Example 6 with SSLSessionInfo
use of io.undertow.server.SSLSessionInfo in project undertow by undertow-io.
the class SSLHeaderHandler method handleRequest.
@Override
public void handleRequest(HttpServerExchange exchange) throws Exception {
HeaderMap requestHeaders = exchange.getRequestHeaders();
final String sessionId = requestHeaders.getFirst(SSL_SESSION_ID);
final String cipher = requestHeaders.getFirst(SSL_CIPHER);
String clientCert = requestHeaders.getFirst(SSL_CLIENT_CERT);
String keySizeStr = requestHeaders.getFirst(SSL_CIPHER_USEKEYSIZE);
Integer keySize = null;
if (keySizeStr != null) {
try {
keySize = Integer.parseUnsignedInt(keySizeStr);
} catch (NumberFormatException e) {
UndertowLogger.REQUEST_LOGGER.debugf("Invalid SSL_CIPHER_USEKEYSIZE header %s", keySizeStr);
}
}
if (clientCert != null || sessionId != null || cipher != null) {
if (clientCert != null) {
if (clientCert.isEmpty() || clientCert.equals(NULL_VALUE)) {
// SSL is in place but client cert was not sent
clientCert = null;
} else if (clientCert.length() > 28 + 26) {
// the proxy client replaces \n with ' '
StringBuilder sb = new StringBuilder(clientCert.length() + 1);
sb.append(Certificates.BEGIN_CERT);
sb.append('\n');
// core certificate data
sb.append(clientCert.replace(' ', '\n').substring(28, clientCert.length() - 26));
sb.append('\n');
sb.append(Certificates.END_CERT);
clientCert = sb.toString();
}
}
try {
SSLSessionInfo info = new BasicSSLSessionInfo(sessionId, cipher, clientCert, keySize);
exchange.setRequestScheme(HTTPS);
exchange.getConnection().setSslSessionInfo(info);
exchange.addExchangeCompleteListener(CLEAR_SSL_LISTENER);
} catch (java.security.cert.CertificateException | CertificateException e) {
UndertowLogger.REQUEST_LOGGER.debugf(e, "Could not create certificate from header %s", clientCert);
}
}
next.handleRequest(exchange);
}
Also used :
HeaderMap(io.undertow.util.HeaderMap)
BasicSSLSessionInfo(io.undertow.server.BasicSSLSessionInfo)
SSLSessionInfo(io.undertow.server.SSLSessionInfo)
BasicSSLSessionInfo(io.undertow.server.BasicSSLSessionInfo)
CertificateException(javax.security.cert.CertificateException)
Example 7 with SSLSessionInfo
use of io.undertow.server.SSLSessionInfo in project cxf by apache.
the class UndertowHTTPHandler method handleRequest.
@Override
public void handleRequest(HttpServerExchange undertowExchange) throws Exception {
try {
// perform blocking operation on exchange
if (undertowExchange.isInIoThread()) {
undertowExchange.dispatch(this);
return;
}
HttpServletResponseImpl response = new HttpServletResponseImpl(undertowExchange, (ServletContextImpl) servletContext);
HttpServletRequestImpl request = new HttpServletRequestImpl(undertowExchange, (ServletContextImpl) servletContext);
if (request.getMethod().equals(METHOD_TRACE)) {
response.setStatus(HttpServletResponse.SC_METHOD_NOT_ALLOWED);
return;
}
ServletRequestContext servletRequestContext = new ServletRequestContext(((ServletContextImpl) servletContext).getDeployment(), request, response, null);
undertowExchange.putAttachment(ServletRequestContext.ATTACHMENT_KEY, servletRequestContext);
request.setAttribute("HTTP_HANDLER", this);
request.setAttribute("UNDERTOW_DESTINATION", undertowHTTPDestination);
SSLSessionInfo ssl = undertowExchange.getConnection().getSslSessionInfo();
if (ssl != null) {
request.setAttribute(SSL_CIPHER_SUITE_ATTRIBUTE, ssl.getCipherSuite());
try {
request.setAttribute(SSL_PEER_CERT_CHAIN_ATTRIBUTE, ssl.getPeerCertificates());
} catch (Exception e) {
// for some case won't have the peer certification
// do nothing
}
}
undertowHTTPDestination.doService(servletContext, request, response);
} catch (Throwable t) {
t.printStackTrace();
if (undertowExchange.isResponseChannelAvailable()) {
undertowExchange.setStatusCode(500);
final String errorPage = "<html><head><title>Error</title>" + "</head><body>Internal Error 500" + t.getMessage() + "</body></html>";
undertowExchange.getResponseHeaders().put(Headers.CONTENT_LENGTH, Integer.toString(errorPage.length()));
undertowExchange.getResponseHeaders().put(Headers.CONTENT_TYPE, "text/html");
Sender sender = undertowExchange.getResponseSender();
sender.send(errorPage);
}
}
}
Also used :
Sender(io.undertow.io.Sender)
HttpServletRequestImpl(io.undertow.servlet.spec.HttpServletRequestImpl)
SSLSessionInfo(io.undertow.server.SSLSessionInfo)
ServletRequestContext(io.undertow.servlet.handlers.ServletRequestContext)
HttpServletResponseImpl(io.undertow.servlet.spec.HttpServletResponseImpl)
Aggregations
SSLSessionInfo (io.undertow.server.SSLSessionInfo)7
Certificate (java.security.cert.Certificate)2
X509Certificate (java.security.cert.X509Certificate)2
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)2
Sender (io.undertow.io.Sender)1
Account (io.undertow.security.idm.Account)1
Credential (io.undertow.security.idm.Credential)1
IdentityManager (io.undertow.security.idm.IdentityManager)1
X509CertificateCredential (io.undertow.security.idm.X509CertificateCredential)1
BasicSSLSessionInfo (io.undertow.server.BasicSSLSessionInfo)1
RenegotiationRequiredException (io.undertow.server.RenegotiationRequiredException)1
ServletRequestContext (io.undertow.servlet.handlers.ServletRequestContext)1
HttpServletRequestImpl (io.undertow.servlet.spec.HttpServletRequestImpl)1
HttpServletResponseImpl (io.undertow.servlet.spec.HttpServletResponseImpl)1
HeaderMap (io.undertow.util.HeaderMap)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
CertificateException (javax.security.cert.CertificateException)1
ServletRequest (javax.servlet.ServletRequest)1
