use of org.eclipse.jetty.server.SecureRequestCustomizer in project knox by apache.
the class GatewayServer method createConnector.
/**
* Create a connector for Gateway Server to listen on.
*
* @param server Jetty server
* @param config GatewayConfig
* @param port If value is > 0 then the given value is used else we
* use the port provided in GatewayConfig.
* @param topologyName Connector name, only used when not null
* @return
* @throws IOException
* @throws CertificateException
* @throws NoSuchAlgorithmException
* @throws KeyStoreException
*/
private static Connector createConnector(final Server server, final GatewayConfig config, final int port, final String topologyName) throws IOException, CertificateException, NoSuchAlgorithmException, KeyStoreException {
ServerConnector connector;
// Determine the socket address and check availability.
InetSocketAddress address = config.getGatewayAddress();
checkAddressAvailability(address);
final int connectorPort = port > 0 ? port : address.getPort();
checkPortConflict(connectorPort, topologyName, config);
HttpConfiguration httpConfig = new HttpConfiguration();
httpConfig.setRequestHeaderSize(config.getHttpServerRequestHeaderBuffer());
// httpConfig.setRequestBufferSize( config.getHttpServerRequestBuffer() );
httpConfig.setResponseHeaderSize(config.getHttpServerResponseHeaderBuffer());
httpConfig.setOutputBufferSize(config.getHttpServerResponseBuffer());
if (config.isSSLEnabled()) {
HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
httpsConfig.setSecureScheme("https");
httpsConfig.setSecurePort(connectorPort);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
SSLService ssl = services.getService("SSLService");
String keystoreFileName = config.getGatewaySecurityDir() + File.separatorChar + "keystores" + File.separatorChar + "gateway.jks";
SslContextFactory sslContextFactory = (SslContextFactory) ssl.buildSslContextFactory(keystoreFileName);
connector = new ServerConnector(server, sslContextFactory, new HttpConnectionFactory(httpsConfig));
} else {
connector = new ServerConnector(server);
}
connector.setHost(address.getHostName());
connector.setPort(connectorPort);
if (!StringUtils.isBlank(topologyName)) {
connector.setName(topologyName);
}
long idleTimeout = config.getGatewayIdleTimeout();
if (idleTimeout > 0l) {
connector.setIdleTimeout(idleTimeout);
}
return connector;
}
use of org.eclipse.jetty.server.SecureRequestCustomizer in project wicket by apache.
the class StartExamples method main.
/**
* Main function, starts the jetty server.
*
* @param args
*/
public static void main(String[] args) throws Exception {
System.setProperty("wicket.configuration", "development");
Server server = new Server();
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(8443);
http_config.setOutputBufferSize(32768);
ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
http.setPort(8080);
http.setIdleTimeout(1000 * 60 * 60);
server.addConnector(http);
Resource keystore = Resource.newClassPathResource("/keystore");
if (keystore != null && keystore.exists()) {
// if a keystore for a SSL certificate is available, start a SSL
// connector on port 8443.
// By default, the quickstart comes with a Apache Wicket Quickstart
// Certificate that expires about half way september 2021. Do not
// use this certificate anywhere important as the passwords are
// available in the source.
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStoreResource(keystore);
sslContextFactory.setKeyStorePassword("wicket");
sslContextFactory.setKeyManagerPassword("wicket");
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
https.setPort(8443);
https.setIdleTimeout(500000);
server.addConnector(https);
System.out.println("SSL access to the examples has been enabled on port 8443");
System.out.println("You can access the application using SSL on https://localhost:8443");
System.out.println();
}
WebAppContext bb = new WebAppContext();
bb.setServer(server);
bb.setContextPath("/");
bb.setWar("src/main/webapp");
ServerContainer serverContainer = WebSocketServerContainerInitializer.configureContext(bb);
serverContainer.addEndpoint(new WicketServerEndpointConfig());
// uncomment next line if you want to test with JSESSIONID encoded in the urls
// ((AbstractSessionManager)
// bb.getSessionHandler().getSessionManager()).setUsingCookies(false);
server.setHandler(bb);
MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer();
MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer);
server.addEventListener(mBeanContainer);
server.addBean(mBeanContainer);
try {
server.start();
server.join();
} catch (Exception e) {
e.printStackTrace();
System.exit(100);
}
}
use of org.eclipse.jetty.server.SecureRequestCustomizer in project apm-agent-java by elastic.
the class ReporterFactoryTest method setUp.
