use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.
the class SniSslConnectionFactoryTest method testSNIConnectNoWild.
@Test
public void testSNIConnectNoWild() throws Exception {
// Use the alternate keystore without wildcard certificates.
_server.stop();
_server.removeConnector(_connector);
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath("src/test/resources/snikeystore_nowild");
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
_connector = new ServerConnector(_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(_https_config));
_server.addConnector(_connector);
_server.start();
_port = _connector.getLocalPort();
// The first entry in the keystore is www.example.com, and it will
// be returned by default, so make sure that here we don't ask for it.
String response = getResponse("jetty.eclipse.org", "jetty.eclipse.org");
Assert.assertThat(response, Matchers.containsString("X-HOST: jetty.eclipse.org"));
}
use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.
the class SniSslConnectionFactoryTest method before.
@Before
public void before() throws Exception {
String keystorePath = "src/test/resources/snikeystore";
File keystoreFile = new File(keystorePath);
if (!keystoreFile.exists())
throw new FileNotFoundException(keystoreFile.getAbsolutePath());
_server = new Server();
HttpConfiguration http_config = new HttpConfiguration();
http_config.setSecureScheme("https");
http_config.setSecurePort(8443);
http_config.setOutputBufferSize(32768);
_https_config = new HttpConfiguration(http_config);
_https_config.addCustomizer(new SecureRequestCustomizer());
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath());
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
ServerConnector https = _connector = new ServerConnector(_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(_https_config));
_server.addConnector(https);
_server.setHandler(new AbstractHandler.ErrorDispatchHandler() {
@Override
protected void doNonErrorHandle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) {
baseRequest.setHandled(true);
response.setStatus(200);
response.setHeader("X-URL", request.getRequestURI());
response.setHeader("X-HOST", request.getServerName());
}
});
_server.start();
_port = https.getLocalPort();
}
use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.
the class SecuredRedirectHandlerTest method startServer.
@BeforeClass
public static void startServer() throws Exception {
// Setup SSL
File keystore = MavenTestingUtils.getTestResourceFile("keystore");
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(keystore.getAbsolutePath());
sslContextFactory.setKeyStorePassword("storepwd");
sslContextFactory.setKeyManagerPassword("keypwd");
sslContextFactory.setTrustStorePath(keystore.getAbsolutePath());
sslContextFactory.setTrustStorePassword("storepwd");
server = new Server();
int port = 32080;
int securePort = 32443;
// Setup HTTP Configuration
HttpConfiguration httpConf = new HttpConfiguration();
httpConf.setSecurePort(securePort);
httpConf.setSecureScheme("https");
ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConf));
httpConnector.setName("unsecured");
httpConnector.setPort(port);
// Setup HTTPS Configuration
HttpConfiguration httpsConf = new HttpConfiguration(httpConf);
httpsConf.addCustomizer(new SecureRequestCustomizer());
ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConf));
httpsConnector.setName("secured");
httpsConnector.setPort(securePort);
// Add connectors
server.setConnectors(new Connector[] { httpConnector, httpsConnector });
// Wire up contexts
String[] secureHosts = new String[] { "@secured" };
ContextHandler test1Context = new ContextHandler();
test1Context.setContextPath("/test1");
test1Context.setHandler(new HelloHandler("Hello1"));
test1Context.setVirtualHosts(secureHosts);
ContextHandler test2Context = new ContextHandler();
test2Context.setContextPath("/test2");
test2Context.setHandler(new HelloHandler("Hello2"));
test2Context.setVirtualHosts(secureHosts);
ContextHandler rootContext = new ContextHandler();
rootContext.setContextPath("/");
rootContext.setHandler(new RootHandler("/test1", "/test2"));
rootContext.setVirtualHosts(secureHosts);
// Wire up context for unsecure handling to only
// the named 'unsecured' connector
ContextHandler redirectHandler = new ContextHandler();
redirectHandler.setContextPath("/");
redirectHandler.setHandler(new SecuredRedirectHandler());
redirectHandler.setVirtualHosts(new String[] { "@unsecured" });
// Establish all handlers that have a context
ContextHandlerCollection contextHandlers = new ContextHandlerCollection();
contextHandlers.setHandlers(new Handler[] { redirectHandler, rootContext, test1Context, test2Context });
// Create server level handler tree
HandlerList handlers = new HandlerList();
handlers.addHandler(contextHandlers);
// round things out
handlers.addHandler(new DefaultHandler());
server.setHandler(handlers);
server.start();
// calculate serverUri
String host = httpConnector.getHost();
if (host == null) {
host = "localhost";
}
serverHttpUri = new URI(String.format("http://%s:%d/", host, httpConnector.getLocalPort()));
serverHttpsUri = new URI(String.format("https://%s:%d/", host, httpsConnector.getLocalPort()));
origVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
origSsf = HttpsURLConnection.getDefaultSSLSocketFactory();
HttpsURLConnection.setDefaultHostnameVerifier(new AllowAllVerifier());
HttpsURLConnection.setDefaultSSLSocketFactory(sslContextFactory.getSslContext().getSocketFactory());
}
use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.
the class SslContextFactoryReloadTest method start.
private void start(Handler handler) throws Exception {
server = new Server();
sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(KEYSTORE_1);
sslContextFactory.setKeyStorePassword("storepwd");
sslContextFactory.setKeyStoreType("JKS");
sslContextFactory.setKeyStoreProvider(null);
HttpConfiguration httpsConfig = new HttpConfiguration();
httpsConfig.addCustomizer(new SecureRequestCustomizer());
connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
server.addConnector(connector);
server.setHandler(handler);
server.start();
}
use of org.eclipse.jetty.server.SslConnectionFactory in project jetty.project by eclipse.
the class TestTransparentProxyServer method main.
public static void main(String[] args) throws Exception {
((StdErrLog) Log.getLog()).setSource(false);
String jetty_root = "../../..";
// Setup Threadpool
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(100);
// Setup server
Server server = new Server(threadPool);
server.manage(threadPool);
// Setup JMX
MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
server.addBean(mbContainer);
server.addBean(Log.getLog());
// Common HTTP configuration
HttpConfiguration config = new HttpConfiguration();
config.setSecurePort(8443);
config.addCustomizer(new ForwardedRequestCustomizer());
config.setSendDateHeader(true);
config.setSendServerVersion(true);
// Http Connector
HttpConnectionFactory http = new HttpConnectionFactory(config);
ServerConnector httpConnector = new ServerConnector(server, http);
httpConnector.setPort(8080);
httpConnector.setIdleTimeout(30000);
server.addConnector(httpConnector);
// SSL configurations
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
sslContextFactory.setTrustStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
sslContextFactory.setCipherComparator(new HTTP2Cipher.CipherComparator());
// HTTPS Configuration
HttpConfiguration https_config = new HttpConfiguration(config);
https_config.addCustomizer(new SecureRequestCustomizer());
// HTTP2 factory
HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(https_config);
ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
alpn.setDefaultProtocol(h2.getProtocol());
// SSL Factory
SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol());
// HTTP2 Connector
ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(https_config));
http2Connector.setPort(8443);
http2Connector.setIdleTimeout(15000);
server.addConnector(http2Connector);
// Handlers
HandlerCollection handlers = new HandlerCollection();
ContextHandlerCollection contexts = new ContextHandlerCollection();
handlers.setHandlers(new Handler[] { contexts, new DefaultHandler() });
server.setHandler(handlers);
// Setup proxy webapp
WebAppContext webapp = new WebAppContext();
webapp.setResourceBase("src/main/webapp");
contexts.addHandler(webapp);
// start server
server.setStopAtShutdown(true);
server.start();
server.join();
}
Aggregations