org.apache.tomcat.util.net.SSLSupport Java Examples
The following examples show how to use
org.apache.tomcat.util.net.SSLSupport.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: CoyoteAdapter.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Look for SSL session ID if required. Only look for SSL Session ID if it
* is the only tracking method enabled.
*
* @param request The Servlet request object
*/
protected void parseSessionSslId(Request request) {
if (request.getRequestedSessionId() == null &&
SSL_ONLY.equals(request.getServletContext()
.getEffectiveSessionTrackingModes()) &&
request.connector.secure) {
String sessionId = (String) request.getAttribute(SSLSupport.SESSION_ID_KEY);
if (sessionId != null) {
request.setRequestedSessionId(sessionId);
request.setRequestedSessionSSL(true);
}
}
}
Example #2
| Source File: JSSESupport.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Copied from <code>org.apache.catalina.valves.CertificateValve</code>
*/
@Override
public Integer getKeySize()
throws IOException {
// Look up the current SSLSession
SSLSupport.CipherData c_aux[]=ciphers;
if (session == null)
return null;
Integer keySize = null;
synchronized(keySizeCache) {
keySize = keySizeCache.get(session);
}
if (keySize == null) {
int size = 0;
String cipherSuite = session.getCipherSuite();
for (int i = 0; i < c_aux.length; i++) {
if (cipherSuite.indexOf(c_aux[i].phrase) >= 0) {
size = c_aux[i].keySize;
break;
}
}
keySize = Integer.valueOf(size);
synchronized(keySizeCache) {
keySizeCache.put(session, keySize);
}
}
return keySize;
}
Example #3
| Source File: JSSESupport.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Copied from <code>org.apache.catalina.valves.CertificateValve</code>
*/
@Override
public Integer getKeySize()
throws IOException {
// Look up the current SSLSession
SSLSupport.CipherData c_aux[]=ciphers;
if (session == null)
return null;
Integer keySize = null;
synchronized(keySizeCache) {
keySize = keySizeCache.get(session);
}
if (keySize == null) {
int size = 0;
String cipherSuite = session.getCipherSuite();
for (int i = 0; i < c_aux.length; i++) {
if (cipherSuite.indexOf(c_aux[i].phrase) >= 0) {
size = c_aux[i].keySize;
break;
}
}
keySize = Integer.valueOf(size);
synchronized(keySizeCache) {
keySizeCache.put(session, keySize);
}
}
return keySize;
}
Example #4
| Source File: Http11Processor.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
protected final void sslReHandShake() throws IOException {
if (sslSupport != null) {
// Consume and buffer the request body, so that it does not
// interfere with the client's handshake messages
InputFilter[] inputFilters = inputBuffer.getFilters();
((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER]).setLimit(
maxSavePostSize);
inputBuffer.addActiveFilter(inputFilters[Constants.BUFFERED_FILTER]);
/*
* Outside the try/catch because we want I/O errors during
* renegotiation to be thrown for the caller to handle since they
* will be fatal to the connection.
*/
socketWrapper.doClientAuth(sslSupport);
try {
/*
* Errors processing the cert chain do not affect the client
* connection so they can be logged and swallowed here.
*/
Object sslO = sslSupport.getPeerCertificateChain();
if (sslO != null) {
request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
}
} catch (IOException ioe) {
log.warn(sm.getString("http11processor.socket.ssl"), ioe);
}
}
}
Example #5
| Source File: CoyoteAdapter.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Look for SSL session ID if required. Only look for SSL Session ID if it
* is the only tracking method enabled.
*/
protected void parseSessionSslId(Request request) {
if (request.getRequestedSessionId() == null &&
SSL_ONLY.equals(request.getServletContext()
.getEffectiveSessionTrackingModes()) &&
request.connector.secure) {
// TODO Is there a better way to map SSL sessions to our sesison ID?
// TODO The request.getAttribute() will cause a number of other SSL
// attribute to be populated. Is this a performance concern?
request.setRequestedSessionId(
request.getAttribute(SSLSupport.SESSION_ID_KEY).toString());
request.setRequestedSessionSSL(true);
}
}
Example #6
| Source File: AbstractProcessor.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
/**
* Populate the TLS related request attributes from the {@link SSLSupport}
* instance associated with this processor. Protocols that populate TLS
* attributes from a different source (e.g. AJP) should override this
* method.
*/
protected void populateSslRequestAttributes() {
try {
if (sslSupport != null) {
Object sslO = sslSupport.getCipherSuite();
if (sslO != null) {
request.setAttribute(SSLSupport.CIPHER_SUITE_KEY, sslO);
}
sslO = sslSupport.getPeerCertificateChain();
if (sslO != null) {
request.setAttribute(SSLSupport.CERTIFICATE_KEY, sslO);
}
sslO = sslSupport.getKeySize();
if (sslO != null) {
request.setAttribute (SSLSupport.KEY_SIZE_KEY, sslO);
}
sslO = sslSupport.getSessionId();
if (sslO != null) {
request.setAttribute(SSLSupport.SESSION_ID_KEY, sslO);
}
sslO = sslSupport.getProtocol();
if (sslO != null) {
request.setAttribute(SSLSupport.PROTOCOL_VERSION_KEY, sslO);
}
request.setAttribute(SSLSupport.SESSION_MGR, sslSupport);
}
} catch (Exception e) {
getLog().warn(sm.getString("abstractProcessor.socket.ssl"), e);
}
}
Example #7
| Source File: CoyoteAdapter.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Look for SSL session ID if required. Only look for SSL Session ID if it
* is the only tracking method enabled.
*/
protected void parseSessionSslId(Request request) {
if (request.getRequestedSessionId() == null &&
SSL_ONLY.equals(request.getServletContext()
.getEffectiveSessionTrackingModes()) &&
request.connector.secure) {
// TODO Is there a better way to map SSL sessions to our sesison ID?
// TODO The request.getAttribute() will cause a number of other SSL
// attribute to be populated. Is this a performance concern?
request.setRequestedSessionId(
request.getAttribute(SSLSupport.SESSION_ID_KEY).toString());
request.setRequestedSessionSSL(true);
}
}
Example #8
| Source File: AbstractAjpProcessor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public void setSslSupport(SSLSupport sslSupport) {
// Should never reach this code but in case we do...
throw new IllegalStateException(
sm.getString("ajpprocessor.ssl.notsupported"));
}
Example #9
| Source File: Http11Processor.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* Set the SSL information for this HTTP connection.
*/
@Override
public void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #10
| Source File: JSSEImplementation.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
@Override
public SSLSupport getSSLSupport(Socket s) {
return new JSSESupport((SSLSocket) s);
}
Example #11
| Source File: JSSEImplementation.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
@Override
public SSLSupport getSSLSupport(SSLSession session) {
return new JSSESupport(session);
}
Example #12
| Source File: HeaderParser.java From JQF with BSD 2-Clause "Simplified" License | 4 votes |
|
@Override
public void doClientAuth(SSLSupport sslSupport) throws IOException {
throw new UnsupportedOperationException();
}
Example #13
| Source File: HeaderParser.java From JQF with BSD 2-Clause "Simplified" License | 4 votes |
|
@Override
public SSLSupport getSslSupport(String clientCertProvider) {
throw new UnsupportedOperationException();
}
Example #14
| Source File: Request.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* Return the specified request attribute if it exists; otherwise, return
* <code>null</code>.
*
* @param name Name of the request attribute to return
*/
@Override
public Object getAttribute(String name) {
// Special attributes
SpecialAttributeAdapter adapter = specialAttributes.get(name);
if (adapter != null) {
return adapter.get(this, name);
}
Object attr=attributes.get(name);
if(attr!=null) {
return(attr);
}
attr = coyoteRequest.getAttribute(name);
if(attr != null) {
return attr;
}
if( isSSLAttribute(name) || name.equals(SSLSupport.PROTOCOL_VERSION_KEY)) {
coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE,
coyoteRequest);
attr = coyoteRequest.getAttribute(Globals.CERTIFICATES_ATTR);
if( attr != null) {
attributes.put(Globals.CERTIFICATES_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.CIPHER_SUITE_ATTR);
if(attr != null) {
attributes.put(Globals.CIPHER_SUITE_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.KEY_SIZE_ATTR);
if(attr != null) {
attributes.put(Globals.KEY_SIZE_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_ID_ATTR);
if(attr != null) {
attributes.put(Globals.SSL_SESSION_ID_ATTR, attr);
attributes.put(Globals.SSL_SESSION_ID_TOMCAT_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_MGR_ATTR);
if(attr != null) {
attributes.put(Globals.SSL_SESSION_MGR_ATTR, attr);
}
attr = coyoteRequest.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY);
if(attr != null) {
attributes.put(SSLSupport.PROTOCOL_VERSION_KEY, attr);
}
attr = attributes.get(name);
sslAttributesParsed = true;
}
return attr;
}
Example #15
| Source File: Http11AprProcessor.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
@Override
public void setSslSupport(SSLSupport sslSupport) {
// NOOP for APR
}
Example #16
| Source File: UpgradeProcessor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public final void setSslSupport(SSLSupport sslSupport) {
// NOOP
}
Example #17
| Source File: AbstractProcessor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public final void setSslSupport(SSLSupport sslSupport) {
// NOOP
}
Example #18
| Source File: Http11AprProcessor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public void setSslSupport(SSLSupport sslSupport) {
// NOOP for APR
}
Example #19
| Source File: Http11NioProcessor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* Set the SSL information for this HTTP connection.
*/
@Override
public void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #20
| Source File: Http11Processor.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
/**
* Set the SSL information for this HTTP connection.
*/
@Override
public void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #21
| Source File: JSSEImplementation.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public SSLSupport getSSLSupport(Socket s) {
return new JSSESupport((SSLSocket) s);
}
Example #22
| Source File: JSSEImplementation.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
@Override
public SSLSupport getSSLSupport(SSLSession session) {
return new JSSESupport(session);
}
Example #23
| Source File: WsHttpUpgradeHandler.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public void setSslSupport(SSLSupport sslSupport) {
// NO-OP. WebSocket has no requirement to access the TLS information
// associated with the underlying connection.
}
Example #24
| Source File: Request.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
/**
* @return the specified request attribute if it exists; otherwise, return
* <code>null</code>.
*
* @param name Name of the request attribute to return
*/
@Override
public Object getAttribute(String name) {
// Special attributes
SpecialAttributeAdapter adapter = specialAttributes.get(name);
if (adapter != null) {
return adapter.get(this, name);
}
Object attr = attributes.get(name);
if (attr != null) {
return attr;
}
attr = coyoteRequest.getAttribute(name);
if (attr != null) {
return attr;
}
if (TLSUtil.isTLSRequestAttribute(name)) {
coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE, coyoteRequest);
attr = coyoteRequest.getAttribute(Globals.CERTIFICATES_ATTR);
if (attr != null) {
attributes.put(Globals.CERTIFICATES_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.CIPHER_SUITE_ATTR);
if (attr != null) {
attributes.put(Globals.CIPHER_SUITE_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.KEY_SIZE_ATTR);
if (attr != null) {
attributes.put(Globals.KEY_SIZE_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_ID_ATTR);
if (attr != null) {
attributes.put(Globals.SSL_SESSION_ID_ATTR, attr);
}
attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_MGR_ATTR);
if (attr != null) {
attributes.put(Globals.SSL_SESSION_MGR_ATTR, attr);
}
attr = coyoteRequest.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY);
if (attr != null) {
attributes.put(SSLSupport.PROTOCOL_VERSION_KEY, attr);
}
attr = attributes.get(name);
sslAttributesParsed = true;
}
return attr;
}
Example #25
| Source File: Http2UpgradeHandler.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #26
| Source File: UpgradeProcessorInternal.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public final void setSslSupport(SSLSupport sslSupport) {
internalHttpUpgradeHandler.setSslSupport(sslSupport);
}
Example #27
| Source File: UpgradeProcessorExternal.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public final void setSslSupport(SSLSupport sslSupport) {
// NO-OP
}
Example #28
| Source File: AbstractProcessor.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public final void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #29
| Source File: Http11NioProcessor.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* Set the SSL information for this HTTP connection.
*/
@Override
public void setSslSupport(SSLSupport sslSupport) {
this.sslSupport = sslSupport;
}
Example #30
| Source File: JSSEImplementation.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
@Override
public SSLSupport getSSLSupport(SSLSession session) {
return new JSSESupport(session);
}