@BeforeEach
void setUp() throws Exception {
server = new Server();
configuration = mock(ReporterConfiguration.class);
final SslContextFactory sslContextFactory = new SslContextFactory(getClass().getResource("/keystore").getPath());
sslContextFactory.setKeyStorePassword("password");
sslContextFactory.getSslContext();
final HttpConfiguration httpConfiguration = new HttpConfiguration();
httpConfiguration.setSecureScheme("https");
httpConfiguration.setSecurePort(0);
final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
httpsConfiguration.addCustomizer(new SecureRequestCustomizer());
final ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfiguration));
httpsConnector.setPort(0);
server.addConnector(httpsConnector);
server.setHandler(new AbstractHandler() {
@Override
public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) {
baseRequest.setHandled(true);
}
});
server.start();
}
use of org.eclipse.jetty.server.SecureRequestCustomizer in project wicket-orientdb by OrienteerBAP.
the class Start method main.
/**
* Main function, starts the jetty server.
*
* @param args
*/
public static void main(String[] args) {
System.setProperty("wicket.configuration", "development");
Server server = new Server();
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(8443);
http_config.setOutputBufferSize(32768);
ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
http.setPort(8080);
http.setIdleTimeout(1000 * 60 * 60);
server.addConnector(http);
Resource keystore = Resource.newClassPathResource("/keystore");
if (keystore != null && keystore.exists()) {
// if a keystore for a SSL certificate is available, start a SSL
// connector on port 8443.
// By default, the quickstart comes with a Apache Wicket Quickstart
// Certificate that expires about half way september 2021. Do not
// use this certificate anywhere important as the passwords are
// available in the source.
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStoreResource(keystore);
sslContextFactory.setKeyStorePassword("wicket");
sslContextFactory.setKeyManagerPassword("wicket");
HttpConfiguration https_config = new HttpConfiguration(http_config);
https_config.addCustomizer(new SecureRequestCustomizer());
ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
https.setPort(8443);
https.setIdleTimeout(500000);
server.addConnector(https);
System.out.println("SSL access to the examples has been enabled on port 8443");
System.out.println("You can access the application using SSL on https://localhost:8443");
System.out.println();
}
WebAppContext bb = new WebAppContext();
bb.setServer(server);
bb.setContextPath("/");
bb.setWar("src/main/webapp");
// uncomment next line if you want to test with JSESSIONID encoded in the urls
// ((AbstractSessionManager)
// bb.getSessionHandler().getSessionManager()).setUsingCookies(false);
server.setHandler(bb);
MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer();
MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer);
server.addEventListener(mBeanContainer);
server.addBean(mBeanContainer);
try {
server.start();
server.join();
} catch (Exception e) {
e.printStackTrace();
System.exit(100);
}
}
use of org.eclipse.jetty.server.SecureRequestCustomizer in project joynr by bmwcarit.
the class ServersUtil method startSSLServer.
private static Server startSSLServer(ContextHandlerCollection contexts, SSLSettings settings, int port) throws IOException, Exception {
System.setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, "http://localhost:" + port);
logger.info("PORT: {}", System.getProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH));
final Server jettyServer = new Server();
HttpConfiguration https_config = new HttpConfiguration();
https_config.setSecureScheme("https");
https_config.setSecurePort(port);
https_config.setOutputBufferSize(32768);
https_config.addCustomizer(new SecureRequestCustomizer());
// Configure SSL
final SslContextFactory contextFactory = new SslContextFactory();
contextFactory.setKeyStorePath(settings.getKeyStorePath());
contextFactory.setTrustStorePath(settings.getTrustStorePath());
contextFactory.setKeyStorePassword(settings.getKeyStorePassword());
contextFactory.setTrustStorePassword(settings.getKeyStorePassword());
contextFactory.setNeedClientAuth(true);
// Create and use an SSL connector
ServerConnector connector = new ServerConnector(jettyServer, new SslConnectionFactory(contextFactory, "http/1.1"), new HttpConnectionFactory(https_config));
connector.setPort(port);
connector.setAcceptQueueSize(1);
jettyServer.setConnectors(new Connector[] { connector });
String serverUrl = "https://localhost:" + port;
System.getProperties().setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, serverUrl);
jettyServer.setHandler(contexts);
jettyServer.start();
return jettyServer;
}
Aggregations