Example 86 with SslContextFactory
use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.
the class TestTransparentProxyServer method main.
public static void main(String[] args) throws Exception {
((StdErrLog) Log.getLog()).setSource(false);
String jetty_root = "../../..";
// Setup Threadpool
QueuedThreadPool threadPool = new QueuedThreadPool();
threadPool.setMaxThreads(100);
// Setup server
Server server = new Server(threadPool);
server.manage(threadPool);
// Setup JMX
MBeanContainer mbContainer = new MBeanContainer(ManagementFactory.getPlatformMBeanServer());
server.addBean(mbContainer);
server.addBean(Log.getLog());
// Common HTTP configuration
HttpConfiguration config = new HttpConfiguration();
config.setSecurePort(8443);
config.addCustomizer(new ForwardedRequestCustomizer());
config.setSendDateHeader(true);
config.setSendServerVersion(true);
// Http Connector
HttpConnectionFactory http = new HttpConnectionFactory(config);
ServerConnector httpConnector = new ServerConnector(server, http);
httpConnector.setPort(8080);
httpConnector.setIdleTimeout(30000);
server.addConnector(httpConnector);
// SSL configurations
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
sslContextFactory.setTrustStorePath(jetty_root + "/jetty-server/src/main/config/etc/keystore");
sslContextFactory.setTrustStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
sslContextFactory.setCipherComparator(new HTTP2Cipher.CipherComparator());
// HTTPS Configuration
HttpConfiguration https_config = new HttpConfiguration(config);
https_config.addCustomizer(new SecureRequestCustomizer());
// HTTP2 factory
HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(https_config);
ALPNServerConnectionFactory alpn = new ALPNServerConnectionFactory();
alpn.setDefaultProtocol(h2.getProtocol());
// SSL Factory
SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, alpn.getProtocol());
// HTTP2 Connector
ServerConnector http2Connector = new ServerConnector(server, ssl, alpn, h2, new HttpConnectionFactory(https_config));
http2Connector.setPort(8443);
http2Connector.setIdleTimeout(15000);
server.addConnector(http2Connector);
// Handlers
HandlerCollection handlers = new HandlerCollection();
ContextHandlerCollection contexts = new ContextHandlerCollection();
handlers.setHandlers(new Handler[] { contexts, new DefaultHandler() });
server.setHandler(handlers);
// Setup proxy webapp
WebAppContext webapp = new WebAppContext();
webapp.setResourceBase("src/main/webapp");
contexts.addHandler(webapp);
// start server
server.setStopAtShutdown(true);
server.start();
server.join();
}
Also used :
StdErrLog(org.eclipse.jetty.util.log.StdErrLog)
SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer)
Server(org.eclipse.jetty.server.Server)
HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory)
ALPNServerConnectionFactory(org.eclipse.jetty.alpn.server.ALPNServerConnectionFactory)
ContextHandlerCollection(org.eclipse.jetty.server.handler.ContextHandlerCollection)
HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration)
HTTP2ServerConnectionFactory(org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory)
SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory)
ForwardedRequestCustomizer(org.eclipse.jetty.server.ForwardedRequestCustomizer)
DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler)
ServerConnector(org.eclipse.jetty.server.ServerConnector)
WebAppContext(org.eclipse.jetty.webapp.WebAppContext)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
HTTP2Cipher(org.eclipse.jetty.http2.HTTP2Cipher)
QueuedThreadPool(org.eclipse.jetty.util.thread.QueuedThreadPool)
MBeanContainer(org.eclipse.jetty.jmx.MBeanContainer)
ContextHandlerCollection(org.eclipse.jetty.server.handler.ContextHandlerCollection)
HandlerCollection(org.eclipse.jetty.server.handler.HandlerCollection)
Example 87 with SslContextFactory
use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.
the class HttpClientTest method testRequestSentOnlyAfterConnectionOpen.
@Test
public void testRequestSentOnlyAfterConnectionOpen() throws Exception {
startServer(new AbstractHandler() {
@Override
public void handle(String target, org.eclipse.jetty.server.Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
baseRequest.setHandled(true);
}
});
final AtomicBoolean open = new AtomicBoolean();
client = new HttpClient(new HttpClientTransportOverHTTP() {
@Override
protected HttpConnectionOverHTTP newHttpConnection(EndPoint endPoint, HttpDestination destination, Promise<Connection> promise) {
return new HttpConnectionOverHTTP(endPoint, destination, promise) {
@Override
public void onOpen() {
open.set(true);
super.onOpen();
}
};
}
}, sslContextFactory);
client.start();
final CountDownLatch latch = new CountDownLatch(2);
client.newRequest("localhost", connector.getLocalPort()).scheme(scheme).onRequestBegin(request -> {
Assert.assertTrue(open.get());
latch.countDown();
}).send(result -> {
if (result.isSucceeded())
latch.countDown();
});
Assert.assertTrue(latch.await(5, TimeUnit.SECONDS));
}
Also used :
Arrays(java.util.Arrays)
EndPoint(org.eclipse.jetty.io.EndPoint)
TestingDir(org.eclipse.jetty.toolchain.test.TestingDir)
ServletException(javax.servlet.ServletException)
TimeoutException(java.util.concurrent.TimeoutException)
Random(java.util.Random)
Request(org.eclipse.jetty.client.api.Request)
ByteBuffer(java.nio.ByteBuffer)
Assert.assertThat(org.junit.Assert.assertThat)
ServerSocket(java.net.ServerSocket)
HttpCookie(java.net.HttpCookie)
ContentResponse(org.eclipse.jetty.client.api.ContentResponse)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
FutureResponseListener(org.eclipse.jetty.client.util.FutureResponseListener)
DeferredContentProvider(org.eclipse.jetty.client.util.DeferredContentProvider)
URI(java.net.URI)
Path(java.nio.file.Path)
Response(org.eclipse.jetty.client.api.Response)
Callback(org.eclipse.jetty.util.Callback)
SocketAddressResolver(org.eclipse.jetty.util.SocketAddressResolver)
BufferingResponseListener(org.eclipse.jetty.client.util.BufferingResponseListener)
Slow(org.eclipse.jetty.toolchain.test.annotation.Slow)
StandardOpenOption(java.nio.file.StandardOpenOption)
IO(org.eclipse.jetty.util.IO)
AbstractConnection(org.eclipse.jetty.io.AbstractConnection)
InetSocketAddress(java.net.InetSocketAddress)
StandardCharsets(java.nio.charset.StandardCharsets)
CountDownLatch(java.util.concurrent.CountDownLatch)
List(java.util.List)
FuturePromise(org.eclipse.jetty.util.FuturePromise)
StacklessLogging(org.eclipse.jetty.util.log.StacklessLogging)
HttpConnectionOverHTTP(org.eclipse.jetty.client.http.HttpConnectionOverHTTP)
BadMessageException(org.eclipse.jetty.http.BadMessageException)
Connection(org.eclipse.jetty.client.api.Connection)
Result(org.eclipse.jetty.client.api.Result)
Socket(java.net.Socket)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
HttpVersion(org.eclipse.jetty.http.HttpVersion)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
StringContentProvider(org.eclipse.jetty.client.util.StringContentProvider)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
BytesContentProvider(org.eclipse.jetty.client.util.BytesContentProvider)
ArrayList(java.util.ArrayList)
HttpClientTransportOverHTTP(org.eclipse.jetty.client.http.HttpClientTransportOverHTTP)
HttpHeader(org.eclipse.jetty.http.HttpHeader)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletOutputStream(javax.servlet.ServletOutputStream)
Assume(org.junit.Assume)
NoSuchElementException(java.util.NoSuchElementException)
OutputStream(java.io.OutputStream)
HttpHeaderValue(org.eclipse.jetty.http.HttpHeaderValue)
Iterator(java.util.Iterator)
Files(java.nio.file.Files)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Promise(org.eclipse.jetty.util.Promise)
Matchers(org.hamcrest.Matchers)
IOException(java.io.IOException)
Test(org.junit.Test)
UnknownHostException(java.net.UnknownHostException)
ExecutionException(java.util.concurrent.ExecutionException)
TimeUnit(java.util.concurrent.TimeUnit)
HttpDestinationOverHTTP(org.eclipse.jetty.client.http.HttpDestinationOverHTTP)
AtomicLong(java.util.concurrent.atomic.AtomicLong)
URLEncoder(java.net.URLEncoder)
HttpMethod(org.eclipse.jetty.http.HttpMethod)
Rule(org.junit.Rule)
Paths(java.nio.file.Paths)
HttpField(org.eclipse.jetty.http.HttpField)
ContentProvider(org.eclipse.jetty.client.api.ContentProvider)
Destination(org.eclipse.jetty.client.api.Destination)
Assert(org.junit.Assert)
Collections(java.util.Collections)
InputStream(java.io.InputStream)
Exchanger(java.util.concurrent.Exchanger)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
HttpClientTransportOverHTTP(org.eclipse.jetty.client.http.HttpClientTransportOverHTTP)
IOException(java.io.IOException)
EndPoint(org.eclipse.jetty.io.EndPoint)
CountDownLatch(java.util.concurrent.CountDownLatch)
AbstractHandler(org.eclipse.jetty.server.handler.AbstractHandler)
HttpConnectionOverHTTP(org.eclipse.jetty.client.http.HttpConnectionOverHTTP)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ServletException(javax.servlet.ServletException)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
FuturePromise(org.eclipse.jetty.util.FuturePromise)
Promise(org.eclipse.jetty.util.Promise)
Test(org.junit.Test)
Example 88 with SslContextFactory
use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.
