org.eclipse.jetty.server.SslConnectionFactory Java Examples
The following examples show how to use
org.eclipse.jetty.server.SslConnectionFactory.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: JettySeverTools.java From o2oa with GNU Affero General Public License v3.0 | 6 votes |
protected static void addHttpsConnector(Server server, Integer port) throws Exception { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(Config.sslKeyStore().getAbsolutePath()); sslContextFactory.setKeyStorePassword(Config.token().getSslKeyStorePassword()); sslContextFactory.setKeyManagerPassword(Config.token().getSslKeyManagerPassword()); sslContextFactory.setTrustAll(true); HttpConfiguration config = new HttpConfiguration(); config.setSecureScheme("https"); config.setOutputBufferSize(32768); config.setRequestHeaderSize(8192 * 2); config.setResponseHeaderSize(8192 * 2); config.setSendServerVersion(true); config.setSendDateHeader(false); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(config)); sslConnector.setPort(port); server.addConnector(sslConnector); }
Example #2
Source File: ErrorCases.java From scheduling with GNU Affero General Public License v3.0 | 6 votes |
@BeforeClass public static void startHttpsServer() throws Exception { skipIfHeadlessEnvironment(); server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(ErrorCases.class.getResource("keystore").getPath()); sslContextFactory.setKeyStorePassword("activeeon"); HttpConfiguration httpConfig = new HttpConfiguration(); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new ConnectionFactory[] { new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig) }); server.addConnector(sslConnector); server.start(); serverUrl = "https://localhost:" + sslConnector.getLocalPort() + "/rest"; }
Example #3
Source File: JettyStarterTest.java From scheduling with GNU Affero General Public License v3.0 | 6 votes |
@Test public void testCreateHttpServerUsingHttpsAndRedirection() { createHttpsContextProperties(); server = jettyStarter.createHttpServer(8080, 8443, true, true); Connector[] connectors = server.getConnectors(); assertThat(connectors).hasLength(2); assertThat(connectors[0].getName()).isEqualTo(JettyStarter.HTTP_CONNECTOR_NAME); assertThat(connectors[0].getConnectionFactory(HttpConnectionFactory.class)).isNotNull(); assertThat(connectors[1].getName()).isEqualTo(JettyStarter.HTTPS_CONNECTOR_NAME.toLowerCase()); assertThat(connectors[1].getConnectionFactory(HttpConnectionFactory.class)).isNotNull(); assertThat(connectors[1].getConnectionFactory(SslConnectionFactory.class)).isNotNull(); unsetHttpsContextProperties(); }
Example #4
Source File: App.java From mysql_perf_analyzer with Apache License 2.0 | 6 votes |
/** * Create ssl connector if https is used * @return */ private ServerConnector sslConnector() { HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(this.getPort()); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(this.getCertKeyStorePath()); sslContextFactory.setKeyStorePassword(this.getCertKeyStorePassword()); //exclude weak ciphers sslContextFactory.setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$"); //only support tlsv1.2 sslContextFactory.addExcludeProtocols("SSL", "SSLv2", "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1"); ServerConnector connector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config)); connector.setPort(this.getPort()); connector.setIdleTimeout(50000); return connector; }
Example #5
Source File: PrometheusServer.java From nifi with Apache License 2.0 | 6 votes |
public PrometheusServer(int addr, SSLContextService sslContextService, ComponentLog logger, boolean needClientAuth, boolean wantClientAuth) throws Exception { PrometheusServer.logger = logger; this.server = new Server(); this.handler = new ServletContextHandler(server, "/metrics"); this.handler.addServlet(new ServletHolder(new MetricsServlet()), "/"); SslContextFactory sslFactory = createSslFactory(sslContextService, needClientAuth, wantClientAuth); HttpConfiguration httpsConfiguration = new HttpConfiguration(); httpsConfiguration.setSecureScheme("https"); httpsConfiguration.setSecurePort(addr); httpsConfiguration.addCustomizer(new SecureRequestCustomizer()); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslFactory, "http/1.1"), new HttpConnectionFactory(httpsConfiguration)); https.setPort(addr); this.server.setConnectors(new Connector[]{https}); this.server.start(); }
Example #6
Source File: TestWebServicesFetcher.java From datacollector with Apache License 2.0 | 6 votes |
