Examples with KeyStoreScanner org.eclipse.jetty.util.ssl.KeyStoreScanner used on opensource projects
Example 1 with KeyStoreScanner
use of org.eclipse.jetty.util.ssl.KeyStoreScanner in project athenz by yahoo.
the class AthenzJettyContainer method addHTTPSConnector.
void addHTTPSConnector(HttpConfiguration httpConfig, int httpsPort, boolean proxyProtocol, String listenHost, int idleTimeout, boolean needClientAuth, JettyConnectionLogger connectionLogger) {
// SSL Context Factory
SslContextFactory.Server sslContextFactory = createSSLContextObject(needClientAuth);
// SSL HTTP Configuration
HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
httpsConfig.setSecureScheme("https");
httpsConfig.setSecurePort(httpsPort);
httpsConfig.addCustomizer(new SecureRequestCustomizer());
// SSL Connector
ServerConnector sslConnector;
if (proxyProtocol) {
sslConnector = new ServerConnector(server, new ProxyConnectionFactory(), new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
} else {
sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
}
sslConnector.setPort(httpsPort);
sslConnector.setIdleTimeout(idleTimeout);
if (listenHost != null) {
sslConnector.setHost(listenHost);
}
if (connectionLogger != null) {
sslConnector.addBean(connectionLogger);
}
server.addConnector(sslConnector);
// Reload the key-store if the file is changed
final int reloadSslContextSeconds = Integer.parseInt(System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_RELOAD_SEC, "0"));
if ((reloadSslContextSeconds > 0) && (sslContextFactory.getKeyStorePath() != null)) {
try {
KeyStoreScanner keystoreScanner = new KeyStoreScanner(sslContextFactory);
keystoreScanner.setScanInterval(reloadSslContextSeconds);
server.addBean(keystoreScanner);
} catch (IllegalArgumentException exception) {
LOG.error("Keystore cant be automatically reloaded when \"{}\" is changed: {}", sslContextFactory.getKeyStorePath(), exception.getMessage());
throw exception;
}
}
}
Also used :
ServerConnector(org.eclipse.jetty.server.ServerConnector)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer)
HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory)
KeyStoreScanner(org.eclipse.jetty.util.ssl.KeyStoreScanner)
HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration)
SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory)
ProxyConnectionFactory(org.eclipse.jetty.server.ProxyConnectionFactory)
Aggregations
HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)1
HttpConnectionFactory (org.eclipse.jetty.server.HttpConnectionFactory)1
ProxyConnectionFactory (org.eclipse.jetty.server.ProxyConnectionFactory)1
SecureRequestCustomizer (org.eclipse.jetty.server.SecureRequestCustomizer)1
ServerConnector (org.eclipse.jetty.server.ServerConnector)1
SslConnectionFactory (org.eclipse.jetty.server.SslConnectionFactory)1
KeyStoreScanner (org.eclipse.jetty.util.ssl.KeyStoreScanner)1
SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)1
