Java Code Examples for org.eclipse.jetty.server.SslConnectionFactory

The following examples show how to use org.eclipse.jetty.server.SslConnectionFactory. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: hop   Source File: WebServer.java    License: Apache License 2.0 6 votes vote down vote up
private ServerConnector getConnector() {
  if ( sslConfig != null ) {
    log.logBasic( BaseMessages.getString( PKG, "WebServer.Log.SslModeUsing" ) );
    SslConnectionFactory connector = new SslConnectionFactory();

    SslContextFactory contextFactory = new SslContextFactory();
    contextFactory.setKeyStoreResource( new PathResource( new File( sslConfig.getKeyStore() ) ) );
    contextFactory.setKeyStorePassword( sslConfig.getKeyStorePassword() );
    contextFactory.setKeyManagerPassword( sslConfig.getKeyPassword() );
    contextFactory.setKeyStoreType( sslConfig.getKeyStoreType() );
    return new ServerConnector( server, connector );
  } else {
    return new ServerConnector( server );
  }

}
 
Example 2
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception {
    Server server = new Server();

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setIncludeProtocols("TLSv1.2");
    sslContextFactory.setKeyStore(keyStore);
    sslContextFactory.setKeyManagerPassword(keyPassword);

    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.addCustomizer(new SecureRequestCustomizer());

    ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
    sslConnector.setPort(port);

    server.addConnector(sslConnector);
    server.setHandler(handler);

    return server;
}
 
Example 3
Source Project: o2oa   Source File: JettySeverTools.java    License: GNU Affero General Public License v3.0 6 votes vote down vote up
protected static void addHttpsConnector(Server server, Integer port) throws Exception {
	SslContextFactory sslContextFactory = new SslContextFactory();
	sslContextFactory.setKeyStorePath(Config.sslKeyStore().getAbsolutePath());
	sslContextFactory.setKeyStorePassword(Config.token().getSslKeyStorePassword());
	sslContextFactory.setKeyManagerPassword(Config.token().getSslKeyManagerPassword());
	sslContextFactory.setTrustAll(true);
	HttpConfiguration config = new HttpConfiguration();
	config.setSecureScheme("https");
	config.setOutputBufferSize(32768);
	config.setRequestHeaderSize(8192 * 2);
	config.setResponseHeaderSize(8192 * 2);
	config.setSendServerVersion(true);
	config.setSendDateHeader(false);
	ServerConnector sslConnector = new ServerConnector(server,
			new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
			new HttpConnectionFactory(config));
	sslConnector.setPort(port);
	server.addConnector(sslConnector);
}
 
Example 4
private SslConnectionFactory getSSLConnectionFactory() {
    Resource keyStoreResource = null;
    try {
        keyStoreResource = Resource.newClassPathResource("localhost");
        System.out.println(keyStoreResource);
    } catch (Exception ex) {
        Logger.getLogger(EventServer.class.getName()).log(Level.SEVERE, null, ex);
    }

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStoreResource(keyStoreResource);
    String secret = readresource();
    sslContextFactory.setKeyStorePassword(Encrypt.getInstance().decrypt(secret));
    sslContextFactory.setKeyManagerPassword(Encrypt.getInstance().decrypt(secret));
    return new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
}
 
Example 5
Source Project: scheduling   Source File: ErrorCases.java    License: GNU Affero General Public License v3.0 6 votes vote down vote up
@BeforeClass
public static void startHttpsServer() throws Exception {
    skipIfHeadlessEnvironment();
    server = new Server();

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(ErrorCases.class.getResource("keystore").getPath());
    sslContextFactory.setKeyStorePassword("activeeon");

    HttpConfiguration httpConfig = new HttpConfiguration();
    HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
    httpsConfig.addCustomizer(new SecureRequestCustomizer());

    ServerConnector sslConnector = new ServerConnector(server,
                                                       new ConnectionFactory[] { new SslConnectionFactory(sslContextFactory,
                                                                                                          HttpVersion.HTTP_1_1.asString()),
                                                                                 new HttpConnectionFactory(httpsConfig) });

    server.addConnector(sslConnector);
    server.start();
    serverUrl = "https://localhost:" + sslConnector.getLocalPort() + "/rest";
}
 
Example 6
@Test
public void testCreateHttpServerUsingHttpsAndRedirection() {
    createHttpsContextProperties();

    server = jettyStarter.createHttpServer(8080, 8443, true, true);

    Connector[] connectors = server.getConnectors();

    assertThat(connectors).hasLength(2);
    assertThat(connectors[0].getName()).isEqualTo(JettyStarter.HTTP_CONNECTOR_NAME);
    assertThat(connectors[0].getConnectionFactory(HttpConnectionFactory.class)).isNotNull();
    assertThat(connectors[1].getName()).isEqualTo(JettyStarter.HTTPS_CONNECTOR_NAME.toLowerCase());
    assertThat(connectors[1].getConnectionFactory(HttpConnectionFactory.class)).isNotNull();
    assertThat(connectors[1].getConnectionFactory(SslConnectionFactory.class)).isNotNull();

    unsetHttpsContextProperties();
}
 
Example 7
Source Project: mysql_perf_analyzer   Source File: App.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Create ssl connector if https is used
 * @return
 */
private ServerConnector sslConnector() {
	HttpConfiguration http_config = new HttpConfiguration();
	http_config.setSecureScheme("https");
	http_config.setSecurePort(this.getPort());
	
	HttpConfiguration https_config = new HttpConfiguration(http_config);
	https_config.addCustomizer(new SecureRequestCustomizer());
	
	SslContextFactory sslContextFactory = new SslContextFactory(this.getCertKeyStorePath());
	sslContextFactory.setKeyStorePassword(this.getCertKeyStorePassword());
	//exclude weak ciphers
	sslContextFactory.setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$");
	//only support tlsv1.2
	sslContextFactory.addExcludeProtocols("SSL", "SSLv2", "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1");
	
	ServerConnector connector = new ServerConnector(jettyServer, 
			new SslConnectionFactory(sslContextFactory, "http/1.1"),
			new HttpConnectionFactory(https_config));
	connector.setPort(this.getPort());
	connector.setIdleTimeout(50000);
	return connector;
}
 
Example 8
Source Project: datacollector   Source File: TestWebServicesFetcher.java    License: Apache License 2.0 6 votes vote down vote up
protected Server createServer(int port, boolean serverSsl, boolean clientSsl) {
  Server server = new Server();
  if (!serverSsl) {
    InetSocketAddress addr = new InetSocketAddress("localhost", port);
    ServerConnector connector = new ServerConnector(server);
    connector.setHost(addr.getHostName());
    connector.setPort(addr.getPort());
    server.setConnectors(new Connector[]{connector});
  } else {
    SslContextFactory sslContextFactory = createSslContextFactory(clientSsl);
    ServerConnector httpsConnector = new ServerConnector(server,
        new SslConnectionFactory(sslContextFactory, "http/1.1"),
        new HttpConnectionFactory()
    );
    httpsConnector.setPort(port);
    httpsConnector.setHost("localhost");
    server.setConnectors(new Connector[]{httpsConnector});
  }
  return server;
}
 
Example 9
Source Project: helix   Source File: HelixRestServer.java    License: Apache License 2.0 6 votes vote down vote up
public void setupSslServer(int port, SslContextFactory sslContextFactory) {
  if (_server != null && port > 0) {
    try {
      HttpConfiguration https = new HttpConfiguration();
      https.addCustomizer(new SecureRequestCustomizer());
      ServerConnector sslConnector = new ServerConnector(
          _server,
          new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
          new HttpConnectionFactory(https));
      sslConnector.setPort(port);

      _server.addConnector(sslConnector);

      LOG.info("Helix SSL rest server is ready to start.");
    } catch (Exception ex) {
      LOG.error("Failed to setup Helix SSL rest server, " + ex);
    }
  }
}
 
Example 10
Source Project: sequenceiq-samples   Source File: JettyWebSocketServer.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void startSSL(String keyStoreLocation, String keyStorePassword) throws Exception {
    Server server = new Server();

    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(keyStoreLocation);
    sslContextFactory.setKeyStorePassword(keyStorePassword);
    ServerConnector https = new ServerConnector(server,
            new SslConnectionFactory(sslContextFactory, "http/1.1"),
            new HttpConnectionFactory(httpsConfig));
    https.setHost(host);
    https.setPort(port);
    server.setConnectors(new Connector[]{https});

    configureContextHandler(server);
    startServer(server);
}
 
Example 11
Source Project: Doradus   Source File: JettyWebServer.java    License: Apache License 2.0 6 votes vote down vote up
private ServerConnector createSSLConnector() {
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(m_keystore);
    sslContextFactory.setKeyStorePassword(m_keystorepassword);
    sslContextFactory.setTrustStorePath(m_truststore);
    sslContextFactory.setTrustStorePassword(m_truststorepassword);
    sslContextFactory.setNeedClientAuth(m_clientauthentication);
    sslContextFactory.setIncludeCipherSuites(m_tls_cipher_suites);

    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    https_config.addCustomizer(new SecureRequestCustomizer());
    SslConnectionFactory sslConnFactory = new SslConnectionFactory(sslContextFactory, "http/1.1");
    HttpConnectionFactory httpConnFactory = new HttpConnectionFactory(https_config);
    ServerConnector sslConnector = new ServerConnector(m_jettyServer, sslConnFactory, httpConnFactory);
    return sslConnector;
}
 
Example 12
Source Project: nifi   Source File: TlsCertificateAuthorityService.java    License: Apache License 2.0 6 votes vote down vote up
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception {
    Server server = new Server();

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setIncludeProtocols(CertificateUtils.getHighestCurrentSupportedTlsProtocolVersion());
    sslContextFactory.setKeyStore(keyStore);
    sslContextFactory.setKeyManagerPassword(keyPassword);

    // Need to set SslContextFactory's endpointIdentificationAlgorithm to null; this is a server,
    // not a client.  Server does not need to perform hostname verification on the client.
    // Previous to Jetty 9.4.15.v20190215, this defaulted to null, and now defaults to "HTTPS".
    sslContextFactory.setEndpointIdentificationAlgorithm(null);

    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.addCustomizer(new SecureRequestCustomizer());

    ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
    sslConnector.setPort(port);

    server.addConnector(sslConnector);
    server.setHandler(handler);

    return server;
}
 
Example 13
Source Project: nifi   Source File: PrometheusServer.java    License: Apache License 2.0 6 votes vote down vote up
public PrometheusServer(int addr, SSLContextService sslContextService, ComponentLog logger, boolean needClientAuth, boolean wantClientAuth) throws Exception {
    PrometheusServer.logger = logger;
    this.server = new Server();
    this.handler = new ServletContextHandler(server, "/metrics");
    this.handler.addServlet(new ServletHolder(new MetricsServlet()), "/");

    SslContextFactory sslFactory = createSslFactory(sslContextService, needClientAuth, wantClientAuth);
    HttpConfiguration httpsConfiguration = new HttpConfiguration();
    httpsConfiguration.setSecureScheme("https");
    httpsConfiguration.setSecurePort(addr);
    httpsConfiguration.addCustomizer(new SecureRequestCustomizer());

    ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslFactory, "http/1.1"),
            new HttpConnectionFactory(httpsConfiguration));
    https.setPort(addr);
    this.server.setConnectors(new Connector[]{https});
    this.server.start();

}
 
Example 14
Source Project: cloudstack   Source File: ServerDaemon.java    License: Apache License 2.0 6 votes vote down vote up
private void createHttpsConnector(final HttpConfiguration httpConfig) {
    // Configure SSL
    if (httpsEnable && !Strings.isNullOrEmpty(keystoreFile) && new File(keystoreFile).exists()) {
        // SSL Context
        final SslContextFactory sslContextFactory = new SslContextFactory();

        // Define keystore path and passwords
        sslContextFactory.setKeyStorePath(keystoreFile);
        sslContextFactory.setKeyStorePassword(keystorePassword);
        sslContextFactory.setKeyManagerPassword(keystorePassword);

        // HTTPS config
        final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
        httpsConfig.addCustomizer(new SecureRequestCustomizer());

        // HTTPS Connector
        final ServerConnector sslConnector = new ServerConnector(server,
                new SslConnectionFactory(sslContextFactory, "http/1.1"),
                new HttpConnectionFactory(httpsConfig));
        sslConnector.setPort(httpsPort);
        sslConnector.setHost(bindInterface);
        server.addConnector(sslConnector);
    }
}
 
Example 15
Source Project: hadoop-ozone   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private ServerConnector createHttpsChannelConnector(
    Server server, HttpConfiguration httpConfig) {
  httpConfig.setSecureScheme(HTTPS_SCHEME);
  httpConfig.addCustomizer(new SecureRequestCustomizer());
  ServerConnector conn = createHttpChannelConnector(server, httpConfig);

  SslContextFactory.Server sslContextFactory =
      new SslContextFactory.Server();
  sslContextFactory.setNeedClientAuth(needsClientAuth);
  if (keyPassword != null) {
    sslContextFactory.setKeyManagerPassword(keyPassword);
  }
  if (keyStore != null) {
    sslContextFactory.setKeyStorePath(keyStore);
    sslContextFactory.setKeyStoreType(keyStoreType);
    if (keyStorePassword != null) {
      sslContextFactory.setKeyStorePassword(keyStorePassword);
    }
  }
  if (trustStore != null) {
    sslContextFactory.setTrustStorePath(trustStore);
    sslContextFactory.setTrustStoreType(trustStoreType);
    if (trustStorePassword != null) {
      sslContextFactory.setTrustStorePassword(trustStorePassword);
    }
  }
  if (null != excludeCiphers && !excludeCiphers.isEmpty()) {
    sslContextFactory.setExcludeCipherSuites(
        StringUtils.getTrimmedStrings(excludeCiphers));
    LOG.info("Excluded Cipher List: {}", excludeCiphers);
  }

  conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory,
      HttpVersion.HTTP_1_1.asString()));

  return conn;
}
 
Example 16
Source Project: conga   Source File: ExchangeSocketServer.java    License: Apache License 2.0 5 votes vote down vote up
public void init() {

    // connector configuration
    SslContextFactory sslContextFactory = new SslContextFactory();
    if (null != keyStorePath) {
      sslContextFactory.setKeyStorePath(keyStorePath);
    }
    if (null != keyStorePassword) {
      sslContextFactory.setKeyStorePassword(keyStorePassword);
    }
    if (null != keyManagerPassword) {
      sslContextFactory.setKeyManagerPassword(keyManagerPassword);
    }
    SslConnectionFactory sslConnectionFactory =
        new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
    HttpConnectionFactory httpConnectionFactory =
        new HttpConnectionFactory(new HttpConfiguration());
    ServerConnector sslConnector =
        new ServerConnector(server, sslConnectionFactory, httpConnectionFactory);
    sslConnector.setHost(host);
    sslConnector.setPort(port);
    server.addConnector(sslConnector);

    ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
    ServletHolder servletHolder = new ServletHolder(new ExchangeServlet(sessions, ringBuffer));
    context.addServlet(servletHolder, "/trade/*");
    // context.addServlet(DefaultServlet.class, "/");
    server.setHandler(context);
  }
 
Example 17
Source Project: apm-agent-java   Source File: ReporterFactoryTest.java    License: Apache License 2.0 5 votes vote down vote up
@BeforeEach
void setUp() throws Exception {
    server = new Server();

    Path keyStorePath = Paths.get(ReporterFactoryTest.class.getResource("/keystore").toURI());
    final SslContextFactory sslContextFactory = new SslContextFactory(keyStorePath.toAbsolutePath().toString());
    sslContextFactory.setKeyStorePassword("password");
    sslContextFactory.getSslContext();

    final HttpConfiguration httpConfiguration = new HttpConfiguration();
    httpConfiguration.setSecureScheme("https");
    httpConfiguration.setSecurePort(0);

    final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
    httpsConfiguration.addCustomizer(new SecureRequestCustomizer());
    final ServerConnector httpsConnector = new ServerConnector(server,
        new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
        new HttpConnectionFactory(httpsConfiguration));
    httpsConnector.setPort(0);
    server.addConnector(httpsConnector);
    server.setHandler(new AbstractHandler() {
        @Override
        public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) {
            baseRequest.setHandled(true);
            requestHandled.set(true);
        }
    });
    server.start();
    configuration = SpyConfiguration.createSpyConfig();
    reporterConfiguration = configuration.getConfig(ReporterConfiguration.class);
    when(reporterConfiguration.getServerUrls()).thenReturn(Collections.singletonList(new URL("https://localhost:" + getPort())));
}
 
Example 18
Source Project: localization_nifi   Source File: JettyServer.java    License: Apache License 2.0 5 votes vote down vote up
private ServerConnector createUnconfiguredSslServerConnector(Server server, HttpConfiguration httpConfiguration) {
    // add some secure config
    final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
    httpsConfiguration.setSecureScheme("https");
    httpsConfiguration.setSecurePort(props.getSslPort());
    httpsConfiguration.addCustomizer(new SecureRequestCustomizer());

    // build the connector
    return new ServerConnector(server,
            new SslConnectionFactory(createSslContextFactory(), "http/1.1"),
            new HttpConnectionFactory(httpsConfiguration));
}
 
Example 19
private ServerConnector getServerConnector() {
    SslConnectionFactory sslConnectionFactory = getSSLConnectionFactory();
    HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(new HttpConfiguration());
    ServerConnector connector = new ServerConnector(server, sslConnectionFactory, httpConnectionFactory);
    connector.setPort(port);
    return connector;
}
 
Example 20
Source Project: aws-sdk-java-v2   Source File: MockServer.java    License: Apache License 2.0 5 votes vote down vote up
public MockServer() throws IOException {
    server = new Server();
    connector = new ServerConnector(server);
    connector.setPort(httpPort);

    HttpConfiguration https = new HttpConfiguration();
    https.addCustomizer(new SecureRequestCustomizer());

    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setTrustAll(true);
    sslContextFactory.setValidateCerts(false);
    sslContextFactory.setNeedClientAuth(false);
    sslContextFactory.setWantClientAuth(false);
    sslContextFactory.setValidatePeerCerts(false);
    sslContextFactory.setKeyStorePassword("password");
    sslContextFactory.setKeyStorePath(MockServer.class.getResource("mock-keystore.jks").toExternalForm());

    sslConnector = new ServerConnector(server,
                                       new SslConnectionFactory(sslContextFactory,
                                                                HttpVersion.HTTP_1_1.asString()),
                                       new HttpConnectionFactory(https));
    sslConnector.setPort(httpsPort);

    server.setConnectors(new Connector[] {connector, sslConnector});

    ServletContextHandler context = new ServletContextHandler(server, "/", ServletContextHandler.SESSIONS);
    context.addServlet(new ServletHolder(new AlwaysSuccessServlet()), "/*");
    server.setHandler(context);
}
 
Example 21
Source Project: microprofile-rest-client   Source File: HttpsServer.java    License: Apache License 2.0 5 votes vote down vote up
public HttpsServer start(int httpsPort, String httpsHostname) {
    server.setHandler(
        new AbstractHandler() {
            @Override
            public void handle(String path,
                               Request request,
                               HttpServletRequest httpRequest,
                               HttpServletResponse response) throws IOException {
                response.setHeader(CONTENT_TYPE, responseContentType);
                try (PrintWriter writer = response.getWriter()) {
                    writer.println(responseContent);
                }
            }
        });
    // SSL HTTP Configuration
    HttpConfiguration httpsConfig = new HttpConfiguration(); //httpConfig);
    httpsConfig.setSecureScheme("https");
    httpsConfig.setSecurePort(httpsPort);

    ServerConnector sslConnector = new ServerConnector(server,
        new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
        new HttpConnectionFactory(httpsConfig)
    );

    sslConnector.setPort(httpsPort);
    sslConnector.setHost(httpsHostname);
    server.addConnector(sslConnector);
    try {
        server.start();
    }
    catch (Exception e) {
        throw new RuntimeException("Failed to start https server", e);
    }
    return this;
}
 
Example 22
Source Project: nifi-registry   Source File: JettyITServerCustomizer.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void customize(final JettyServletWebServerFactory factory) {
    LOGGER.info("Customizing Jetty server for integration tests...");

    factory.addServerCustomizers((server) -> {
        final Ssl sslProperties = serverProperties.getSsl();
        if (sslProperties != null) {
            createSslContextFactory(sslProperties);
            ServerConnector con = (ServerConnector) server.getConnectors()[0];
            int existingConnectorPort = con.getLocalPort();

            // create the http configuration
            final HttpConfiguration httpConfiguration = new HttpConfiguration();
            httpConfiguration.setRequestHeaderSize(HEADER_BUFFER_SIZE);
            httpConfiguration.setResponseHeaderSize(HEADER_BUFFER_SIZE);

            // add some secure config
            final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
            httpsConfiguration.setSecureScheme("https");
            httpsConfiguration.setSecurePort(existingConnectorPort);
            httpsConfiguration.addCustomizer(new SecureRequestCustomizer());

            // build the connector with the endpoint identification algorithm set to null
            final ServerConnector httpsConnector = new ServerConnector(server,
                    new SslConnectionFactory(createSslContextFactory(sslProperties), "http/1.1"),
                    new HttpConnectionFactory(httpsConfiguration));
            server.removeConnector(con);
            server.addConnector(httpsConnector);
        }
    });