protected Server createServer(int port, boolean serverSsl, boolean clientSsl) { Server server = new Server(); if (!serverSsl) { InetSocketAddress addr = new InetSocketAddress("localhost", port); ServerConnector connector = new ServerConnector(server); connector.setHost(addr.getHostName()); connector.setPort(addr.getPort()); server.setConnectors(new Connector[]{connector}); } else { SslContextFactory sslContextFactory = createSslContextFactory(clientSsl); ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory() ); httpsConnector.setPort(port); httpsConnector.setHost("localhost"); server.setConnectors(new Connector[]{httpsConnector}); } return server; }
Example #7
Source File: EventServer.java From Cognizant-Intelligent-Test-Scripter with Apache License 2.0 | 6 votes |
private SslConnectionFactory getSSLConnectionFactory() { Resource keyStoreResource = null; try { keyStoreResource = Resource.newClassPathResource("localhost"); System.out.println(keyStoreResource); } catch (Exception ex) { Logger.getLogger(EventServer.class.getName()).log(Level.SEVERE, null, ex); } SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStoreResource(keyStoreResource); String secret = readresource(); sslContextFactory.setKeyStorePassword(Encrypt.getInstance().decrypt(secret)); sslContextFactory.setKeyManagerPassword(Encrypt.getInstance().decrypt(secret)); return new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()); }
Example #8
Source File: TlsCertificateAuthorityService.java From nifi with Apache License 2.0 | 6 votes |
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception { Server server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setIncludeProtocols(CertificateUtils.getHighestCurrentSupportedTlsProtocolVersion()); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyManagerPassword(keyPassword); // Need to set SslContextFactory's endpointIdentificationAlgorithm to null; this is a server, // not a client. Server does not need to perform hostname verification on the client. // Previous to Jetty 9.4.15.v20190215, this defaulted to null, and now defaults to "HTTPS". sslContextFactory.setEndpointIdentificationAlgorithm(null); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(port); server.addConnector(sslConnector); server.setHandler(handler); return server; }
Example #9
Source File: JettyWebServer.java From Doradus with Apache License 2.0 | 6 votes |
private ServerConnector createSSLConnector() { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(m_keystore); sslContextFactory.setKeyStorePassword(m_keystorepassword); sslContextFactory.setTrustStorePath(m_truststore); sslContextFactory.setTrustStorePassword(m_truststorepassword); sslContextFactory.setNeedClientAuth(m_clientauthentication); sslContextFactory.setIncludeCipherSuites(m_tls_cipher_suites); HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); SslConnectionFactory sslConnFactory = new SslConnectionFactory(sslContextFactory, "http/1.1"); HttpConnectionFactory httpConnFactory = new HttpConnectionFactory(https_config); ServerConnector sslConnector = new ServerConnector(m_jettyServer, sslConnFactory, httpConnFactory); return sslConnector; }
Example #10
Source File: ServerDaemon.java From cloudstack with Apache License 2.0 | 6 votes |
private void createHttpsConnector(final HttpConfiguration httpConfig) { // Configure SSL if (httpsEnable && !Strings.isNullOrEmpty(keystoreFile) && new File(keystoreFile).exists()) { // SSL Context final SslContextFactory sslContextFactory = new SslContextFactory(); // Define keystore path and passwords sslContextFactory.setKeyStorePath(keystoreFile); sslContextFactory.setKeyStorePassword(keystorePassword); sslContextFactory.setKeyManagerPassword(keystorePassword); // HTTPS config final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // HTTPS Connector final ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(httpsPort); sslConnector.setHost(bindInterface); server.addConnector(sslConnector); } }
Example #11
Source File: TlsCertificateAuthorityService.java From localization_nifi with Apache License 2.0 | 6 votes |
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception { Server server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setIncludeProtocols("TLSv1.2"); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyManagerPassword(keyPassword); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(port); server.addConnector(sslConnector); server.setHandler(handler); return server; }
Example #12
Source File: HelixRestServer.java From helix with Apache License 2.0 | 6 votes |
public void setupSslServer(int port, SslContextFactory sslContextFactory) { if (_server != null && port > 0) { try { HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector( _server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https)); sslConnector.setPort(port); _server.addConnector(sslConnector); LOG.info("Helix SSL rest server is ready to start."); } catch (Exception ex) { LOG.error("Failed to setup Helix SSL rest server, " + ex); } } }
Example #13
Source File: JettyWebSocketServer.java From sequenceiq-samples with Apache License 2.0 | 6 votes |
@Override public void startSSL(String keyStoreLocation, String keyStorePassword) throws Exception { Server server = new Server(); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keyStoreLocation); sslContextFactory.setKeyStorePassword(keyStorePassword); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); https.setHost(host); https.setPort(port); server.setConnectors(new Connector[]{https}); configureContextHandler(server); startServer(server); }
Example #14
Source File: WebServer.java From hop with Apache License 2.0 | 6 votes |
private ServerConnector getConnector() { if ( sslConfig != null ) { log.logBasic( BaseMessages.getString( PKG, "WebServer.Log.SslModeUsing" ) ); SslConnectionFactory connector = new SslConnectionFactory(); SslContextFactory contextFactory = new SslContextFactory(); contextFactory.setKeyStoreResource( new PathResource( new File( sslConfig.getKeyStore() ) ) ); contextFactory.setKeyStorePassword( sslConfig.getKeyStorePassword() ); contextFactory.setKeyManagerPassword( sslConfig.getKeyPassword() ); contextFactory.setKeyStoreType( sslConfig.getKeyStoreType() ); return new ServerConnector( server, connector ); } else { return new ServerConnector( server ); } }
Example #15
Source File: EventServer.java From Cognizant-Intelligent-Test-Scripter with Apache License 2.0 | 5 votes |
private ServerConnector getServerConnector() { SslConnectionFactory sslConnectionFactory = getSSLConnectionFactory(); HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(new HttpConfiguration()); ServerConnector connector = new ServerConnector(server, sslConnectionFactory, httpConnectionFactory); connector.setPort(port); return connector; }
Example #16
Source File: JettyAppServer.java From keycloak with Apache License 2.0 | 5 votes |
private void setupSSL() { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setSslContext(TLSUtils.initializeTLS()); ServerConnector connector = new ServerConnector(server); connector.setPort(configuration.getBindHttpPort()); HttpConfiguration https = new HttpConfiguration(); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); sslConnector.setPort(configuration.getBindHttpsPort()); server.setConnectors(new Connector[] { connector, sslConnector }); }
Example #17
Source File: JettyServer.java From localization_nifi with Apache License 2.0 | 5 votes |
private ServerConnector createUnconfiguredSslServerConnector(Server server, HttpConfiguration httpConfiguration) { // add some secure config final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); httpsConfiguration.setSecureScheme("https"); httpsConfiguration.setSecurePort(props.getSslPort()); httpsConfiguration.addCustomizer(new SecureRequestCustomizer()); // build the connector return new ServerConnector(server, new SslConnectionFactory(createSslContextFactory(), "http/1.1"), new HttpConnectionFactory(httpsConfiguration)); }
Example #18
Source File: ConsoleProxyNoVNCServer.java From cloudstack with Apache License 2.0 | 5 votes |
public ConsoleProxyNoVNCServer(byte[] ksBits, String ksPassword) { this.server = new Server(); ConsoleProxyNoVNCHandler handler = new ConsoleProxyNoVNCHandler(); this.server.setHandler(handler); try { final HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(wsPort); final HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); final SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); char[] passphrase = ksPassword != null ? ksPassword.toCharArray() : null; KeyStore ks = KeyStore.getInstance("JKS"); ks.load(new ByteArrayInputStream(ksBits), passphrase); sslContextFactory.setKeyStore(ks); sslContextFactory.setKeyStorePassword(ksPassword); sslContextFactory.setKeyManagerPassword(ksPassword); final ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(wsPort); server.addConnector(sslConnector); } catch (Exception e) { s_logger.error("Unable to secure server due to exception ", e); } }
Example #19
Source File: JettyAppServer.java From selenium with Apache License 2.0 | 5 votes |
@Override public void start() { HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(securePort); ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(httpConfig)); http.setPort(port); http.setIdleTimeout(500000); Path keystore = getKeyStore(); if (!Files.exists(keystore)) { throw new RuntimeException( "Cannot find keystore for SSL cert: " + keystore.toAbsolutePath()); } SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystore.toAbsolutePath().toString()); sslContextFactory.setKeyStorePassword("password"); sslContextFactory.setKeyManagerPassword("password"); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector https = new ServerConnector( server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setPort(securePort); https.setIdleTimeout(500000); server.setConnectors(new Connector[]{http, https}); try { server.start(); } catch (Exception e) { throw new RuntimeException(e); } }
Example #20
Source File: JettyServer.java From nifi with Apache License 2.0 | 5 votes |
private ServerConnector createUnconfiguredSslServerConnector(Server server, HttpConfiguration httpConfiguration, int port) { // add some secure config final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); httpsConfiguration.setSecureScheme("https"); httpsConfiguration.setSecurePort(port); httpsConfiguration.setSendServerVersion(props.shouldSendServerVersion()); httpsConfiguration.addCustomizer(new SecureRequestCustomizer()); // build the connector return new ServerConnector(server, new SslConnectionFactory(createSslContextFactory(), "http/1.1"), new HttpConnectionFactory(httpsConfiguration)); }
Example #21
Source File: TLSJettyConnectionFactory.java From heroic with Apache License 2.0 | 5 votes |
@Override public ConnectionFactory setup(final HttpConfiguration config) { final SslContextFactory context = new SslContextFactory(); keyStorePath.ifPresent(context::setKeyStorePath); keyStorePassword.ifPresent(context::setKeyStorePassword); keyManagerPassword.ifPresent(context::setKeyManagerPassword); trustAll.ifPresent(context::setTrustAll); return new SslConnectionFactory(context, nextProtocol); }
Example #22
Source File: JettyHttpServer.java From vespa with Apache License 2.0 | 5 votes |
private void logEffectiveSslConfiguration() { if (!server.isStarted()) throw new IllegalStateException(); for (Connector connector : server.getConnectors()) { ServerConnector serverConnector = (ServerConnector) connector; int localPort = serverConnector.getLocalPort(); var sslConnectionFactory = serverConnector.getConnectionFactory(SslConnectionFactory.class); if (sslConnectionFactory != null) { var sslContextFactory = sslConnectionFactory.getSslContextFactory(); log.info(String.format("Enabled SSL cipher suites for port '%d': %s", localPort, Arrays.toString(sslContextFactory.getSelectedCipherSuites()))); log.info(String.format("Enabled SSL protocols for port '%d': %s", localPort, Arrays.toString(sslContextFactory.getSelectedProtocols()))); } } }
Example #23
Source File: JettyStarterTest.java From scheduling with GNU Affero General Public License v3.0 | 5 votes |
@Test public void testCreateHttpServerUsingHttps() { createHttpsContextProperties(); server = jettyStarter.createHttpServer(8080, 8443, true, false); Connector[] connectors = server.getConnectors(); assertThat(connectors).hasLength(1); assertThat(connectors[0].getName()).isEqualTo(JettyStarter.HTTPS_CONNECTOR_NAME); assertThat(connectors[0].getConnectionFactory(HttpConnectionFactory.class)).isNotNull(); assertThat(connectors[0].getConnectionFactory(SslConnectionFactory.class)).isNotNull(); unsetHttpsContextProperties(); }
Example #24
Source File: HttpServer2.java From hadoop-ozone with Apache License 2.0 | 5 votes |
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setNeedClientAuth(needsClientAuth); if (keyPassword != null) { sslContextFactory.setKeyManagerPassword(keyPassword); } if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); if (keyStorePassword != null) { sslContextFactory.setKeyStorePassword(keyStorePassword); } } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); if (trustStorePassword != null) { sslContextFactory.setTrustStorePassword(trustStorePassword); } } if (null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List: {}", excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; }
Example #25
Source File: SecureJettyMixin.java From attic-polygene-java with Apache License 2.0 | 5 votes |
@Override protected ServerConnector buildConnector( Server server, HttpConfiguration httpConfig ) { SslConnectionFactory sslConnFactory = new SslConnectionFactory(); configureSsl( sslConnFactory, configuration.get() ); return new ServerConnector( server, sslConnFactory, new HttpConnectionFactory( httpConfig ) ); }
Example #26
Source File: WebServerTask.java From datacollector with Apache License 2.0 | 5 votes |
private void setSSLContext() { for (Connector connector : server.getConnectors()) { for (ConnectionFactory connectionFactory : connector.getConnectionFactories()) { if (connectionFactory instanceof SslConnectionFactory) { runtimeInfo.setSSLContext(((SslConnectionFactory) connectionFactory).getSslContextFactory().getSslContext()); } } } if (runtimeInfo.getSSLContext() == null) { throw new IllegalStateException("Unexpected error, SSLContext is not set for https enabled server"); } }
