Examples with EncryptionArtifactFactory org.jivesoftware.openfire.spi.EncryptionArtifactFactory used on opensource projects

Search in sources :

Example 1 with EncryptionArtifactFactory

use of org.jivesoftware.openfire.spi.EncryptionArtifactFactory in project Openfire by igniterealtime.

the class AdminConsolePlugin method startup.

/**
     * Starts the Jetty instance.
     */
public void startup() {
    restartNeeded = false;
    // Add listener for certificate events
    certificateListener = new CertificateListener();
    CertificateManager.addListener(certificateListener);
    // the number of threads allocated to each connector/port
    int serverThreads = JiveGlobals.getXMLProperty("adminConsole.serverThreads", 2);
    adminPort = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
    adminSecurePort = JiveGlobals.getXMLProperty("adminConsole.securePort", 9091);
    final QueuedThreadPool tp = new QueuedThreadPool();
    tp.setName("Jetty-QTP-AdminConsole");
    adminServer = new Server(tp);
    if (JMXManager.isEnabled()) {
        JMXManager jmx = JMXManager.getInstance();
        adminServer.addBean(jmx.getContainer());
    }
    // Create connector for http traffic if it's enabled.
    if (adminPort > 0) {
        final HttpConfiguration httpConfig = new HttpConfiguration();
        // Do not send Jetty info in HTTP headers
        httpConfig.setSendServerVersion(false);
        final ServerConnector httpConnector = new ServerConnector(adminServer, null, null, null, -1, serverThreads, new HttpConnectionFactory(httpConfig));
        // Listen on a specific network interface if it has been set.
        String bindInterface = getBindInterface();
        httpConnector.setHost(bindInterface);
        httpConnector.setPort(adminPort);
        adminServer.addConnector(httpConnector);
    }
    // Create a connector for https traffic if it's enabled.
    sslEnabled = false;
    try {
        IdentityStore identityStore = null;
        if (XMPPServer.getInstance().getCertificateStoreManager() == null) {
            Log.warn("Admin console: CertifcateStoreManager has not been initialized yet. HTTPS will be unavailable.");
        } else {
            identityStore = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore(ConnectionType.WEBADMIN);
        }
        if (identityStore != null && adminSecurePort > 0) {
            if (identityStore.getAllCertificates().isEmpty()) {
                Log.warn("Admin console: Identity store does not have any certificates. HTTPS will be unavailable.");
            } else {
                if (!identityStore.containsDomainCertificate("RSA")) {
                    Log.warn("Admin console: Using RSA certificates but they are not valid for the hosted domain");
                }
                final ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager());
                final ConnectionConfiguration configuration = connectionManager.getListener(ConnectionType.WEBADMIN, true).generateConnectionConfiguration();
                final SslContextFactory sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory();
                final ServerConnector httpsConnector;
                if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", ""))) {
                    httpsConnector = new HTTPSPDYServerConnector(adminServer, sslContextFactory);
                } else {
                    final HttpConfiguration httpsConfig = new HttpConfiguration();
                    httpsConfig.setSendServerVersion(false);
                    httpsConfig.setSecureScheme("https");
                    httpsConfig.setSecurePort(adminSecurePort);
                    httpsConfig.addCustomizer(new SecureRequestCustomizer());
                    final HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpsConfig);
                    final SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, org.eclipse.jetty.http.HttpVersion.HTTP_1_1.toString());
                    httpsConnector = new ServerConnector(adminServer, null, null, null, -1, serverThreads, sslConnectionFactory, httpConnectionFactory);
                }
                final String bindInterface = getBindInterface();
                httpsConnector.setHost(bindInterface);
                httpsConnector.setPort(adminSecurePort);
                adminServer.addConnector(httpsConnector);
                sslEnabled = true;
            }
        }
    } catch (Exception e) {
        Log.error("An exception occurred while trying to make available the admin console via HTTPS.", e);
    }
    // Make sure that at least one connector was registered.
    if (adminServer.getConnectors() == null || adminServer.getConnectors().length == 0) {
        adminServer = null;
        // Log warning.
        log(LocaleUtils.getLocalizedString("admin.console.warning"));
        return;
    }
    HandlerCollection collection = new HandlerCollection();
    adminServer.setHandler(collection);
    collection.setHandlers(new Handler[] { contexts, new DefaultHandler() });
    try {
        adminServer.start();
        // Log the ports that the admin server is listening on.
        logAdminConsolePorts();
    } catch (Exception e) {
        Log.error("Could not start admin console server", e);
    }
}
Also used : JMXManager(org.jivesoftware.openfire.JMXManager) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) XMPPServer(org.jivesoftware.openfire.XMPPServer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) ConnectionManagerImpl(org.jivesoftware.openfire.spi.ConnectionManagerImpl) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) HTTPSPDYServerConnector(org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) DefaultHandler(org.eclipse.jetty.server.handler.DefaultHandler) HTTPSPDYServerConnector(org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector) ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) ConnectionConfiguration(org.jivesoftware.openfire.spi.ConnectionConfiguration) QueuedThreadPool(org.eclipse.jetty.util.thread.QueuedThreadPool) EncryptionArtifactFactory(org.jivesoftware.openfire.spi.EncryptionArtifactFactory) ContextHandlerCollection(org.eclipse.jetty.server.handler.ContextHandlerCollection) HandlerCollection(org.eclipse.jetty.server.handler.HandlerCollection) IdentityStore(org.jivesoftware.openfire.keystore.IdentityStore)

