { contextPath = "/" + file.getName(); } addContext(handlers, file, contextPath); registerService(port, contextPath); } } if (rootDir != null) { // If we deferred a ROOT context, handle that now addContext(handlers, rootDir, "/"); registerService(port, "/"); } } m_server.setHandler(handlers); m_server.setStopAtShutdown(true); }
Example 12
Project: run-jetty-run-master File: Bootstrap.java View source code |
private static void initSSL(Server server, int sslport, String keystore, String password, String keyPassword, boolean needClientAuth) { if (keystore == null) { throw new IllegalStateException("you need to provide argument -Drjrkeystore with -Drjrsslport"); } if (password == null) { throw new IllegalStateException("you need to provide argument -Drjrpassword with -Drjrsslport"); } if (keyPassword == null) { throw new IllegalStateException("you need to provide argument -Drjrkeypassword with -Drjrsslport"); } SslContextFactory sslcontextfactory = new SslContextFactory(); sslcontextfactory.setKeyStore(keystore); sslcontextfactory.setKeyStorePassword(password); sslcontextfactory.setKeyManagerPassword(keyPassword); if (needClientAuth) { System.err.println("Enable NeedClientAuth."); sslcontextfactory.setNeedClientAuth(needClientAuth); } SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslcontextfactory); sslConnector.setMaxIdleTime(30000); sslConnector.setPort(sslport); server.addConnector(sslConnector); }
Example 13
Project: i2p.i2p-master File: MigrateJetty.java View source code |
/** * Migrate a jetty.xml file to Jetty 9. * Unlike above, where we just migrate the new install file over for Jetty 9, * here we modify the xml file in-place to preserve settings where possible. * * @return success * @since Jetty 9 */ private static boolean migrateToJetty9(File xmlFile) { if (xmlFile.getName().equals("jetty-jmx.xml")) { // This is lazy but nobody's using jmx, not worth the trouble System.err.println("ERROR: Migration of " + xmlFile + " file is not supported. Copy new file from $I2P/eepsite-jetty9/jetty-jmx.xml"); return false; } // we don't re-migrate from the template, we just add the // necessary args for the QueuedThreadPool constructor in-place // and fixup the renamed set call boolean modified = false; File eepsite = xmlFile.getParentFile(); File newFile = new File(eepsite, xmlFile.getName() + System.currentTimeMillis() + ".tmp"); FileInputStream in = null; PrintWriter out = null; try { in = new FileInputStream(xmlFile); out = new PrintWriter(new BufferedWriter(new OutputStreamWriter(new SecureFileOutputStream(newFile), "UTF-8"))); String s; boolean foundQTP = false; boolean foundSTP = false; boolean foundETP = false; boolean foundSCC = false; boolean foundHC = false; boolean foundSSCC = false; while ((s = DataHelper.readLine(in)) != null) { // readLine() doesn't strip \r if (s.endsWith("\r")) s = s.substring(0, s.length() - 1); if (s.contains("Modified by I2P migration script for Jetty 9.") || s.contains("This configuration supports Jetty 9.") || s.contains("http://www.eclipse.org/jetty/configure_9_0.dtd")) { if (!modified) break; // else we've modified it twice? } else if (s.contains("org.eclipse.jetty.util.thread.QueuedThreadPool")) { foundQTP = true; } else if (foundQTP) { if (!(s.contains("Modified by") || s.contains("<Arg type=\"int\">"))) { out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); out.println(" <Arg type=\"int\">20</Arg> <!-- maxThreads, overridden below -->"); out.println(" <Arg type=\"int\">3</Arg> <!-- minThreads, overridden below -->"); out.println(" <Arg type=\"int\">60000</Arg> <!-- maxIdleTimeMs, overridden below -->"); modified = true; } foundQTP = false; } if (s.contains("<Set name=\"maxIdleTimeMs\">")) { // <Set name="maxIdleTimeMs">60000</Set> s = s.replace("<Set name=\"maxIdleTimeMs\">", "<Set name=\"idleTimeout\">"); modified = true; } else if (s.contains("<Set name=\"ThreadPool\">")) { // <Set name="ThreadPool">, must be changed to constructor arg out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); s = s.replace("<Set name=\"ThreadPool\">", "<Arg>"); foundSTP = true; modified = true; } else if (foundSTP && !foundETP && s.contains("</Set>") && !s.contains("<Set")) { // </Set> (close of <Set name="ThreadPool">) // All the lines above have <Set>...</Set> on the same line, if they don't, this will break. s = s.replace("</Set>", "</Arg>"); foundETP = true; } else if (s.contains("org.eclipse.jetty.server.nio.SelectChannelConnector")) { s = s.replace("org.eclipse.jetty.server.nio.SelectChannelConnector", "org.eclipse.jetty.server.ServerConnector"); out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); out.println(s); out.println(" <Arg><Ref id=\"Server\" /></Arg>"); out.println(" <Arg type=\"int\">1</Arg> <!-- number of acceptors -->"); out.println(" <Arg type=\"int\">0</Arg> <!-- default number of selectors -->"); out.println(" <Arg>"); out.println(" <Array type=\"org.eclipse.jetty.server.ConnectionFactory\"> <!-- varargs so we need an array -->"); out.println(" <Item>"); out.println(" <New class=\"org.eclipse.jetty.server.HttpConnectionFactory\">"); out.println(" <Arg>"); out.println(" <New class=\"org.eclipse.jetty.server.HttpConfiguration\">"); out.println(" <Set name=\"sendServerVersion\">false</Set>"); out.println(" <Set name=\"sendDateHeader\">true</Set>"); out.println(" </New>"); out.println(" </Arg>"); out.println(" </New>"); out.println(" </Item>"); out.println(" </Array>"); out.println(" </Arg>"); modified = true; continue; // SSL starts here } else if (s.contains("org.eclipse.jetty.http.ssl.SslContextFactory")) { s = s.replace("org.eclipse.jetty.http.ssl.SslContextFactory", "org.eclipse.jetty.util.ssl.SslContextFactory"); out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); out.println(s); // don't try to migrate from below, just generate a new list out.println(" <Set name=\"ExcludeCipherSuites\">"); out.println(" <Array type=\"java.lang.String\">"); for (String ss : I2PSSLSocketFactory.EXCLUDE_CIPHERS) { out.println(" <Item>" + ss + "</Item>"); } out.println(" </Array>"); out.println(" </Set>"); out.println(" <Set name=\"ExcludeProtocols\">"); out.println(" <Array type=\"java.lang.String\">"); for (String ss : I2PSSLSocketFactory.EXCLUDE_PROTOCOLS) { out.println(" <Item>" + ss + "</Item>"); } out.println(" </Array>"); out.println(" </Set>"); modified = true; continue; } else if (s.contains("org.eclipse.jetty.server.ssl.SslSelectChannelConnector")) { s = s.replace("org.eclipse.jetty.server.ssl.SslSelectChannelConnector", "org.eclipse.jetty.server.ServerConnector"); out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); out.println(s); out.println(" <Arg><Ref id=\"Server\" /></Arg>"); out.println(" <Arg type=\"int\">1</Arg> <!-- number of acceptors -->"); out.println(" <Arg type=\"int\">0</Arg> <!-- default number of selectors -->"); out.println(" <Arg>"); out.println(" <Array type=\"org.eclipse.jetty.server.ConnectionFactory\"> <!-- varargs so we need an array -->"); out.println(" <Item>"); out.println(" <New class=\"org.eclipse.jetty.server.SslConnectionFactory\">"); out.println(" <Arg><Ref id=\"sslContextFactory\" /></Arg>"); out.println(" <Arg>http/1.1</Arg>"); out.println(" </New>"); out.println(" </Item>"); out.println(" <Item>"); out.println(" <New class=\"org.eclipse.jetty.server.HttpConnectionFactory\">"); out.println(" <Arg>"); out.println(" <New class=\"org.eclipse.jetty.server.HttpConfiguration\">"); out.println(" <Set name=\"sendServerVersion\">false</Set>"); out.println(" <Set name=\"sendDateHeader\">true</Set>"); out.println(" </New>"); out.println(" </Arg>"); out.println(" </New>"); out.println(" </Item>"); out.println(" </Array>"); out.println(" </Arg>"); foundSSCC = true; modified = true; continue; } else if (foundSSCC && s.contains("<Set name=\"ExcludeCipherSuites\">")) { // delete the old ExcludeCipherSuites in this section do { s = DataHelper.readLine(in); } while (s != null && !s.contains("</Set>")); modified = true; continue; } else if (foundSSCC && s.contains("<Ref id=\"sslContextFactory\"")) { // delete old one in this section, replaced above modified = true; continue; } else if (s.contains("<Set name=\"KeyStore\">")) { s = s.replace("<Set name=\"KeyStore\">", "<Set name=\"KeyStorePath\">"); modified = true; } else if (s.contains("<Set name=\"TrustStore\">")) { s = s.replace("<Set name=\"TrustStore\">", "<Set name=\"TrustStorePath\">"); modified = true; // SSL ends here } else if (s.contains("class=\"org.eclipse.jetty.deploy.providers.ContextProvider\">")) { // WebAppProvider now also does what ContextProvider used to do out.println(" <!-- Modified by I2P migration script for Jetty 9. Do not remove this line -->"); s = s.replace("class=\"org.eclipse.jetty.deploy.providers.ContextProvider\">", "class=\"org.eclipse.jetty.deploy.providers.WebAppProvider\">"); modified = true; } else if (s.contains("<Set name=\"maxIdleTime\">")) { s = s.replace("<Set name=\"maxIdleTime\">", "<Set name=\"idleTimeout\">"); modified = true; } else if (s.contains("<Set name=\"gracefulShutdown\">")) { s = s.replace("<Set name=\"gracefulShutdown\">", "<Set name=\"stopTimeout\">"); modified = true; } else if (s.contains("org.eclipse.jetty.server.HttpConfiguration")) { foundHC = true; } else if (!foundHC && (s.contains("<Set name=\"sendServerVersion\">") || s.contains("<Set name=\"sendDateHeader\">"))) { // old ones for Server, not in HTTPConfiguration section, delete modified = true; continue; } else if (s.contains("<Set name=\"Acceptors\">") || s.contains("<Set name=\"acceptors\">") || s.contains("<Set name=\"statsOn\">") || s.contains("<Set name=\"confidentialPort\">") || s.contains("<Set name=\"lowResourcesConnections\">") || s.contains("<Set name=\"lowResourcesMaxIdleTime\">") || s.contains("<Set name=\"useDirectBuffers\">")) { // delete modified = true; continue; } out.println(s); } } catch (IOException ioe) { if (in != null) { System.err.println("FAILED migration of " + xmlFile + ": " + ioe); } return false; } finally { if (in != null) try { in.close(); } catch (IOException ioe) { } if (out != null) out.close(); } if (modified) { return FileUtil.rename(newFile, xmlFile); } else { newFile.delete(); return true; } }
Example 14
Project: buffano-master File: IJettyService.java View source code |
protected void configureConnectors() { if (server != null) { if (_useNIO) { SelectChannelConnector nioConnector = new SelectChannelConnector(); nioConnector.setUseDirectBuffers(false); nioConnector.setPort(_port); server.addConnector(nioConnector); Log.i(TAG, "Configured " + SelectChannelConnector.class.getName() + " on port " + _port); } else { SocketConnector bioConnector = new SocketConnector(); bioConnector.setPort(_port); server.addConnector(bioConnector); Log.i(TAG, "Configured " + SocketConnector.class.getName() + " on port " + _port); } if (_useSSL) { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(_keystoreFile); sslContextFactory.setTrustStore(_truststoreFile); sslContextFactory.setKeyStorePassword(_keystorePassword); sslContextFactory.setKeyManagerPassword(_keymgrPassword); sslContextFactory.setKeyStoreType("bks"); sslContextFactory.setTrustStorePassword(_truststorePassword); sslContextFactory.setTrustStoreType("bks"); //TODO SslSelectChannelConnector does not work on android 1.6, but does work on android 2.2 if (_useNIO) { SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } else { SslSocketConnector sslConnector = new SslSocketConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } } } }
Example 15
Project: i-jetty-master File: IJettyService.java View source code |
protected void configureConnectors() { if (server != null) { if (_useNIO) { SelectChannelConnector nioConnector = new SelectChannelConnector(); nioConnector.setUseDirectBuffers(false); nioConnector.setPort(_port); server.addConnector(nioConnector); Log.i(TAG, "Configured " + SelectChannelConnector.class.getName() + " on port " + _port); } else { SocketConnector bioConnector = new SocketConnector(); bioConnector.setPort(_port); server.addConnector(bioConnector); Log.i(TAG, "Configured " + SocketConnector.class.getName() + " on port " + _port); } if (_useSSL) { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(_keystoreFile); sslContextFactory.setTrustStore(_truststoreFile); sslContextFactory.setKeyStorePassword(_keystorePassword); sslContextFactory.setKeyManagerPassword(_keymgrPassword); sslContextFactory.setKeyStoreType("bks"); sslContextFactory.setTrustStorePassword(_truststorePassword); sslContextFactory.setTrustStoreType("bks"); //TODO SslSelectChannelConnector does not work on android 1.6, but does work on android 2.2 if (_useNIO) { SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } else { SslSocketConnector sslConnector = new SslSocketConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } } } }
Example 16
Project: ShareFV-master File: IJettyService.java View source code |
protected void configureConnectors() { if (server != null) { if (_useNIO) { SelectChannelConnector nioConnector = new SelectChannelConnector(); nioConnector.setUseDirectBuffers(false); nioConnector.setPort(_port); server.addConnector(nioConnector); Log.i(TAG, "Configured " + SelectChannelConnector.class.getName() + " on port " + _port); } else { SocketConnector bioConnector = new SocketConnector(); bioConnector.setPort(_port); server.addConnector(bioConnector); Log.i(TAG, "Configured " + SocketConnector.class.getName() + " on port " + _port); } if (_useSSL) { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(_keystoreFile); sslContextFactory.setTrustStore(_truststoreFile); sslContextFactory.setKeyStorePassword(_keystorePassword); sslContextFactory.setKeyManagerPassword(_keymgrPassword); sslContextFactory.setKeyStoreType("bks"); sslContextFactory.setTrustStorePassword(_truststorePassword); sslContextFactory.setTrustStoreType("bks"); // but does work on android 2.2 if (_useNIO) { SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } else { SslSocketConnector sslConnector = new SslSocketConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } } } }
Example 17
Project: show-client-master File: IJettyService.java View source code |
protected void configureConnectors() { if (server != null) { if (_useNIO) { SelectChannelConnector nioConnector = new SelectChannelConnector(); nioConnector.setUseDirectBuffers(false); nioConnector.setPort(_port); server.addConnector(nioConnector); Log.i(TAG, "Configured " + SelectChannelConnector.class.getName() + " on port " + _port); } else { SocketConnector bioConnector = new SocketConnector(); bioConnector.setPort(_port); server.addConnector(bioConnector); Log.i(TAG, "Configured " + SocketConnector.class.getName() + " on port " + _port); } if (_useSSL) { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(_keystoreFile); sslContextFactory.setTrustStore(_truststoreFile); sslContextFactory.setKeyStorePassword(_keystorePassword); sslContextFactory.setKeyManagerPassword(_keymgrPassword); sslContextFactory.setKeyStoreType("bks"); sslContextFactory.setTrustStorePassword(_truststorePassword); sslContextFactory.setTrustStoreType("bks"); //TODO SslSelectChannelConnector does not work on android 1.6, but does work on android 2.2 if (_useNIO) { SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } else { SslSocketConnector sslConnector = new SslSocketConnector(sslContextFactory); sslConnector.setPort(_sslPort); server.addConnector(sslConnector); Log.i(TAG, "Configured " + sslConnector.getClass().getName() + " on port " + _sslPort); } } } }
Example 18
Project: Wave-master File: ServerRpcProvider.java View source code |
/** * @return a list of {@link SelectChannelConnector} each bound to a host:port * pair form the list addresses. */ private List<SelectChannelConnector> getSelectChannelConnectors(InetSocketAddress[] httpAddresses) { List<SelectChannelConnector> list = Lists.newArrayList(); String[] excludeCiphers = { "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" }; SslContextFactory sslContextFactory = null; if (sslEnabled) { Preconditions.checkState(sslKeystorePath != null && !sslKeystorePath.isEmpty(), "SSL Keystore path left blank"); Preconditions.checkState(sslKeystorePassword != null && !sslKeystorePassword.isEmpty(), "SSL Keystore password left blank"); sslContextFactory = new SslContextFactory(sslKeystorePath); sslContextFactory.setKeyStorePassword(sslKeystorePassword); sslContextFactory.setAllowRenegotiate(false); sslContextFactory.setExcludeCipherSuites(excludeCiphers); } for (InetSocketAddress address : httpAddresses) { SelectChannelConnector connector; if (sslEnabled) { connector = new SslSelectChannelConnector(sslContextFactory); } else { connector = new SelectChannelConnector(); } connector.setHost(address.getAddress().getHostAddress()); connector.setPort(address.getPort()); connector.setMaxIdleTime(0); list.add(connector); } return list; }
Example 19
Project: OpenADK-java-master File: HttpTransport.java View source code |
/**
* Configure the Jetty server for HTTPS as needed based on the settings of
* this Transport object. If the server does not have a JSSEListener on the
* port specified for this transport, one is created. Jetty configuration is
* performed dynamically as HttpTransport and HttpsTransport objects are
* created, so listeners are added to the server the first time they are
* needed.
* @return A SocketListener if a new one was created, or null
*/
protected SocketConnector configureHttps(Zone zone) throws ADKTransportException {
int port = getPort();
if (port == -1) {
throw new ADKTransportException("The agent is not configured with a default HTTPS port", zone);
}
String optHost = getHost();
// If there is no SunJsseListener on this port, create one
Connector listener = null;
Connector[] listeners = sServer.getConnectors();
for (int i = 0; i < listeners.length; i++) {
if (listeners[i] instanceof SocketConnector && listeners[i].getPort() == port) {
if (optHost != null && listeners[i].getHost().equalsIgnoreCase(optHost))
listener = listeners[i];
}
}
if (listener == null) {
try {
String ks = getKeyStore();
String ksPwd = getKeyStorePassword();
if ((ADK.debug & ADK.DBG_TRANSPORT) != 0 && log.isInfoEnabled()) {
if (optHost == null) {
log.info("Creating HTTPS listener for push mode on port " + port);
} else {
log.info("Creating HTTPS listener for push mode on " + optHost + ":" + port);
}
if (ks == null) {
log.info("Using default Java keystore");
} else {
log.info("Using keystore: " + ks);
}
if (ksPwd.equals("changeit"))
log.info("Using default Java keystore password 'changeit'");
if (fProps instanceof HttpsProperties)
log.info("Requiring client authentication: " + (((HttpsProperties) fProps).getRequireClientAuth() ? "yes" : "no"));
}
final SslSocketConnector https = new SslSocketConnector();
configureSocketListener(https, port, optHost);
final SslContextFactory httpsContext = https.getSslContextFactory();
if (ks != null)
httpsContext.setKeyStore(ks);
httpsContext.setKeyManagerPassword(ksPwd);
String pwd = getPassword();
if (pwd == null) {
httpsContext.setKeyStorePassword(ksPwd);
} else {
httpsContext.setKeyStorePassword(pwd);
}
HttpsProperties httpsProps = (HttpsProperties) fProps;
String ts = httpsProps.getTrustStore();
String tsPwd = httpsProps.getTrustStorePassword();
if (tsPwd == null)
tsPwd = "changeit";
if (ts != null) {
File tsFile = new File(ts);
if (!tsFile.exists())
throw new ADKTransportException("Truststore file not found: " + tsFile.getAbsolutePath(), zone);
log.info("(HttpTransport) Using truststore: " + tsFile.getAbsolutePath());
System.setProperty("javax.net.ssl.trustStore", ts);
System.setProperty("javax.net.ssl.trustStorePassword", tsPwd);
} else {
log.info("Using default Java truststore");
}
if (fProps instanceof HttpsProperties) {
httpsContext.setNeedClientAuth(((HttpsProperties) fProps).getRequireClientAuth());
}
return https;
} catch (Exception ioe) {
throw new ADKTransportException("Error configuring HTTPS transport: " + ioe, zone);
}
} else {
if ((ADK.debug & ADK.DBG_TRANSPORT) != 0 && log.isDebugEnabled()) {
if (optHost != null) {
log.debug("Already a HTTPS listener on " + optHost + ":" + port);
} else {
log.debug("Already a HTTPS listener on port " + port);
}
}
}
return null;
}