Example #27
Source File: HttpBindManager.java From Openfire with Apache License 2.0 | 5 votes |
private Connector createSSLConnector( final Server httpBindServer ) { final int securePort = getHttpBindSecurePort(); try { final IdentityStore identityStore = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore( ConnectionType.BOSH_C2S ); if (securePort > 0 && identityStore.getStore().aliases().hasMoreElements() ) { if ( !identityStore.containsDomainCertificate( ) ) { Log.warn("HTTP binding: Using certificates but they are not valid for the hosted domain"); } final ConnectionManagerImpl connectionManager = ((ConnectionManagerImpl) XMPPServer.getInstance().getConnectionManager()); final ConnectionConfiguration configuration = connectionManager.getListener( ConnectionType.BOSH_C2S, true ).generateConnectionConfiguration(); final SslContextFactory sslContextFactory = new EncryptionArtifactFactory(configuration).getSslContextFactory(); final HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setSecureScheme("https"); httpsConfig.setSecurePort(securePort); configureProxiedConnector(httpsConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); httpsConfig.setSendServerVersion( false ); final ServerConnector sslConnector = new ServerConnector(httpBindServer, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); sslConnector.setHost(getBindInterface()); sslConnector.setPort(securePort); return sslConnector; } } catch (Exception e) { Log.error("Error creating SSL connector for Http bind", e); } return null; }
Example #28
Source File: HttpServer2.java From knox with Apache License 2.0 | 5 votes |
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setNeedClientAuth(needsClientAuth); sslContextFactory.setKeyManagerPassword(keyPassword); if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); sslContextFactory.setKeyStorePassword(keyStorePassword); } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); sslContextFactory.setTrustStorePassword(trustStorePassword); } if(null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List:" + excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; }
Example #29
Source File: HttpServer2.java From knox with Apache License 2.0 | 5 votes |
private ServerConnector createHttpsChannelConnector( Server server, HttpConfiguration httpConfig) { httpConfig.setSecureScheme(HTTPS_SCHEME); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector conn = createHttpChannelConnector(server, httpConfig); SslContextFactory.Server sslContextFactory = new SslContextFactory.Server(); sslContextFactory.setNeedClientAuth(needsClientAuth); sslContextFactory.setKeyManagerPassword(keyPassword); if (keyStore != null) { sslContextFactory.setKeyStorePath(keyStore); sslContextFactory.setKeyStoreType(keyStoreType); sslContextFactory.setKeyStorePassword(keyStorePassword); } if (trustStore != null) { sslContextFactory.setTrustStorePath(trustStore); sslContextFactory.setTrustStoreType(trustStoreType); sslContextFactory.setTrustStorePassword(trustStorePassword); } if(null != excludeCiphers && !excludeCiphers.isEmpty()) { sslContextFactory.setExcludeCipherSuites( StringUtils.getTrimmedStrings(excludeCiphers)); LOG.info("Excluded Cipher List:" + excludeCiphers); } conn.addFirstConnectionFactory(new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString())); return conn; }
Example #30
Source File: JettyHTTPServerEngine.java From cxf with Apache License 2.0 | 5 votes |
AbstractConnector createConnectorJetty(SslContextFactory sslcf, String hosto, int porto, int major, int minor) { AbstractConnector result = null; try { HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSendServerVersion(getSendServerVersion()); HttpConnectionFactory httpFactory = new HttpConnectionFactory(httpConfig); Collection<ConnectionFactory> connectionFactories = new ArrayList<>(); result = new org.eclipse.jetty.server.ServerConnector(server); if (tlsServerParameters != null) { httpConfig.addCustomizer(new org.eclipse.jetty.server.SecureRequestCustomizer()); SslConnectionFactory scf = new SslConnectionFactory(sslcf, "HTTP/1.1"); connectionFactories.add(scf); String proto = (major > 9 || (major == 9 && minor >= 3)) ? "SSL" : "SSL-HTTP/1.1"; result.setDefaultProtocol(proto); } connectionFactories.add(httpFactory); result.setConnectionFactories(connectionFactories); if (getMaxIdleTime() > 0) { result.setIdleTimeout(Long.valueOf(getMaxIdleTime())); } } catch (RuntimeException rex) { throw rex; } catch (Exception ex) { throw new RuntimeException(ex); } return result; }