Example 2 with EncryptionArtifactFactory

use of org.jivesoftware.openfire.spi.EncryptionArtifactFactory in project Openfire by igniterealtime.

the class HttpBindManager method createSSLConnector.

private void createSSLConnector(int securePort) {
    httpsConnector = null;
    try {
        final IdentityStore identityStore = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore(ConnectionType.BOSH_C2S);
        if (securePort > 0 && identityStore.getStore().aliases().hasMoreElements()) {
            if (!identityStore.containsDomainCertificate("RSA")) {
                Log.warn("HTTP binding: Using RSA certificates but they are not valid for " + "the hosted domain");
            }
            final ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager());
            final ConnectionConfiguration configuration = connectionManager.getListener(ConnectionType.BOSH_C2S, true).generateConnectionConfiguration();
            final SslContextFactory sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory();
            final HttpConfiguration httpsConfig = new HttpConfiguration();
            httpsConfig.setSecureScheme("https");
            httpsConfig.setSecurePort(securePort);
            configureProxiedConnector(httpsConfig);
            httpsConfig.addCustomizer(new SecureRequestCustomizer());
            final ServerConnector sslConnector;
            if ("npn".equals(JiveGlobals.getXMLProperty("spdy.protocol", ""))) {
                sslConnector = new HTTPSPDYServerConnector(httpBindServer, sslContextFactory);
            } else {
                sslConnector = new ServerConnector(httpBindServer, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig));
            }
            sslConnector.setHost(getBindInterface());
            sslConnector.setPort(securePort);
            httpsConnector = sslConnector;
        }
    } catch (Exception e) {
        Log.error("Error creating SSL connector for Http bind", e);
    }
}
Also used : HTTPSPDYServerConnector(org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector) ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) ConnectionManagerImpl(org.jivesoftware.openfire.spi.ConnectionManagerImpl) ConnectionConfiguration(org.jivesoftware.openfire.spi.ConnectionConfiguration) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) EncryptionArtifactFactory(org.jivesoftware.openfire.spi.EncryptionArtifactFactory) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) HTTPSPDYServerConnector(org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory) IdentityStore(org.jivesoftware.openfire.keystore.IdentityStore) ServletException(javax.servlet.ServletException)

Example 3 with EncryptionArtifactFactory

use of org.jivesoftware.openfire.spi.EncryptionArtifactFactory in project Openfire by igniterealtime.

the class NIOConnection method startTLS.

public void startTLS(boolean clientMode) throws Exception {
    final EncryptionArtifactFactory factory = new EncryptionArtifactFactory(configuration);
    final SslFilter filter;
    if (clientMode) {
        filter = factory.createClientModeSslFilter();
    } else {
        filter = factory.createServerModeSslFilter();
    }
    ioSession.getFilterChain().addBefore(EXECUTOR_FILTER_NAME, TLS_FILTER_NAME, filter);
    ioSession.setAttribute(SslFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
    if (!clientMode) {
        // Indicate the client that the server is ready to negotiate TLS
        deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
    }
}
Also used : SslFilter(org.apache.mina.filter.ssl.SslFilter) EncryptionArtifactFactory(org.jivesoftware.openfire.spi.EncryptionArtifactFactory)

Aggregations

EncryptionArtifactFactory (org.jivesoftware.openfire.spi.EncryptionArtifactFactory)3 HttpConfiguration (org.eclipse.jetty.server.HttpConfiguration)2 HttpConnectionFactory (org.eclipse.jetty.server.HttpConnectionFactory)2 SecureRequestCustomizer (org.eclipse.jetty.server.SecureRequestCustomizer)2 ServerConnector (org.eclipse.jetty.server.ServerConnector)2 SslConnectionFactory (org.eclipse.jetty.server.SslConnectionFactory)2 HTTPSPDYServerConnector (org.eclipse.jetty.spdy.server.http.HTTPSPDYServerConnector)2 SslContextFactory (org.eclipse.jetty.util.ssl.SslContextFactory)2 IdentityStore (org.jivesoftware.openfire.keystore.IdentityStore)2 ConnectionConfiguration (org.jivesoftware.openfire.spi.ConnectionConfiguration)2 ConnectionManagerImpl (org.jivesoftware.openfire.spi.ConnectionManagerImpl)2 ServletException (javax.servlet.ServletException)1 SslFilter (org.apache.mina.filter.ssl.SslFilter)1 Server (org.eclipse.jetty.server.Server)1 ContextHandlerCollection (org.eclipse.jetty.server.handler.ContextHandlerCollection)1 DefaultHandler (org.eclipse.jetty.server.handler.DefaultHandler)1 HandlerCollection (org.eclipse.jetty.server.handler.HandlerCollection)1 QueuedThreadPool (org.eclipse.jetty.util.thread.QueuedThreadPool)1 JMXManager (org.jivesoftware.openfire.JMXManager)1 XMPPServer (org.jivesoftware.openfire.XMPPServer)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial