Examples with SslConnectionFactory org.eclipse.jetty.server.SslConnectionFactory used on opensource projects

Example 46 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project Openfire by igniterealtime.

the class HttpBindManager method createSSLConnector.

private void createSSLConnector(int securePort) {
    httpsConnector = null;
    try {
        final IdentityStore identityStore = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore(ConnectionType.BOSH_C2S);
        if (securePort > 0 && identityStore.getStore().aliases().hasMoreElements()) {
            if (!identityStore.containsDomainCertificate("RSA")) {
                Log.warn("HTTP binding: Using RSA certificates but they are not valid for " + "the hosted domain");
            }
            final ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager());
            final ConnectionConfiguration configuration = connectionManager.getListener(ConnectionType.BOSH_C2S, true).generateConnectionConfiguration();
            final SslContextFactory sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory();
            final HttpConfiguration httpsConfig = new HttpConfiguration();
            httpsConfig.setSecureScheme("https");
            httpsConfig.setSecurePort(securePort);
            configureProxiedConnector(httpsConfig);
            httpsConfig.addCustomizer(new SecureRequestCustomizer());
            final ServerConnector sslConnector;
            if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", ""))) {
                sslConnector = new HTTPSPDYServerConnector(httpBindServer, sslContextFactory);
            } else {
                sslConnector = new ServerConnector(httpBindServer, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig));
            }
            sslConnector.setHost(getBindInterface());
            sslConnector.setPort(securePort);
            httpsConnector = sslConnector;
        }
    } catch (Exception e) {
        Log.error("Error creating SSL connector for Http bind", e);
    }
}

Example 47 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class Http2Server method main.

public static void main(String... args) throws Exception {
    Server server = new Server();
    MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
    server.addBean(mbContainer);
    ServletContextHandler context = new ServletContextHandler(server, "/", ServletContextHandler.SESSIONS);
    context.setResourceBase("src/main/resources/docroot");
    context.addFilter(PushCacheFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
    // context.addFilter(PushSessionCacheFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
    context.addFilter(PushedTilesFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
    context.addServlet(new ServletHolder(servlet), "/test/*");
    context.addServlet(DefaultServlet.class, "/").setInitParameter("maxCacheSize", "81920");
    server.setHandler(context);
    // HTTP Configuration
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setSendXPoweredBy(true);
    http_config.setSendServerVersion(true);
    // HTTP Connector
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config), new HTTP2CServerConnectionFactory(http_config));
    http.setPort(8080);
    server.addConnector(http);
    // SSL Context Factory for HTTPS and HTTP/2
    String jetty_distro = System.getProperty("jetty.distro", "../../jetty-distribution/target/distribution");
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(jetty_distro + "/demo-base/etc/keystore");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR);
    // HTTPS Configuration
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    https_config.addCustomizer(new SecureRequestCustomizer());
    // HTTP/2 Connection Factory
    HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(https_config);
    ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
    alpn.setDefaultProtocol(http.getDefaultProtocol());
    // SSL Connection Factory
    SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol());
    // HTTP/2 Connector
    ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(https_config));
    http2Connector.setPort(8443);
    server.addConnector(http2Connector);
    ALPN.debug = false;
    server.start();
    //server.dumpStdErr();
    server.join();
}

Example 48 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class LikeJettyXml method main.

