Examples with SslConnectionFactory org.eclipse.jetty.server.SslConnectionFactory used on opensource projects

Example 26 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class SniSslConnectionFactoryTest method testSNIConnectNoWild.

@Test
public void testSNIConnectNoWild() throws Exception {
    // Use the alternate keystore without wildcard certificates.
    _server.stop();
    _server.removeConnector(_connector);
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath("src/test/resources/snikeystore_nowild");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    _connector = new ServerConnector(_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(_https_config));
    _server.addConnector(_connector);
    _server.start();
    _port = _connector.getLocalPort();
    // The first entry in the keystore is www.example.com, and it will
    // be returned by default, so make sure that here we don't ask for it.
    String response = getResponse("jetty.eclipse.org", "jetty.eclipse.org");
    Assert.assertThat(response, Matchers.containsString("X-HOST: jetty.eclipse.org"));
}

Example 27 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class SniSslConnectionFactoryTest method before.

@Before
public void before() throws Exception {
    String keystorePath = "src/test/resources/snikeystore";
    File keystoreFile = new File(keystorePath);
    if (!keystoreFile.exists())
        throw new FileNotFoundException(keystoreFile.getAbsolutePath());
    _server = new Server();
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);
    _https_config = new HttpConfiguration(http_config);
    _https_config.addCustomizer(new SecureRequestCustomizer());
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    ServerConnector https = _connector = new ServerConnector(_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(_https_config));
    _server.addConnector(https);
    _server.setHandler(new AbstractHandler.ErrorDispatchHandler() {

        @Override
        protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) {
            baseRequest.setHandled(true);
            response.setStatus(200);
            response.setHeader("X-URL", request.getRequestURI());
            response.setHeader("X-HOST", request.getServerName());
        }
    });
    _server.start();
    _port = https.getLocalPort();
}

Example 28 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class SecuredRedirectHandlerTest method startServer.

@BeforeClass
public static void startServer() throws Exception {
    // Setup SSL
    File keystore = MavenTestingUtils.getTestResourceFile("keystore");
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
    sslContextFactory.setKeyStorePassword("storepwd");
    sslContextFactory.setKeyManagerPassword("keypwd");
    sslContextFactory.setTrustStorePath(keystore.getAbsolutePath());
    sslContextFactory.setTrustStorePassword("storepwd");
    server = new Server();
    int port = 32080;
    int securePort = 32443;
    // Setup HTTP Configuration
    HttpConfiguration httpConf = new HttpConfiguration();
    httpConf.setSecurePort(securePort);
    httpConf.setSecureScheme("https");
    ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConf));
    httpConnector.setName("unsecured");
    httpConnector.setPort(port);
    // Setup HTTPS Configuration
    HttpConfiguration httpsConf = new HttpConfiguration(httpConf);
    httpsConf.addCustomizer(new SecureRequestCustomizer());
    ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConf));
    httpsConnector.setName("secured");
    httpsConnector.setPort(securePort);
    // Add connectors
    server.setConnectors(new Connector[] { httpConnector, httpsConnector });
    // Wire up contexts
    String[] secureHosts = new String[] { "@secured" };
    ContextHandler test1Context = new ContextHandler();
    test1Context.setContextPath("/test1");
    test1Context.setHandler(new HelloHandler("Hello1"));
    test1Context.setVirtualHosts(secureHosts);
    ContextHandler test2Context = new ContextHandler();
    test2Context.setContextPath("/test2");
    test2Context.setHandler(new HelloHandler("Hello2"));
    test2Context.setVirtualHosts(secureHosts);
    ContextHandler rootContext = new ContextHandler();
    rootContext.setContextPath("/");
    rootContext.setHandler(new RootHandler("/test1", "/test2"));
    rootContext.setVirtualHosts(secureHosts);
    // Wire up context for unsecure handling to only
    // the named 'unsecured' connector
    ContextHandler redirectHandler = new ContextHandler();
    redirectHandler.setContextPath("/");
    redirectHandler.setHandler(new SecuredRedirectHandler());
    redirectHandler.setVirtualHosts(new String[] { "@unsecured" });
    // Establish all handlers that have a context
    ContextHandlerCollection contextHandlers = new ContextHandlerCollection();
    contextHandlers.setHandlers(new Handler[] { redirectHandler, rootContext, test1Context, test2Context });
    // Create server level handler tree
    HandlerList handlers = new HandlerList();
    handlers.addHandler(contextHandlers);
    // round things out
    handlers.addHandler(new DefaultHandler());
    server.setHandler(handlers);
    server.start();
    // calculate serverUri
    String host = httpConnector.getHost();
    if (host == null) {
        host = "localhost";
    }
    serverHttpUri = new URI(String.format("http://%s:%d/", host, httpConnector.getLocalPort()));
    serverHttpsUri = new URI(String.format("https://%s:%d/", host, httpsConnector.getLocalPort()));
    origVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    origSsf = HttpsURLConnection.getDefaultSSLSocketFactory();
    HttpsURLConnection.setDefaultHostnameVerifier(new AllowAllVerifier());
    HttpsURLConnection.setDefaultSSLSocketFactory(sslContextFactory.getSslContext().getSocketFactory());
}

Example 29 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class SslContextFactoryReloadTest method start.

private void start(Handler handler) throws Exception {
    server = new Server();
    sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(KEYSTORE_1);
    sslContextFactory.setKeyStorePassword("storepwd");
    sslContextFactory.setKeyStoreType("JKS");
    sslContextFactory.setKeyStoreProvider(null);
    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
    server.addConnector(connector);
    server.setHandler(handler);
    server.start();
}

Example 30 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class TestTransparentProxyServer method main.

public static void main(String[] args) throws Exception {
    ((StdErrLog) Log.getLog()).setSource(false);
    String jetty_root = "../../..";
    // Setup Threadpool
    QueuedThreadPool threadPool = new QueuedThreadPool();
    threadPool.setMaxThreads(100);
    // Setup server
    Server server = new Server(threadPool);
    server.manage(threadPool);
    // Setup JMX
    MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
    server.addBean(mbContainer);
    server.addBean(Log.getLog());
    // Common HTTP configuration
    HttpConfiguration config = new HttpConfiguration();
    config.setSecurePort(8443);
    config.addCustomizer(new ForwardedRequestCustomizer());
    config.setSendDateHeader(true);
    config.setSendServerVersion(true);
    // Http Connector
    HttpConnectionFactory http = new HttpConnectionFactory(config);
    ServerConnector httpConnector = new ServerConnector(server, http);
    httpConnector.setPort(8080);
    httpConnector.setIdleTimeout(30000);
    server.addConnector(httpConnector);
    // SSL configurations
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    sslContextFactory.setTrustStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
    sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
    sslContextFactory.setCipherComparator(new HTTP2Cipher.CipherComparator());
    // HTTPS Configuration
    HttpConfiguration https_config = new HttpConfiguration(config);
    https_config.addCustomizer(new SecureRequestCustomizer());
    // HTTP2 factory
    HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(https_config);
    ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
    alpn.setDefaultProtocol(h2.getProtocol());
    // SSL Factory
    SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol());
    // HTTP2 Connector
    ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(https_config));
    http2Connector.setPort(8443);
    http2Connector.setIdleTimeout(15000);
    server.addConnector(http2Connector);
    // Handlers
    HandlerCollection handlers = new HandlerCollection();
    ContextHandlerCollection contexts = new ContextHandlerCollection();
    handlers.setHandlers(new Handler[] { contexts, new DefaultHandler() });
    server.setHandler(handlers);
    // Setup proxy webapp
    WebAppContext webapp = new WebAppContext();
    webapp.setResourceBase("src/main/webapp");
    contexts.addHandler(webapp);
    // start server
    server.setStopAtShutdown(true);
    server.start();
    server.join();
}