the class HttpClientTLSTest method createSslContextFactory.
private SslContextFactory createSslContextFactory() {
SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setEndpointIdentificationAlgorithm("");
sslContextFactory.setKeyStorePath("src/test/resources/keystore.jks");
sslContextFactory.setKeyStorePassword("storepwd");
sslContextFactory.setTrustStorePath("src/test/resources/truststore.jks");
sslContextFactory.setTrustStorePassword("storepwd");
return sslContextFactory;
}
Also used :
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
Example 89 with SslContextFactory
use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.
the class HttpClientTLSTest method testMismatchBetweenTLSProtocolAndTLSCiphersOnClient.
@Test
public void testMismatchBetweenTLSProtocolAndTLSCiphersOnClient() throws Exception {
SslContextFactory serverTLSFactory = createSslContextFactory();
startServer(serverTLSFactory, new EmptyServerHandler());
CountDownLatch serverLatch = new CountDownLatch(1);
connector.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
serverLatch.countDown();
}
});
SslContextFactory clientTLSFactory = createSslContextFactory();
// TLS 1.1 protocol, but only TLS 1.2 ciphers.
clientTLSFactory.setIncludeProtocols("TLSv1.1");
clientTLSFactory.setIncludeCipherSuites("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
startClient(clientTLSFactory);
CountDownLatch clientLatch = new CountDownLatch(1);
client.addBean(new SslHandshakeListener() {
@Override
public void handshakeFailed(Event event, Throwable failure) {
clientLatch.countDown();
}
});
try {
client.newRequest("localhost", connector.getLocalPort()).scheme(HttpScheme.HTTPS.asString()).timeout(5, TimeUnit.SECONDS).send();
Assert.fail();
} catch (ExecutionException x) {
// Expected.
}
Assert.assertTrue(serverLatch.await(1, TimeUnit.SECONDS));
Assert.assertTrue(clientLatch.await(1, TimeUnit.SECONDS));
}
Also used :
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
SslHandshakeListener(org.eclipse.jetty.io.ssl.SslHandshakeListener)
CountDownLatch(java.util.concurrent.CountDownLatch)
ExecutionException(java.util.concurrent.ExecutionException)
Test(org.junit.Test)
Example 90 with SslContextFactory
use of org.eclipse.jetty.util.ssl.SslContextFactory in project jetty.project by eclipse.
the class HttpClientTest method testClientCannotValidateServerCertificate.
@Test(expected = ExecutionException.class)
public void testClientCannotValidateServerCertificate() throws Exception {
// Only run this test for transports over TLS.
Assume.assumeTrue(EnumSet.of(Transport.HTTPS, Transport.H2).contains(transport));
startServer(new EmptyServerHandler());
// Use a default SslContextFactory, requests should fail because the server certificate is unknown.
client = newHttpClient(provideClientTransport(transport), new SslContextFactory());
QueuedThreadPool clientThreads = new QueuedThreadPool();
clientThreads.setName("client");
client.setExecutor(clientThreads);
client.start();
client.newRequest(newURI()).timeout(5, TimeUnit.SECONDS).send();
}
Also used :
SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory)
QueuedThreadPool(org.eclipse.jetty.util.thread.QueuedThreadPool)
Test(org.junit.Test)
Aggregations
SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)139
ServerConnector (org.eclipse.jetty.server.ServerConnector)54
HttpConnectionFactory (org.eclipse.jetty.server.HttpConnectionFactory)44
Server (org.eclipse.jetty.server.Server)43
SslConnectionFactory (org.eclipse.jetty.server.SslConnectionFactory)43
Test (org.junit.Test)40
HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)37
SecureRequestCustomizer (org.eclipse.jetty.server.SecureRequestCustomizer)35
QueuedThreadPool (org.eclipse.jetty.util.thread.QueuedThreadPool)23
InputStream (java.io.InputStream)18
IOException (java.io.IOException)17
File (java.io.File)15
SSLContext (javax.net.ssl.SSLContext)15
ServletException (javax.servlet.ServletException)15
OutputStream (java.io.OutputStream)14
HttpServletRequest (javax.servlet.http.HttpServletRequest)13
HttpServletResponse (javax.servlet.http.HttpServletResponse)13
ServletContextHandler (org.eclipse.jetty.servlet.ServletContextHandler)13
AbstractHandler (org.eclipse.jetty.server.handler.AbstractHandler)11
InetSocketAddress (java.net.InetSocketAddress)10