public static void main(String[] args) throws Exception {
    // Path to as-built jetty-distribution directory
    String jettyHomeBuild = "../../jetty-distribution/target/distribution";
    // Find jetty home and base directories
    String homePath = System.getProperty("jetty.home", jettyHomeBuild);
    File start_jar = new File(homePath, "start.jar");
    if (!start_jar.exists()) {
        homePath = jettyHomeBuild = "jetty-distribution/target/distribution";
        start_jar = new File(homePath, "start.jar");
        if (!start_jar.exists())
            throw new FileNotFoundException(start_jar.toString());
    }
    File homeDir = new File(homePath);
    String basePath = System.getProperty("jetty.base", homeDir + "/demo-base");
    File baseDir = new File(basePath);
    if (!baseDir.exists()) {
        throw new FileNotFoundException(baseDir.getAbsolutePath());
    }
    // Configure jetty.home and jetty.base system properties
    String jetty_home = homeDir.getAbsolutePath();
    String jetty_base = baseDir.getAbsolutePath();
    System.setProperty("jetty.home", jetty_home);
    System.setProperty("jetty.base", jetty_base);
    // === jetty.xml ===
    // Setup Threadpool
    QueuedThreadPool threadPool = new QueuedThreadPool();
    threadPool.setMaxThreads(500);
    // Server
    Server server = new Server(threadPool);
    // Scheduler
    server.addBean(new ScheduledExecutorScheduler());
    // HTTP Configuration
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);
    http_config.setRequestHeaderSize(8192);
    http_config.setResponseHeaderSize(8192);
    http_config.setSendServerVersion(true);
    http_config.setSendDateHeader(false);
    // httpConfig.addCustomizer(new ForwardedRequestCustomizer());
    // Handler Structure
    HandlerCollection handlers = new HandlerCollection();
    ContextHandlerCollection contexts = new ContextHandlerCollection();
    handlers.setHandlers(new Handler[] { contexts, new DefaultHandler() });
    server.setHandler(handlers);
    // Extra options
    server.setDumpAfterStart(false);
    server.setDumpBeforeStop(false);
    server.setStopAtShutdown(true);
    // === jetty-jmx.xml ===
    MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
    server.addBean(mbContainer);
    // === jetty-http.xml ===
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
    http.setPort(8080);
    http.setIdleTimeout(30000);
    server.addConnector(http);
    // === jetty-https.xml ===
    // SSL Context Factory
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(jetty_home + "/../../../jetty-server/src/test/config/etc/keystore");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    sslContextFactory.setTrustStorePath(jetty_home + "/../../../jetty-server/src/test/config/etc/keystore");
    sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
    // SSL HTTP Configuration
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    https_config.addCustomizer(new SecureRequestCustomizer());
    // SSL Connector
    ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config));
    sslConnector.setPort(8443);
    server.addConnector(sslConnector);
    // === jetty-deploy.xml ===
    DeploymentManager deployer = new DeploymentManager();
    DebugListener debug = new DebugListener(System.err, true, true, true);
    server.addBean(debug);
    deployer.addLifeCycleBinding(new DebugListenerBinding(debug));
    deployer.setContexts(contexts);
    deployer.setContextAttribute("org.eclipse.jetty.server.webapp.ContainerIncludeJarPattern", ".*/servlet-api-[^/]*\\.jar$");
    WebAppProvider webapp_provider = new WebAppProvider();
    webapp_provider.setMonitoredDirName(jetty_base + "/webapps");
    webapp_provider.setDefaultsDescriptor(jetty_home + "/etc/webdefault.xml");
    webapp_provider.setScanInterval(1);
    webapp_provider.setExtractWars(true);
    webapp_provider.setConfigurationManager(new PropertiesConfigurationManager());
    deployer.addAppProvider(webapp_provider);
    server.addBean(deployer);
    // === setup jetty plus ==
    Configuration.ClassList.setServerDefault(server).addAfter("org.eclipse.jetty.webapp.FragmentConfiguration", "org.eclipse.jetty.plus.webapp.EnvConfiguration", "org.eclipse.jetty.plus.webapp.PlusConfiguration");
    // === jetty-stats.xml ===
    StatisticsHandler stats = new StatisticsHandler();
    stats.setHandler(server.getHandler());
    server.setHandler(stats);
    ServerConnectionStatistics.addToAllConnectors(server);
    // === Rewrite Handler
    RewriteHandler rewrite = new RewriteHandler();
    rewrite.setHandler(server.getHandler());
    server.setHandler(rewrite);
    // === jetty-requestlog.xml ===
    NCSARequestLog requestLog = new NCSARequestLog();
    requestLog.setFilename(jetty_home + "/logs/yyyy_mm_dd.request.log");
    requestLog.setFilenameDateFormat("yyyy_MM_dd");
    requestLog.setRetainDays(90);
    requestLog.setAppend(true);
    requestLog.setExtended(true);
    requestLog.setLogCookies(false);
    requestLog.setLogTimeZone("GMT");
    RequestLogHandler requestLogHandler = new RequestLogHandler();
    requestLogHandler.setRequestLog(requestLog);
    handlers.addHandler(requestLogHandler);
    // === jetty-lowresources.xml ===
    LowResourceMonitor lowResourcesMonitor = new LowResourceMonitor(server);
    lowResourcesMonitor.setPeriod(1000);
    lowResourcesMonitor.setLowResourcesIdleTimeout(200);
    lowResourcesMonitor.setMonitorThreads(true);
    lowResourcesMonitor.setMaxConnections(0);
    lowResourcesMonitor.setMaxMemory(0);
    lowResourcesMonitor.setMaxLowResourcesTime(5000);
    server.addBean(lowResourcesMonitor);
    // === test-realm.xml ===
    HashLoginService login = new HashLoginService();
    login.setName("Test Realm");
    login.setConfig(jetty_base + "/etc/realm.properties");
    login.setHotReload(false);
    server.addBean(login);
    // Start the server
    server.start();
    server.join();
}

Example 49 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class ManyConnectors method main.

public static void main(String[] args) throws Exception {
    // Since this example shows off SSL configuration, we need a keystore
    // with the appropriate key. These lookup of jetty.home is purely a hack
    // to get access to a keystore that we use in many unit tests and should
    // probably be a direct path to your own keystore.
    String jettyDistKeystore = "../../jetty-distribution/target/distribution/demo-base/etc/keystore";
    String keystorePath = System.getProperty("example.keystore", jettyDistKeystore);
    File keystoreFile = new File(keystorePath);
    if (!keystoreFile.exists()) {
        throw new FileNotFoundException(keystoreFile.getAbsolutePath());
    }
    // Create a basic jetty server object without declaring the port. Since
    // we are configuring connectors directly we'll be setting ports on
    // those connectors.
    Server server = new Server();
    // HTTP Configuration
    // HttpConfiguration is a collection of configuration information
    // appropriate for http and https. The default scheme for http is
    // <code>http</code> of course, as the default for secured http is
    // <code>https</code> but we show setting the scheme to show it can be
    // done. The port for secured communication is also set here.
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);
    // HTTP connector
    // The first server connector we create is the one for http, passing in
    // the http configuration we configured above so it can get things like
    // the output buffer size, etc. We also set the port (8080) and
    // configure an idle timeout.
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
    http.setPort(8080);
    http.setIdleTimeout(30000);
    // SSL Context Factory for HTTPS
    // SSL requires a certificate so we configure a factory for ssl contents
    // with information pointing to what keystore the ssl connection needs
    // to know about. Much more configuration is available the ssl context,
    // including things like choosing the particular certificate out of a
    // keystore to be used.
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    // HTTPS Configuration
    // A new HttpConfiguration object is needed for the next connector and
    // you can pass the old one as an argument to effectively clone the
    // contents. On this HttpConfiguration object we add a
    // SecureRequestCustomizer which is how a new connector is able to
    // resolve the https connection before handing control over to the Jetty
    // Server.
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    SecureRequestCustomizer src = new SecureRequestCustomizer();
    src.setStsMaxAge(2000);
    src.setStsIncludeSubDomains(true);
    https_config.addCustomizer(src);
    // HTTPS connector
    // We create a second ServerConnector, passing in the http configuration
    // we just made along with the previously created ssl context factory.
    // Next we set the port and a longer idle timeout.
    ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config));
    https.setPort(8443);
    https.setIdleTimeout(500000);
    // Here you see the server having multiple connectors registered with
    // it, now requests can flow into the server from both http and https
    // urls to their respective ports and be processed accordingly by jetty.
    // A simple handler is also registered with the server so the example
    // has something to pass requests off to.
    // Set the connectors
    server.setConnectors(new Connector[] { http, https });
    // Set a handler
    server.setHandler(new HelloHandler());
    // Start the server
    server.start();
    server.join();
}

Example 50 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.

the class SniSslConnectionFactoryTest method testSNIConnectNoWild.

@Test
public void testSNIConnectNoWild() throws Exception {
    // Use the alternate keystore without wildcard certificates.
    _server.stop();
    _server.removeConnector(_connector);
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath("src/test/resources/snikeystore_nowild");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
    _connector = new ServerConnector(_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(_https_config));
    _server.addConnector(_connector);
    _server.start();
    _port = _connector.getLocalPort();
    // The first entry in the keystore is www.example.com, and it will
    // be returned by default, so make sure that here we don't ask for it.
    String response = getResponse("jetty.eclipse.org", "jetty.eclipse.org");
    Assert.assertThat(response, Matchers.containsString("X-HOST: jetty.eclipse.org"));
}