Examples with SSLSessionInfo io.undertow.server.SSLSessionInfo used on opensource projects

Search in sources :

Example 1 with SSLSessionInfo

use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.

the class SslSessionConfig method setSessionId.

@Override
public void setSessionId(final HttpServerExchange exchange, final String sessionId) {
    UndertowLogger.SESSION_LOGGER.tracef("Setting SSL session id %s on %s", sessionId, exchange);
    SSLSessionInfo sslSession = exchange.getConnection().getSslSessionInfo();
    if (sslSession == null) {
        if (fallbackSessionConfig != null) {
            fallbackSessionConfig.setSessionId(exchange, sessionId);
        }
    } else {
        Key key = new Key(sslSession.getSessionId());
        synchronized (this) {
            sessions.put(key, sessionId);
            reverse.put(sessionId, key);
        }
    }
}
Also used : SSLSessionInfo(io.undertow.server.SSLSessionInfo)

Example 2 with SSLSessionInfo

use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.

the class SslSessionConfig method clearSession.

@Override
public void clearSession(final HttpServerExchange exchange, final String sessionId) {
    UndertowLogger.SESSION_LOGGER.tracef("Clearing SSL session id %s on %s", sessionId, exchange);
    SSLSessionInfo sslSession = exchange.getConnection().getSslSessionInfo();
    if (sslSession == null) {
        if (fallbackSessionConfig != null) {
            fallbackSessionConfig.clearSession(exchange, sessionId);
        }
    } else {
        synchronized (this) {
            Key sid = reverse.remove(sessionId);
            if (sid != null) {
                sessions.remove(sid);
            }
        }
    }
}
Also used : SSLSessionInfo(io.undertow.server.SSLSessionInfo)

Example 3 with SSLSessionInfo

use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.

the class SSLInformationAssociationHandler method handleRequest.

@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
    ServletRequest request = exchange.getAttachment(ServletRequestContext.ATTACHMENT_KEY).getServletRequest();
    SSLSessionInfo ssl = exchange.getConnection().getSslSessionInfo();
    if (ssl != null) {
        String cipherSuite = ssl.getCipherSuite();
        byte[] sessionId = ssl.getSessionId();
        request.setAttribute("javax.servlet.request.cipher_suite", cipherSuite);
        request.setAttribute("javax.servlet.request.key_size", ssl.getKeySize());
        request.setAttribute("javax.servlet.request.ssl_session_id", sessionId != null ? HexConverter.convertToHexString(sessionId) : null);
        X509Certificate[] certs = getCerts(ssl);
        if (certs != null) {
            request.setAttribute("javax.servlet.request.X509Certificate", certs);
        }
    }
    next.handleRequest(exchange);
}
Also used : ServletRequest(javax.servlet.ServletRequest) SSLSessionInfo(io.undertow.server.SSLSessionInfo) X509Certificate(java.security.cert.X509Certificate)

Example 4 with SSLSessionInfo

use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.

the class SslClientCertAttribute method readAttribute.

@Override
public String readAttribute(HttpServerExchange exchange) {
    SSLSessionInfo ssl = exchange.getConnection().getSslSessionInfo();
    if (ssl == null) {
        return null;
    }
    Certificate[] certificates;
    try {
        certificates = ssl.getPeerCertificates();
        if (certificates.length > 0) {
            return Certificates.toPem(certificates[0]);
        }
        return null;
    } catch (SSLPeerUnverifiedException | CertificateEncodingException | RenegotiationRequiredException e) {
        return null;
    }
}
Also used : SSLSessionInfo(io.undertow.server.SSLSessionInfo) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) CertificateEncodingException(java.security.cert.CertificateEncodingException) Certificate(java.security.cert.Certificate) RenegotiationRequiredException(io.undertow.server.RenegotiationRequiredException)

Example 5 with SSLSessionInfo

use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.

the class ClientCertAuthenticationMechanism method authenticate.

public AuthenticationMechanismOutcome authenticate(final HttpServerExchange exchange, final SecurityContext securityContext) {
    SSLSessionInfo sslSession = exchange.getConnection().getSslSessionInfo();
    if (sslSession != null) {
        try {
            Certificate[] clientCerts = getPeerCertificates(exchange, sslSession, securityContext);
            if (clientCerts[0] instanceof X509Certificate) {
                Credential credential = new X509CertificateCredential((X509Certificate) clientCerts[0]);
                IdentityManager idm = getIdentityManager(securityContext);
                Account account = idm.verify(credential);
                if (account != null) {
                    securityContext.authenticationComplete(account, name, false);
                    return AuthenticationMechanismOutcome.AUTHENTICATED;
                }
            }
        } catch (SSLPeerUnverifiedException e) {
        // No action - this mechanism can not attempt authentication without peer certificates so allow it to drop out
        // to NOT_ATTEMPTED.
        }
    }
    return AuthenticationMechanismOutcome.NOT_ATTEMPTED;
}
Also used : Account(io.undertow.security.idm.Account) Credential(io.undertow.security.idm.Credential) X509CertificateCredential(io.undertow.security.idm.X509CertificateCredential) IdentityManager(io.undertow.security.idm.IdentityManager) SSLSessionInfo(io.undertow.server.SSLSessionInfo) X509CertificateCredential(io.undertow.security.idm.X509CertificateCredential) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Aggregations

SSLSessionInfo (io.undertow.server.SSLSessionInfo)7 Certificate (java.security.cert.Certificate)2 X509Certificate (java.security.cert.X509Certificate)2 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)2 Sender (io.undertow.io.Sender)1 Account (io.undertow.security.idm.Account)1 Credential (io.undertow.security.idm.Credential)1 IdentityManager (io.undertow.security.idm.IdentityManager)1 X509CertificateCredential (io.undertow.security.idm.X509CertificateCredential)1 BasicSSLSessionInfo (io.undertow.server.BasicSSLSessionInfo)1 RenegotiationRequiredException (io.undertow.server.RenegotiationRequiredException)1 ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)1 HttpServletRequestImpl (io.undertow.servlet.spec.HttpServletRequestImpl)1 HttpServletResponseImpl (io.undertow.servlet.spec.HttpServletResponseImpl)1 HeaderMap (io.undertow.util.HeaderMap)1 CertificateEncodingException (java.security.cert.CertificateEncodingException)1 CertificateException (javax.security.cert.CertificateException)1 ServletRequest (javax.servlet.ServletRequest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial