Examples with SslContextFactory org.eclipse.jetty.util.ssl.SslContextFactory used on opensource projects

Search in sources :

Example 51 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project gocd by gocd.

the class HttpTestUtil method httpsConnector.

public void httpsConnector(final int port) {
    HttpConfiguration httpsConfig = new HttpConfiguration();
    // 32 MB
    httpsConfig.setOutputBufferSize(RESPONSE_BUFFER_SIZE);
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(serverKeyStore.getAbsolutePath());
    sslContextFactory.setKeyStorePassword(STORE_PASSWORD);
    sslContextFactory.setKeyManagerPassword(STORE_PASSWORD);
    sslContextFactory.setWantClientAuth(true);
    ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig));
    // https.setHost(host);
    https.setPort(port);
    https.setIdleTimeout(MAX_IDLE_TIME);
    server.addConnector(https);
}
Also used : SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)

Example 52 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project gocd by gocd.

the class GoSslSocketConnectorTest method shouldSetupSslContextWithKeystoreAndTruststore.

@Test
public void shouldSetupSslContextWithKeystoreAndTruststore() {
    ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector();
    Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories();
    SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories);
    assertThat(sslContextFactory.getKeyStorePath(), is(keystore.getAbsolutePath()));
    assertThat(sslContextFactory.getTrustStore(), is(truststore.getAbsolutePath()));
    assertThat(sslContextFactory.getWantClientAuth(), is(true));
}
Also used : SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) Test(org.junit.Test)

Example 53 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project gocd by gocd.

the class GoSslSocketConnector method sslConnector.

private Connector sslConnector(Server server) {
    ensureX509Certificates();
    HttpConfiguration httpsConfig = new HttpConfiguration();
    httpsConfig.setOutputBufferSize(systemEnvironment.get(SystemEnvironment.RESPONSE_BUFFER_SIZE));
    httpsConfig.addCustomizer(new SecureRequestCustomizer());
    httpsConfig.setSendServerVersion(false);
    httpsConfig.addCustomizer(new ForwardedRequestCustomizer());
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(keystore.getPath());
    sslContextFactory.setKeyStorePassword(password);
    sslContextFactory.setKeyManagerPassword(password);
    sslContextFactory.setTrustStorePath(truststore.getPath());
    sslContextFactory.setTrustStorePassword(password);
    sslContextFactory.setWantClientAuth(true);
    if (!ArrayUtil.isEmpty(goSSLConfig.getCipherSuitesToBeIncluded()))
        sslContextFactory.setIncludeCipherSuites(goSSLConfig.getCipherSuitesToBeIncluded());
    if (!ArrayUtil.isEmpty(goSSLConfig.getCipherSuitesToBeExcluded()))
        sslContextFactory.setExcludeCipherSuites(goSSLConfig.getCipherSuitesToBeExcluded());
    if (!ArrayUtil.isEmpty(goSSLConfig.getProtocolsToBeExcluded()))
        sslContextFactory.setExcludeProtocols(goSSLConfig.getProtocolsToBeExcluded());
    if (!ArrayUtil.isEmpty(goSSLConfig.getProtocolsToBeIncluded()))
        sslContextFactory.setIncludeProtocols(goSSLConfig.getProtocolsToBeIncluded());
    sslContextFactory.setRenegotiationAllowed(goSSLConfig.isRenegotiationAllowed());
    LOGGER.info("Included ciphers: {}", ArrayUtil.join(goSSLConfig.getCipherSuitesToBeIncluded()));
    LOGGER.info("Excluded ciphers: {}", ArrayUtil.join(goSSLConfig.getCipherSuitesToBeExcluded()));
    LOGGER.info("Included protocols: {}", ArrayUtil.join(goSSLConfig.getProtocolsToBeIncluded()));
    LOGGER.info("Excluded protocols: {}", ArrayUtil.join(goSSLConfig.getProtocolsToBeExcluded()));
    LOGGER.info("Renegotiation Allowed: {}", goSSLConfig.isRenegotiationAllowed());
    ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig));
    https.setHost(systemEnvironment.getListenHost());
    https.setPort(systemEnvironment.getSslServerPort());
    https.setIdleTimeout(systemEnvironment.get(SystemEnvironment.IDLE_TIMEOUT));
    return https;
}
Also used : SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)

