Search in sources :

Example 16 with SecureRequestCustomizer

use of org.eclipse.jetty.server.SecureRequestCustomizer in project knox by apache.

the class GatewayServer method createConnector.

/**
 * Create a connector for Gateway Server to listen on.
 *
 * @param server       Jetty server
 * @param config       GatewayConfig
 * @param port         If value is > 0 then the given value is used else we
 *                     use the port provided in GatewayConfig.
 * @param topologyName Connector name, only used when not null
 * @return
 * @throws IOException
 * @throws CertificateException
 * @throws NoSuchAlgorithmException
 * @throws KeyStoreException
 */
private static Connector createConnector(final Server server, final GatewayConfig config, final int port, final String topologyName) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
    ServerConnector connector;
    // Determine the socket address and check availability.
    InetSocketAddress address = config.getGatewayAddress();
    checkAddressAvailability(address);
    final int connectorPort = port > 0 ? port : address.getPort();
    checkPortConflict(connectorPort, topologyName, config);
    HttpConfiguration httpConfig = new HttpConfiguration();
    httpConfig.setRequestHeaderSize(config.getHttpServerRequestHeaderBuffer());
    // httpConfig.setRequestBufferSize( config.getHttpServerRequestBuffer() );
    httpConfig.setResponseHeaderSize(config.getHttpServerResponseHeaderBuffer());
    httpConfig.setOutputBufferSize(config.getHttpServerResponseBuffer());
    if (config.isSSLEnabled()) {
        HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
        httpsConfig.setSecureScheme("https");
        httpsConfig.setSecurePort(connectorPort);
        httpsConfig.addCustomizer(new SecureRequestCustomizer());
        SSLService ssl = services.getService("SSLService");
        String keystoreFileName = config.getGatewaySecurityDir() + File.separatorChar + "keystores" + File.separatorChar + "gateway.jks";
        SslContextFactory sslContextFactory = (SslContextFactory) ssl.buildSslContextFactory(keystoreFileName);
        connector = new ServerConnector(server, sslContextFactory, new HttpConnectionFactory(httpsConfig));
    } else {
        connector = new ServerConnector(server);
    }
    connector.setHost(address.getHostName());
    connector.setPort(connectorPort);
    if (!StringUtils.isBlank(topologyName)) {
        connector.setName(topologyName);
    }
    long idleTimeout = config.getGatewayIdleTimeout();
    if (idleTimeout > 0l) {
        connector.setIdleTimeout(idleTimeout);
    }
    return connector;
}
Also used : ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) InetSocketAddress(java.net.InetSocketAddress) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SSLService(org.apache.knox.gateway.services.security.SSLService)

Example 17 with SecureRequestCustomizer

use of org.eclipse.jetty.server.SecureRequestCustomizer in project wicket by apache.

the class StartExamples method main.