    LOGGER.info("JettyServer is customized");
}
 
Example 23
Source Project: sumk   Source File: JettyHttpsServer.java    License: Apache License 2.0 5 votes vote down vote up
@Override
protected ConnectionFactory[] getConnectionFactorys() throws URISyntaxException {
	@SuppressWarnings("deprecation")
	SslContextFactory sslContextFactory = new SslContextFactory();
	String path = get(HttpPlugin.KEY_STORE_PATH);
	File keystoreFile = FileUtil.file(path);
	if (!keystoreFile.exists()) {
		String msg = path + " is not exist";
		Logs.http().error(msg);
		SumkException.throwException(-2345345, msg);
	}
	sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
	sslContextFactory.setKeyStorePassword(get("sumk.jetty.ssl.storePassword"));
	sslContextFactory.setKeyManagerPassword(get("sumk.jetty.ssl.managerPassword"));
	sslContextFactory.setCertAlias(get("sumk.jetty.ssl.alias"));

	String v = AppInfo.get("sumk.jetty.ssl.storeType", null);
	if (v != null) {
		sslContextFactory.setKeyStoreType(v);
	}

	sslContextFactory.setTrustAll(AppInfo.getBoolean("sumk.jetty.ssl.trustAll", false));

	Logs.http().info("using https");
	return new ConnectionFactory[] { new SslConnectionFactory(sslContextFactory, "http/1.1"),
			new HttpConnectionFactory() };
}
 
Example 24
Source Project: lucene-solr   Source File: HttpServer2.java    License: Apache License 2.0 5 votes vote down vote up
private ServerConnector createHttpsChannelConnector(
    Server server, HttpConfiguration httpConfig) {
  httpConfig.setSecureScheme(HTTPS_SCHEME);
  httpConfig.addCustomizer(new SecureRequestCustomizer());
  ServerConnector conn = createHttpChannelConnector(server, httpConfig);

  SslContextFactory.Server sslContextFactory = new SslContextFactory.Server();
  sslContextFactory.setNeedClientAuth(needsClientAuth);
  sslContextFactory.setKeyManagerPassword(keyPassword);
  if (keyStore != null) {
    sslContextFactory.setKeyStorePath(keyStore);
    sslContextFactory.setKeyStoreType(keyStoreType);
    sslContextFactory.setKeyStorePassword(keyStorePassword);
  }
  if (trustStore != null) {
    sslContextFactory.setTrustStorePath(trustStore);
    sslContextFactory.setTrustStoreType(trustStoreType);
    sslContextFactory.setTrustStorePassword(trustStorePassword);
  }
  if(null != excludeCiphers && !excludeCiphers.isEmpty()) {
    sslContextFactory.setExcludeCipherSuites(
        StringUtils.getTrimmedStrings(excludeCiphers));
    LOG.info("Excluded Cipher List:{}", excludeCiphers);
  }

  conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory,
      HttpVersion.HTTP_1_1.asString()));

  return conn;
}
 
Example 25
Source Project: quarks   Source File: WebSocketServerEcho.java    License: Apache License 2.0 5 votes vote down vote up
private Server createServer(URI endpointURI, boolean needClientAuth) {
    if ("ws".equals(endpointURI.getScheme())) {
        return new Server(endpointURI.getPort());
    }
    else if ("wss".equals(endpointURI.getScheme())) {
        // see http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/ManyConnectors.java
        //     http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java
        
        Server server = new Server();
        
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(getStorePath("serverKeyStore.jks"));
        sslContextFactory.setKeyStorePassword("passw0rd");
        sslContextFactory.setKeyManagerPassword("passw0rd");
        sslContextFactory.setCertAlias("default");
        sslContextFactory.setNeedClientAuth(needClientAuth);
        sslContextFactory.setTrustStorePath(getStorePath("serverTrustStore.jks"));
        sslContextFactory.setTrustStorePassword("passw0rd");
        
        HttpConfiguration httpsConfig = new HttpConfiguration();
        httpsConfig.addCustomizer(new SecureRequestCustomizer());
        
        ServerConnector https= new ServerConnector(server,
                new SslConnectionFactory(sslContextFactory,
                        HttpVersion.HTTP_1_1.asString()),
                new HttpConnectionFactory(httpsConfig));
        https.setPort(endpointURI.getPort());
        
        server.addConnector(https);
        return server;
    }
    else
        throw new IllegalArgumentException("unrecognized uri: "+endpointURI);
}
 
Example 26
Source Project: vespa   Source File: HealthCheckProxyHandler.java    License: Apache License 2.0 5 votes vote down vote up
private static ProxyTarget createProxyTarget(int targetPort, Duration targetTimeout, List<JDiscServerConnector> connectors) {
    JDiscServerConnector targetConnector = connectors.stream()
            .filter(connector -> connector.listenPort() == targetPort)
            .findAny()
            .orElseThrow(() -> new IllegalArgumentException("Could not find any connector with listen port " + targetPort));
    SslContextFactory.Server sslContextFactory =
            Optional.ofNullable(targetConnector.getConnectionFactory(SslConnectionFactory.class))
                    .or(() -> Optional.ofNullable(targetConnector.getConnectionFactory(DetectorConnectionFactory.class))
                            .map(detectorConnFactory -> detectorConnFactory.getBean(SslConnectionFactory.class)))
                    .map(connFactory -> (SslContextFactory.Server) connFactory.getSslContextFactory())
                    .orElseThrow(() -> new IllegalArgumentException("Health check proxy can only target https port"));
    return new ProxyTarget(targetPort, targetTimeout, sslContextFactory);
}
 
Example 27
Source Project: vespa   Source File: ConnectorFactory.java    License: Apache License 2.0 5 votes vote down vote up
private List<ConnectionFactory> connectionFactoriesForHttps(Metric metric, HttpConnectionFactory httpFactory) {
    ConnectorConfig.ProxyProtocol proxyProtocolConfig = connectorConfig.proxyProtocol();
    SslConnectionFactory sslFactory = newSslConnectionFactory(metric, httpFactory);
    if (proxyProtocolConfig.enabled()) {
        if (proxyProtocolConfig.mixedMode()) {
            return List.of(new DetectorConnectionFactory(sslFactory, new ProxyConnectionFactory(sslFactory.getProtocol())), sslFactory, httpFactory);
        } else {
            return List.of(new ProxyConnectionFactory(), sslFactory, httpFactory);
        }
    } else {
        return List.of(sslFactory, httpFactory);
    }
}
 
Example 28
Source Project: vespa   Source File: JettyHttpServer.java    License: Apache License 2.0 5 votes vote down vote up
private void logEffectiveSslConfiguration() {
    if (!server.isStarted()) throw new IllegalStateException();
    for (Connector connector : server.getConnectors()) {
        ServerConnector serverConnector = (ServerConnector) connector;
        int localPort = serverConnector.getLocalPort();
        var sslConnectionFactory = serverConnector.getConnectionFactory(SslConnectionFactory.class);
        if (sslConnectionFactory != null) {
            var sslContextFactory = sslConnectionFactory.getSslContextFactory();
            log.info(String.format("Enabled SSL cipher suites for port '%d': %s",
                                   localPort, Arrays.toString(sslContextFactory.getSelectedCipherSuites())));
            log.info(String.format("Enabled SSL protocols for port '%d': %s",
                                   localPort, Arrays.toString(sslContextFactory.getSelectedProtocols())));
        }
    }
}
 
Example 29
Source Project: heroic   Source File: TLSJettyConnectionFactory.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public ConnectionFactory setup(final HttpConfiguration config) {
    final SslContextFactory context = new SslContextFactory();
    keyStorePath.ifPresent(context::setKeyStorePath);
    keyStorePassword.ifPresent(context::setKeyStorePassword);
    keyManagerPassword.ifPresent(context::setKeyManagerPassword);
    trustAll.ifPresent(context::setTrustAll);
    return new SslConnectionFactory(context, nextProtocol);
}
 
Example 30
@Test
public void testCreateHttpServerUsingHttps() {
    createHttpsContextProperties();

    server = jettyStarter.createHttpServer(8080, 8443, true, false);

    Connector[] connectors = server.getConnectors();

    assertThat(connectors).hasLength(1);
    assertThat(connectors[0].getName()).isEqualTo(JettyStarter.HTTPS_CONNECTOR_NAME);
    assertThat(connectors[0].getConnectionFactory(HttpConnectionFactory.class)).isNotNull();
    assertThat(connectors[0].getConnectionFactory(SslConnectionFactory.class)).isNotNull();

    unsetHttpsContextProperties();
}