Example 54 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project opennms by OpenNMS.

the class JUnitServer method initializeServerWithConfig.

protected void initializeServerWithConfig(final JUnitHttpServer config) {
    Server server = null;
    if (config.https()) {
        server = new Server();
        // SSL context configuration
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStorePath(config.keystore());
        sslContextFactory.setKeyStorePassword(config.keystorePassword());
        sslContextFactory.setKeyManagerPassword(config.keyPassword());
        sslContextFactory.setTrustStorePath(config.keystore());
        sslContextFactory.setTrustStorePassword(config.keystorePassword());
        // HTTP Configuration
        HttpConfiguration http_config = new HttpConfiguration();
        http_config.setSecureScheme("https");
        http_config.setSecurePort(config.port());
        http_config.setOutputBufferSize(32768);
        http_config.setRequestHeaderSize(8192);
        http_config.setResponseHeaderSize(8192);
        http_config.setSendServerVersion(true);
        http_config.setSendDateHeader(false);
        // SSL HTTP Configuration
        HttpConfiguration https_config = new HttpConfiguration(http_config);
        https_config.addCustomizer(new SecureRequestCustomizer());
        // SSL Connector
        ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config));
        sslConnector.setPort(config.port());
        server.addConnector(sslConnector);
    } else {
        server = new Server(config.port());
    }
    m_server = server;
    final ContextHandler context1 = new ContextHandler();
    context1.setContextPath("/");
    context1.setWelcomeFiles(new String[] { "index.html" });
    context1.setResourceBase(config.resource());
    context1.setClassLoader(Thread.currentThread().getContextClassLoader());
    context1.setVirtualHosts(config.vhosts());
    final ContextHandler context = context1;
    Handler topLevelHandler = null;
    final HandlerList handlers = new HandlerList();
    if (config.basicAuth()) {
        // check for basic auth if we're configured to do so
        LOG.debug("configuring basic auth");
        final HashLoginService loginService = new HashLoginService("MyRealm", config.basicAuthFile());
        loginService.setHotReload(true);
        m_server.addBean(loginService);
        final ConstraintSecurityHandler security = new ConstraintSecurityHandler();
        final Set<String> knownRoles = new HashSet<String>();
        knownRoles.add("user");
        knownRoles.add("admin");
        knownRoles.add("moderator");
        final Constraint constraint = new Constraint();
        constraint.setName("auth");
        constraint.setAuthenticate(true);
        constraint.setRoles(knownRoles.toArray(new String[0]));
        final ConstraintMapping mapping = new ConstraintMapping();
        mapping.setPathSpec("/*");
        mapping.setConstraint(constraint);
        security.setConstraintMappings(Collections.singletonList(mapping), knownRoles);
        security.setAuthenticator(new BasicAuthenticator());
        security.setLoginService(loginService);
        security.setRealmName("MyRealm");
        security.setHandler(context);
        topLevelHandler = security;
    } else {
        topLevelHandler = context;
    }
    final Webapp[] webapps = config.webapps();
    if (webapps != null) {
        for (final Webapp webapp : webapps) {
            final WebAppContext wac = new WebAppContext();
            String path = null;
            if (!"".equals(webapp.pathSystemProperty()) && System.getProperty(webapp.pathSystemProperty()) != null) {
                path = System.getProperty(webapp.pathSystemProperty());
            } else {
                path = webapp.path();
            }
            if (path == null || "".equals(path)) {
                throw new IllegalArgumentException("path or pathSystemProperty of @Webapp points to a null or blank value");
            }
            wac.setWar(path);
            wac.setContextPath(webapp.context());
            handlers.addHandler(wac);
        }
    }
    final ResourceHandler rh = new ResourceHandler();
    rh.setWelcomeFiles(new String[] { "index.html" });
    rh.setResourceBase(config.resource());
    handlers.addHandler(rh);
    // fall through to default
    handlers.addHandler(new DefaultHandler());
    context.setHandler(handlers);
    m_server.setHandler(topLevelHandler);
}
Also used : HandlerList(org.eclipse.jetty.server.handler.HandlerList) ConstraintMapping(org.eclipse.jetty.security.ConstraintMapping) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) JUnitHttpServer(org.opennms.core.test.http.annotations.JUnitHttpServer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) Constraint(org.eclipse.jetty.util.security.Constraint) Handler(org.eclipse.jetty.server.Handler) ResourceHandler(org.eclipse.jetty.server.handler.ResourceHandler) DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler) ContextHandler(org.eclipse.jetty.server.handler.ContextHandler) ResourceHandler(org.eclipse.jetty.server.handler.ResourceHandler) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler) ServerConnector(org.eclipse.jetty.server.ServerConnector) ContextHandler(org.eclipse.jetty.server.handler.ContextHandler) WebAppContext(org.eclipse.jetty.webapp.WebAppContext) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) HashLoginService(org.eclipse.jetty.security.HashLoginService) BasicAuthenticator(org.eclipse.jetty.security.authentication.BasicAuthenticator) ConstraintSecurityHandler(org.eclipse.jetty.security.ConstraintSecurityHandler) HashSet(java.util.HashSet) Webapp(org.opennms.core.test.http.annotations.Webapp)

Example 55 with SslContextFactory

use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.

the class SniSslConnectionFactoryTest method getResponse.

private String getResponse(String sniHost, String reqHost, String cn) throws Exception {
    SslContextFactory clientContextFactory = new SslContextFactory(true);
    clientContextFactory.start();
    SSLSocketFactory factory = clientContextFactory.getSslContext().getSocketFactory();
    try (SSLSocket sslSocket = (SSLSocket) factory.createSocket("127.0.0.1", _port)) {
        if (cn != null) {
            SNIHostName serverName = new SNIHostName(sniHost);
            List<SNIServerName> serverNames = new ArrayList<>();
            serverNames.add(serverName);
            SSLParameters params = sslSocket.getSSLParameters();
            params.setServerNames(serverNames);
            sslSocket.setSSLParameters(params);
        }
        sslSocket.startHandshake();
        if (cn != null) {
            X509Certificate cert = ((X509Certificate) sslSocket.getSession().getPeerCertificates()[0]);
            Assert.assertThat(cert.getSubjectX500Principal().getName("CANONICAL"), Matchers.startsWith("cn=" + cn));
        }
        String response = "GET /ctx/path HTTP/1.0\r\nHost: " + reqHost + ":" + _port + "\r\n\r\n";
        sslSocket.getOutputStream().write(response.getBytes(StandardCharsets.ISO_8859_1));
        return IO.toString(sslSocket.getInputStream());
    } finally {
        clientContextFactory.stop();
    }
}
Also used : SNIServerName(javax.net.ssl.SNIServerName) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SSLParameters(javax.net.ssl.SSLParameters) SNIHostName(javax.net.ssl.SNIHostName) SSLSocket(javax.net.ssl.SSLSocket) ArrayList(java.util.ArrayList) Matchers.containsString(org.hamcrest.Matchers.containsString) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) X509Certificate(java.security.cert.X509Certificate)

Aggregations

SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)139 ServerConnector (org.eclipse.jetty.server.ServerConnector)54 HttpConnectionFactory (org.eclipse.jetty.server.HttpConnectionFactory)44 Server (org.eclipse.jetty.server.Server)43 SslConnectionFactory (org.eclipse.jetty.server.SslConnectionFactory)43 Test (org.junit.Test)40 HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)37 SecureRequestCustomizer (org.eclipse.jetty.server.SecureRequestCustomizer)35 QueuedThreadPool (org.eclipse.jetty.util.thread.QueuedThreadPool)23 InputStream (java.io.InputStream)18 IOException (java.io.IOException)17 File (java.io.File)15 SSLContext (javax.net.ssl.SSLContext)15 ServletException (javax.servlet.ServletException)15 OutputStream (java.io.OutputStream)14 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 HttpServletResponse (javax.servlet.http.HttpServletResponse)13 ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)13 AbstractHandler (org.eclipse.jetty.server.handler.AbstractHandler)11 InetSocketAddress (java.net.InetSocketAddress)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial