Search in sources :

Example 11 with Connector

use of org.apache.catalina.connector.Connector in project tomcat by apache.

the class TesterSupport method initSsl.

protected static void initSsl(Tomcat tomcat, String keystore, String keystorePass, String keyPass) {
    String protocol = tomcat.getConnector().getProtocolHandlerClassName();
    if (protocol.indexOf("Apr") == -1) {
        Connector connector = tomcat.getConnector();
        String sslImplementation = System.getProperty("tomcat.test.sslImplementation");
        if (sslImplementation != null && !"${test.sslImplementation}".equals(sslImplementation)) {
            StandardServer server = (StandardServer) tomcat.getServer();
            AprLifecycleListener listener = new AprLifecycleListener();
            listener.setSSLRandomSeed("/dev/urandom");
            server.addLifecycleListener(listener);
            tomcat.getConnector().setAttribute("sslImplementationName", sslImplementation);
        }
        connector.setProperty("sslProtocol", "tls");
        File keystoreFile = new File("test/org/apache/tomcat/util/net/" + keystore);
        connector.setAttribute("keystoreFile", keystoreFile.getAbsolutePath());
        File truststoreFile = new File("test/org/apache/tomcat/util/net/ca.jks");
        connector.setAttribute("truststoreFile", truststoreFile.getAbsolutePath());
        if (keystorePass != null) {
            connector.setAttribute("keystorePass", keystorePass);
        }
        if (keyPass != null) {
            connector.setAttribute("keyPass", keyPass);
        }
    } else {
        File keystoreFile = new File("test/org/apache/tomcat/util/net/localhost-cert.pem");
        tomcat.getConnector().setAttribute("SSLCertificateFile", keystoreFile.getAbsolutePath());
        keystoreFile = new File("test/org/apache/tomcat/util/net/localhost-key.pem");
        tomcat.getConnector().setAttribute("SSLCertificateKeyFile", keystoreFile.getAbsolutePath());
    }
    tomcat.getConnector().setSecure(true);
    tomcat.getConnector().setProperty("SSLEnabled", "true");
}
Also used : Connector(org.apache.catalina.connector.Connector) AprLifecycleListener(org.apache.catalina.core.AprLifecycleListener) StandardServer(org.apache.catalina.core.StandardServer) File(java.io.File)

Example 12 with Connector

use of org.apache.catalina.connector.Connector in project tomcat by apache.

the class ManagerServlet method getConnectorCiphers.

protected Map<String, Set<String>> getConnectorCiphers() {
    Map<String, Set<String>> result = new HashMap<>();
    Engine e = (Engine) host.getParent();
    Service s = e.getService();
    Connector[] connectors = s.findConnectors();
    for (Connector connector : connectors) {
        if (Boolean.TRUE.equals(connector.getProperty("SSLEnabled"))) {
            SSLHostConfig[] sslHostConfigs = connector.getProtocolHandler().findSslHostConfigs();
            for (SSLHostConfig sslHostConfig : sslHostConfigs) {
                String name = connector.toString() + "-" + sslHostConfig.getHostName();
                Set<String> cipherList = new HashSet<>();
                String[] cipherNames = sslHostConfig.getEnabledCiphers();
                for (String cipherName : cipherNames) {
                    cipherList.add(cipherName);
                }
                result.put(name, cipherList);
            }
        } else {
            Set<String> cipherList = new HashSet<>();
            cipherList.add(sm.getString("managerServlet.notSslConnector"));
            result.put(connector.toString(), cipherList);
        }
    }
    return result;
}
Also used : Connector(org.apache.catalina.connector.Connector) HashSet(java.util.HashSet) Set(java.util.Set) HashMap(java.util.HashMap) Service(org.apache.catalina.Service) SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig) Engine(org.apache.catalina.Engine) HashSet(java.util.HashSet)

Example 13 with Connector

use of org.apache.catalina.connector.Connector in project tomcat by apache.

the class RewriteValve method invoke.

@Override
public void invoke(Request request, Response response) throws IOException, ServletException {
    if (!getEnabled() || rules == null || rules.length == 0) {
        getNext().invoke(request, response);
        return;
    }
    if (Boolean.TRUE.equals(invoked.get())) {
        try {
            getNext().invoke(request, response);
        } finally {
            invoked.set(null);
        }
        return;
    }
    try {
        Resolver resolver = new ResolverImpl(request);
        invoked.set(Boolean.TRUE);
        // As long as MB isn't a char sequence or affiliated, this has to be
        // converted to a string
        String uriEncoding = request.getConnector().getURIEncoding();
        String originalQueryStringEncoded = request.getQueryString();
        MessageBytes urlMB = context ? request.getRequestPathMB() : request.getDecodedRequestURIMB();
        urlMB.toChars();
        CharSequence urlDecoded = urlMB.getCharChunk();
        CharSequence host = request.getServerName();
        boolean rewritten = false;
        boolean done = false;
        boolean qsa = false;
        for (int i = 0; i < rules.length; i++) {
            RewriteRule rule = rules[i];
            CharSequence test = (rule.isHost()) ? host : urlDecoded;
            CharSequence newtest = rule.evaluate(test, resolver);
            if (newtest != null && !test.equals(newtest.toString())) {
                if (containerLog.isDebugEnabled()) {
                    containerLog.debug("Rewrote " + test + " as " + newtest + " with rule pattern " + rule.getPatternString());
                }
                if (rule.isHost()) {
                    host = newtest;
                } else {
                    urlDecoded = newtest;
                }
                rewritten = true;
            }
            // Check QSA before the final reply
            if (!qsa && newtest != null && rule.isQsappend()) {
                // TODO: This logic will need some tweaks if we add QSD
                //       support
                qsa = true;
            }
            // - forbidden
            if (rule.isForbidden() && newtest != null) {
                response.sendError(HttpServletResponse.SC_FORBIDDEN);
                done = true;
                break;
            }
            // - gone
            if (rule.isGone() && newtest != null) {
                response.sendError(HttpServletResponse.SC_GONE);
                done = true;
                break;
            }
            // - redirect (code)
            if (rule.isRedirect() && newtest != null) {
                // Append the query string to the url if there is one and it
                // hasn't been rewritten
                String urlStringDecoded = urlDecoded.toString();
                int index = urlStringDecoded.indexOf("?");
                String rewrittenQueryStringDecoded;
                if (index == -1) {
                    rewrittenQueryStringDecoded = null;
                } else {
                    rewrittenQueryStringDecoded = urlStringDecoded.substring(index + 1);
                    urlStringDecoded = urlStringDecoded.substring(0, index);
                }
                StringBuffer urlStringEncoded = new StringBuffer(ENCODER.encode(urlStringDecoded, uriEncoding));
                if (originalQueryStringEncoded != null && originalQueryStringEncoded.length() > 0) {
                    if (rewrittenQueryStringDecoded == null) {
                        urlStringEncoded.append('?');
                        urlStringEncoded.append(originalQueryStringEncoded);
                    } else {
                        if (qsa) {
                            // if qsa is specified append the query
                            urlStringEncoded.append('?');
                            urlStringEncoded.append(ENCODER.encode(rewrittenQueryStringDecoded, uriEncoding));
                            urlStringEncoded.append('&');
                            urlStringEncoded.append(originalQueryStringEncoded);
                        } else if (index == urlStringEncoded.length() - 1) {
                            // if the ? is the last character delete it, its only purpose was to
                            // prevent the rewrite module from appending the query string
                            urlStringEncoded.deleteCharAt(index);
                        } else {
                            urlStringEncoded.append('?');
                            urlStringEncoded.append(ENCODER.encode(rewrittenQueryStringDecoded, uriEncoding));
                        }
                    }
                } else if (rewrittenQueryStringDecoded != null) {
                    urlStringEncoded.append('?');
                    urlStringEncoded.append(ENCODER.encode(rewrittenQueryStringDecoded, uriEncoding));
                }
                // 3. the url isn't absolute
                if (context && urlStringEncoded.charAt(0) == '/' && !UriUtil.hasScheme(urlStringEncoded)) {
                    urlStringEncoded.insert(0, request.getContext().getEncodedPath());
                }
                if (rule.isNoescape()) {
                    response.sendRedirect(URLDecoder.decode(urlStringEncoded.toString(), uriEncoding));
                } else {
                    response.sendRedirect(urlStringEncoded.toString());
                }
                response.setStatus(rule.getRedirectCode());
                done = true;
                break;
            }
            // - cookie
            if (rule.isCookie() && newtest != null) {
                Cookie cookie = new Cookie(rule.getCookieName(), rule.getCookieResult());
                cookie.setDomain(rule.getCookieDomain());
                cookie.setMaxAge(rule.getCookieLifetime());
                cookie.setPath(rule.getCookiePath());
                cookie.setSecure(rule.isCookieSecure());
                cookie.setHttpOnly(rule.isCookieHttpOnly());
                response.addCookie(cookie);
            }
            // - env (note: this sets a request attribute)
            if (rule.isEnv() && newtest != null) {
                for (int j = 0; j < rule.getEnvSize(); j++) {
                    request.setAttribute(rule.getEnvName(j), rule.getEnvResult(j));
                }
            }
            //   to do that)
            if (rule.isType() && newtest != null) {
                request.setContentType(rule.getTypeValue());
            }
            // - chain (skip remaining chained rules if this one does not match)
            if (rule.isChain() && newtest == null) {
                for (int j = i; j < rules.length; j++) {
                    if (!rules[j].isChain()) {
                        i = j;
                        break;
                    }
                }
                continue;
            }
            // - last (stop rewriting here)
            if (rule.isLast() && newtest != null) {
                break;
            }
            // - next (redo again)
            if (rule.isNext() && newtest != null) {
                i = 0;
                continue;
            }
            // - skip (n rules)
            if (newtest != null) {
                i += rule.getSkip();
            }
        }
        if (rewritten) {
            if (!done) {
                // See if we need to replace the query string
                String urlStringDecoded = urlDecoded.toString();
                String queryStringDecoded = null;
                int queryIndex = urlStringDecoded.indexOf('?');
                if (queryIndex != -1) {
                    queryStringDecoded = urlStringDecoded.substring(queryIndex + 1);
                    urlStringDecoded = urlStringDecoded.substring(0, queryIndex);
                }
                // Save the current context path before re-writing starts
                String contextPath = null;
                if (context) {
                    contextPath = request.getContextPath();
                }
                // Populated the encoded (i.e. undecoded) requestURI
                request.getCoyoteRequest().requestURI().setString(null);
                CharChunk chunk = request.getCoyoteRequest().requestURI().getCharChunk();
                chunk.recycle();
                if (context) {
                    // This is neither decoded nor normalized
                    chunk.append(contextPath);
                }
                chunk.append(ENCODER.encode(urlStringDecoded, uriEncoding));
                request.getCoyoteRequest().requestURI().toChars();
                // Decoded and normalized URI
                // Rewriting may have denormalized the URL
                urlStringDecoded = RequestUtil.normalize(urlStringDecoded);
                request.getCoyoteRequest().decodedURI().setString(null);
                chunk = request.getCoyoteRequest().decodedURI().getCharChunk();
                chunk.recycle();
                if (context) {
                    // This is decoded and normalized
                    chunk.append(request.getServletContext().getContextPath());
                }
                chunk.append(urlStringDecoded);
                request.getCoyoteRequest().decodedURI().toChars();
                // Set the new Query if there is one
                if (queryStringDecoded != null) {
                    request.getCoyoteRequest().queryString().setString(null);
                    chunk = request.getCoyoteRequest().queryString().getCharChunk();
                    chunk.recycle();
                    chunk.append(ENCODER.encode(queryStringDecoded, uriEncoding));
                    if (qsa && originalQueryStringEncoded != null && originalQueryStringEncoded.length() > 0) {
                        chunk.append('&');
                        chunk.append(originalQueryStringEncoded);
                    }
                    if (!chunk.isNull()) {
                        request.getCoyoteRequest().queryString().toChars();
                    }
                }
                // Set the new host if it changed
                if (!host.equals(request.getServerName())) {
                    request.getCoyoteRequest().serverName().setString(null);
                    chunk = request.getCoyoteRequest().serverName().getCharChunk();
                    chunk.recycle();
                    chunk.append(host.toString());
                    request.getCoyoteRequest().serverName().toChars();
                }
                request.getMappingData().recycle();
                // Reinvoke the whole request recursively
                try {
                    Connector connector = request.getConnector();
                    if (!connector.getProtocolHandler().getAdapter().prepare(request.getCoyoteRequest(), response.getCoyoteResponse())) {
                        return;
                    }
                    Pipeline pipeline = connector.getService().getContainer().getPipeline();
                    request.setAsyncSupported(pipeline.isAsyncSupported());
                    pipeline.getFirst().invoke(request, response);
                } catch (Exception e) {
                // This doesn't actually happen in the Catalina adapter implementation
                }
            }
        } else {
            getNext().invoke(request, response);
        }
    } finally {
        invoked.set(null);
    }
}
Also used : Cookie(javax.servlet.http.Cookie) Connector(org.apache.catalina.connector.Connector) MessageBytes(org.apache.tomcat.util.buf.MessageBytes) ServletException(javax.servlet.ServletException) LifecycleException(org.apache.catalina.LifecycleException) IOException(java.io.IOException) Pipeline(org.apache.catalina.Pipeline) CharChunk(org.apache.tomcat.util.buf.CharChunk)

Example 14 with Connector

use of org.apache.catalina.connector.Connector in project sonarqube by SonarSource.

the class TomcatConnectors method newConnector.

private static Connector newConnector(Props props, String protocol, String scheme) {
    Connector connector = new Connector(protocol);
    connector.setURIEncoding("UTF-8");
    connector.setProperty("address", props.value("sonar.web.host", "0.0.0.0"));
    connector.setProperty("socket.soReuseAddress", "true");
    configurePool(props, connector, scheme);
    configureCompression(connector);
    return connector;
}
Also used : Connector(org.apache.catalina.connector.Connector)

Example 15 with Connector

use of org.apache.catalina.connector.Connector in project sonarqube by SonarSource.

the class TomcatConnectors method configure.

static void configure(Tomcat tomcat, Props props) {
    Connector httpConnector = newHttpConnector(props);
    tomcat.getService().addConnector(httpConnector);
}
Also used : Connector(org.apache.catalina.connector.Connector)

Aggregations

Connector (org.apache.catalina.connector.Connector)66 Test (org.junit.Test)16 Service (org.apache.catalina.Service)14 File (java.io.File)10 Tomcat (org.apache.catalina.startup.Tomcat)10 Context (org.apache.catalina.Context)6 Engine (org.apache.catalina.Engine)6 Properties (java.util.Properties)5 StandardService (org.apache.catalina.core.StandardService)5 SSLHostConfig (org.apache.tomcat.util.net.SSLHostConfig)5 IOException (java.io.IOException)4 URI (java.net.URI)4 ArrayList (java.util.ArrayList)4 Executor (org.apache.catalina.Executor)4 HashMap (java.util.HashMap)3 ObjectName (javax.management.ObjectName)3 Container (org.apache.catalina.Container)3 LifecycleException (org.apache.catalina.LifecycleException)3 Wrapper (org.apache.catalina.Wrapper)3 InetAddress (java.net.InetAddress)2