/**
 * Main function, starts the jetty server.
 *
 * @param args
 */
public static void main(String[] args) throws Exception {
    System.setProperty("wicket.configuration", "development");
    Server server = new Server();
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
    http.setPort(8080);
    http.setIdleTimeout(1000 * 60 * 60);
    server.addConnector(http);
    Resource keystore = Resource.newClassPathResource("/keystore");
    if (keystore != null && keystore.exists()) {
        // if a keystore for a SSL certificate is available, start a SSL
        // connector on port 8443.
        // By default, the quickstart comes with a Apache Wicket Quickstart
        // Certificate that expires about half way september 2021. Do not
        // use this certificate anywhere important as the passwords are
        // available in the source.
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStoreResource(keystore);
        sslContextFactory.setKeyStorePassword("wicket");
        sslContextFactory.setKeyManagerPassword("wicket");
        HttpConfiguration https_config = new HttpConfiguration(http_config);
        https_config.addCustomizer(new SecureRequestCustomizer());
        ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
        https.setPort(8443);
        https.setIdleTimeout(500000);
        server.addConnector(https);
        System.out.println("SSL access to the examples has been enabled on port 8443");
        System.out.println("You can access the application using SSL on https://localhost:8443");
        System.out.println();
    }
    WebAppContext bb = new WebAppContext();
    bb.setServer(server);
    bb.setContextPath("/");
    bb.setWar("src/main/webapp");
    ServerContainer serverContainer = WebSocketServerContainerInitializer.configureContext(bb);
    serverContainer.addEndpoint(new WicketServerEndpointConfig());
    // uncomment next line if you want to test with JSESSIONID encoded in the urls
    // ((AbstractSessionManager)
    // bb.getSessionHandler().getSessionManager()).setUsingCookies(false);
    server.setHandler(bb);
    MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer();
    MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer);
    server.addEventListener(mBeanContainer);
    server.addBean(mBeanContainer);
    try {
        server.start();
        server.join();
    } catch (Exception e) {
        e.printStackTrace();
        System.exit(100);
    }
}
Also used : SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) MBeanServer(javax.management.MBeanServer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) Resource(org.eclipse.jetty.util.resource.Resource) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) ServerConnector(org.eclipse.jetty.server.ServerConnector) WebAppContext(org.eclipse.jetty.webapp.WebAppContext) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) WicketServerEndpointConfig(org.apache.wicket.protocol.ws.javax.WicketServerEndpointConfig) MBeanContainer(org.eclipse.jetty.jmx.MBeanContainer) ServerContainer(org.eclipse.jetty.websocket.jsr356.server.ServerContainer) MBeanServer(javax.management.MBeanServer)

Example 18 with SecureRequestCustomizer

use of org.eclipse.jetty.server.SecureRequestCustomizer in project apm-agent-java by elastic.

the class ReporterFactoryTest method setUp.

@BeforeEach
void setUp() throws Exception {
    server = new Server();
    configuration = mock(ReporterConfiguration.class);
    final SslContextFactory sslContextFactory = new SslContextFactory(getClass().getResource("/keystore").getPath());
    sslContextFactory.setKeyStorePassword("password");
    sslContextFactory.getSslContext();
    final HttpConfiguration httpConfiguration = new HttpConfiguration();
    httpConfiguration.setSecureScheme("https");
    httpConfiguration.setSecurePort(0);
    final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
    httpsConfiguration.addCustomizer(new SecureRequestCustomizer());
    final ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfiguration));
    httpsConnector.setPort(0);
    server.addConnector(httpsConnector);
    server.setHandler(new AbstractHandler() {

        @Override
        public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) {
            baseRequest.setHandled(true);
        }
    });
    server.start();
}
Also used : SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) Request(org.eclipse.jetty.server.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler) ServerConnector(org.eclipse.jetty.server.ServerConnector) HttpServletRequest(javax.servlet.http.HttpServletRequest) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) BeforeEach(org.junit.jupiter.api.BeforeEach)

Example 19 with SecureRequestCustomizer

use of org.eclipse.jetty.server.SecureRequestCustomizer in project wicket-orientdb by OrienteerBAP.

the class Start method main.

/**
 * Main function, starts the jetty server.
 *
 * @param args
 */
public static void main(String[] args) {
    System.setProperty("wicket.configuration", "development");
    Server server = new Server();
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
    http.setPort(8080);
    http.setIdleTimeout(1000 * 60 * 60);
    server.addConnector(http);
    Resource keystore = Resource.newClassPathResource("/keystore");
    if (keystore != null && keystore.exists()) {
        // if a keystore for a SSL certificate is available, start a SSL
        // connector on port 8443.
        // By default, the quickstart comes with a Apache Wicket Quickstart
        // Certificate that expires about half way september 2021. Do not
        // use this certificate anywhere important as the passwords are
        // available in the source.
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStoreResource(keystore);
        sslContextFactory.setKeyStorePassword("wicket");
        sslContextFactory.setKeyManagerPassword("wicket");
        HttpConfiguration https_config = new HttpConfiguration(http_config);
        https_config.addCustomizer(new SecureRequestCustomizer());
        ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
        https.setPort(8443);
        https.setIdleTimeout(500000);
        server.addConnector(https);
        System.out.println("SSL access to the examples has been enabled on port 8443");
        System.out.println("You can access the application using SSL on https://localhost:8443");
        System.out.println();
    }
    WebAppContext bb = new WebAppContext();
    bb.setServer(server);
    bb.setContextPath("/");
    bb.setWar("src/main/webapp");
    // uncomment next line if you want to test with JSESSIONID encoded in the urls
    // ((AbstractSessionManager)
    // bb.getSessionHandler().getSessionManager()).setUsingCookies(false);
    server.setHandler(bb);
    MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer();
    MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer);
    server.addEventListener(mBeanContainer);
    server.addBean(mBeanContainer);
    try {
        server.start();
        server.join();
    } catch (Exception e) {
        e.printStackTrace();
        System.exit(100);
    }
}
Also used : ServerConnector(org.eclipse.jetty.server.ServerConnector) WebAppContext(org.eclipse.jetty.webapp.WebAppContext) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) MBeanServer(javax.management.MBeanServer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) Resource(org.eclipse.jetty.util.resource.Resource) MBeanContainer(org.eclipse.jetty.jmx.MBeanContainer) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) MBeanServer(javax.management.MBeanServer)

Example 20 with SecureRequestCustomizer

use of org.eclipse.jetty.server.SecureRequestCustomizer in project joynr by bmwcarit.

the class ServersUtil method startSSLServer.

private static Server startSSLServer(ContextHandlerCollection contexts, SSLSettings settings, int port) throws IOException, Exception {
    System.setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, "http://localhost:" + port);
    logger.info("PORT: {}", System.getProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH));
    final Server jettyServer = new Server();
    HttpConfiguration https_config = new HttpConfiguration();
    https_config.setSecureScheme("https");
    https_config.setSecurePort(port);
    https_config.setOutputBufferSize(32768);
    https_config.addCustomizer(new SecureRequestCustomizer());
    // Configure SSL
    final SslContextFactory contextFactory = new SslContextFactory();
    contextFactory.setKeyStorePath(settings.getKeyStorePath());
    contextFactory.setTrustStorePath(settings.getTrustStorePath());
    contextFactory.setKeyStorePassword(settings.getKeyStorePassword());
    contextFactory.setTrustStorePassword(settings.getKeyStorePassword());
    contextFactory.setNeedClientAuth(true);
    // Create and use an SSL connector
    ServerConnector connector = new ServerConnector(jettyServer, new SslConnectionFactory(contextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
    connector.setPort(port);
    connector.setAcceptQueueSize(1);
    jettyServer.setConnectors(new Connector[] { connector });
    String serverUrl = "https://localhost:" + port;
    System.getProperties().setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, serverUrl);
    jettyServer.setHandler(contexts);
    jettyServer.start();
    return jettyServer;
}
Also used : ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory)

Aggregations

SecureRequestCustomizer (org.eclipse.jetty.server.SecureRequestCustomizer)91 HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)89 ServerConnector (org.eclipse.jetty.server.ServerConnector)87 HttpConnectionFactory (org.eclipse.jetty.server.HttpConnectionFactory)85 SslConnectionFactory (org.eclipse.jetty.server.SslConnectionFactory)82 SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)74 Server (org.eclipse.jetty.server.Server)50 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)16 QueuedThreadPool (org.eclipse.jetty.util.thread.QueuedThreadPool)16 ServletHolder (org.eclipse.jetty.servlet.ServletHolder)13 File (java.io.File)12 IOException (java.io.IOException)12 MBeanContainer (org.eclipse.jetty.jmx.MBeanContainer)10 Connector (org.eclipse.jetty.server.Connector)10 WebAppContext (org.eclipse.jetty.webapp.WebAppContext)10 ServletException (javax.servlet.ServletException)9 HTTP2ServerConnectionFactory (org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory)8 ContextHandlerCollection (org.eclipse.jetty.server.handler.ContextHandlerCollection)8 DefaultHandler (org.eclipse.jetty.server.handler.DefaultHandler)8 HttpServletRequest (javax.servlet.http.HttpServletRequest)6