Examples with SslConnectionFactory org.eclipse.jetty.server.SslConnectionFactory used on opensource projects

Example 41 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project spring-boot by spring-projects.

the class JettyServletWebServerFactoryTests method sslCiphersConfiguration.

@Test
public void sslCiphersConfiguration() throws Exception {
    Ssl ssl = new Ssl();
    ssl.setKeyStore("src/test/resources/test.jks");
    ssl.setKeyStorePassword("secret");
    ssl.setKeyPassword("password");
    ssl.setCiphers(new String[] { "ALPHA", "BRAVO", "CHARLIE" });
    JettyServletWebServerFactory factory = getFactory();
    factory.setSsl(ssl);
    this.webServer = factory.getWebServer();
    this.webServer.start();
    JettyWebServer jettyWebServer = (JettyWebServer) this.webServer;
    ServerConnector connector = (ServerConnector) jettyWebServer.getServer().getConnectors()[0];
    SslConnectionFactory connectionFactory = connector.getConnectionFactory(SslConnectionFactory.class);
    assertThat(connectionFactory.getSslContextFactory().getIncludeCipherSuites()).containsExactly("ALPHA", "BRAVO", "CHARLIE");
    assertThat(connectionFactory.getSslContextFactory().getExcludeCipherSuites()).isEmpty();
}

Example 42 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project spring-boot by spring-projects.

the class JettyServletWebServerFactory method createSslConnector.

private AbstractConnector createSslConnector(Server server, SslContextFactory sslContextFactory, int port) {
    HttpConfiguration config = new HttpConfiguration();
    config.setSendServerVersion(false);
    config.addCustomizer(new SecureRequestCustomizer());
    HttpConnectionFactory connectionFactory = new HttpConnectionFactory(config);
    SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
    ServerConnector serverConnector = new ServerConnector(server, sslConnectionFactory, connectionFactory);
    serverConnector.setPort(port);
    return serverConnector;
}

Example 43 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project async-http-client by AsyncHttpClient.

the class TestUtils method addHttpsConnector.

public static ServerConnector addHttpsConnector(Server server) throws IOException, URISyntaxException {
    String keyStoreFile = resourceAsFile("ssltest-keystore.jks").getAbsolutePath();
    SslContextFactory sslContextFactory = new SslContextFactory(keyStoreFile);
    sslContextFactory.setKeyStorePassword("changeit");
    String trustStoreFile = resourceAsFile("ssltest-cacerts.jks").getAbsolutePath();
    sslContextFactory.setTrustStorePath(trustStoreFile);
    sslContextFactory.setTrustStorePassword("changeit");
    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.setSecureScheme("https");
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    ServerConnector connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig));
    server.addConnector(connector);
    return connector;
}

Example 44 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project symmetric-ds by JumpMind.

the class SymmetricWebServer method getConnectors.

protected Connector[] getConnectors(Server server, int port, int securePort, Mode mode) {
    ArrayList<Connector> connectors = new ArrayList<Connector>();
    HttpConfiguration httpConfig = new HttpConfiguration();
    if (mode.equals(Mode.HTTPS) || mode.equals(Mode.MIXED)) {
        httpConfig.setSecureScheme("https");
        httpConfig.setSecurePort(securePort);
    }
    httpConfig.setOutputBufferSize(32768);
    if (mode.equals(Mode.HTTP) || mode.equals(Mode.MIXED)) {
        ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
        http.setPort(port);
        http.setHost(host);
        http.setIdleTimeout(maxIdleTime);
        connectors.add(http);
        log.info(String.format("About to start %s web server on host:port %s:%s", name, host == null ? "default" : host, port));
    }
    if (mode.equals(Mode.HTTPS) || mode.equals(Mode.MIXED)) {
        ISecurityService securityService = SecurityServiceFactory.create(SecurityServiceType.SERVER, new TypedProperties(System.getProperties()));
        securityService.installDefaultSslCert(host);
        String keyStorePassword = System.getProperty(SecurityConstants.SYSPROP_KEYSTORE_PASSWORD);
        keyStorePassword = (keyStorePassword != null) ? keyStorePassword : SecurityConstants.KEYSTORE_PASSWORD;
        SslContextFactory sslConnectorFactory = new SslContextFactory();
        sslConnectorFactory.setKeyManagerPassword(keyStorePassword);
        /* Prevent POODLE attack */
        String ignoredProtocols = System.getProperty(SecurityConstants.SYSPROP_SSL_IGNORE_PROTOCOLS);
        if (ignoredProtocols != null && ignoredProtocols.length() > 0) {
            String[] protocols = ignoredProtocols.split(",");
            sslConnectorFactory.addExcludeProtocols(protocols);
        } else {
            sslConnectorFactory.addExcludeProtocols("SSLv3");
        }
        String ignoredCiphers = System.getProperty(SecurityConstants.SYSPROP_SSL_IGNORE_CIPHERS);
        if (ignoredCiphers != null && ignoredCiphers.length() > 0) {
            String[] ciphers = ignoredCiphers.split(",");
            sslConnectorFactory.addExcludeCipherSuites(ciphers);
        }
        sslConnectorFactory.setCertAlias(System.getProperty(SecurityConstants.SYSPROP_KEYSTORE_CERT_ALIAS, SecurityConstants.ALIAS_SYM_PRIVATE_KEY));
        sslConnectorFactory.setKeyStore(securityService.getKeyStore());
        sslConnectorFactory.setTrustStore(securityService.getTrustStore());
        HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
        httpsConfig.addCustomizer(new SecureRequestCustomizer());
        ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslConnectorFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
        https.setPort(securePort);
        https.setIdleTimeout(maxIdleTime);
        https.setHost(host);
        connectors.add(https);
        log.info(String.format("About to start %s web server on secure host:port %s:%s", name, host == null ? "default" : host, securePort));
    }
    return connectors.toArray(new Connector[connectors.size()]);
}

Example 45 with SslConnectionFactory

use of org.eclipse.jetty.server.SslConnectionFactory in project voltdb by VoltDB.

the class HTTPAdminListener method getSSLServerConnector.

private ServerConnector getSSLServerConnector(SslContextFactory sslContextFactory, String intf, int port) throws IOException {
    // SSL HTTP Configuration
    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.setSecureScheme("ssl");
    httpsConfig.setSecurePort(port);
    //Add this customizer to indicate we are in ssl land
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    HttpConnectionFactory factory = new HttpConnectionFactory(httpsConfig);
    // SSL Connector
    ServerConnector connector = new ServerConnector(m_server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), factory);
    if (intf != null && !intf.trim().isEmpty()) {
        connector.setHost(intf);
    }
    connector.setPort(port);
    connector.setName("VoltDB-HTTPS");
    connector.open();
    return connector;
}