Java Code Examples for io.vertx.core.http.HttpServerOptions#setClientAuth()
The following examples show how to use
io.vertx.core.http.HttpServerOptions#setClientAuth() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: EthSigner.java From ethsigner with Apache License 2.0 | 6 votes |
|
private static HttpServerOptions applyClientAuthentication(
final HttpServerOptions input, final ClientAuthConstraints constraints) {
final HttpServerOptions result = new HttpServerOptions(input);
result.setClientAuth(ClientAuth.REQUIRED);
try {
constraints
.getKnownClientsFile()
.ifPresent(
whitelistFile ->
result.setTrustOptions(
VertxTrustOptions.whitelistClients(
whitelistFile.toPath(), constraints.isCaAuthorizedClientAllowed())));
} catch (final IllegalArgumentException e) {
throw new InitializationException("Illegally formatted client fingerprint file.");
}
return result;
}
Example 2
| Source File: JsonRpcHttpService.java From besu with Apache License 2.0 | 5 votes |
|
private void applyTlsClientAuth(
final TlsClientAuthConfiguration clientAuthConfiguration,
final HttpServerOptions httpServerOptions) {
httpServerOptions.setClientAuth(ClientAuth.REQUIRED);
clientAuthConfiguration
.getKnownClientsFile()
.ifPresent(
knownClientsFile ->
httpServerOptions.setTrustOptions(
whitelistClients(
knownClientsFile, clientAuthConfiguration.isCaClientsEnabled())));
}
Example 3
| Source File: TlsEnabledHttpServerFactory.java From ethsigner with Apache License 2.0 | 4 votes |
|
public HttpServer create(
final TlsCertificateDefinition serverCert,
final TlsCertificateDefinition acceptedClientCerts,
final Path workDir) {
try {
final Path serverFingerprintFile = workDir.resolve("server_known_clients");
populateFingerprintFile(serverFingerprintFile, acceptedClientCerts, Optional.empty());
final HttpServerOptions web3HttpServerOptions = new HttpServerOptions();
web3HttpServerOptions.setSsl(true);
web3HttpServerOptions.setClientAuth(ClientAuth.REQUIRED);
web3HttpServerOptions.setTrustOptions(
VertxTrustOptions.whitelistClients(serverFingerprintFile));
web3HttpServerOptions.setPort(0);
web3HttpServerOptions.setPfxKeyCertOptions(
new PfxOptions()
.setPath(serverCert.getPkcs12File().toString())
.setPassword(serverCert.getPassword()));
final Router router = Router.router(vertx);
final JsonDecoder jsonDecoder = createJsonDecoder();
final RequestMapper requestMapper = new RequestMapper(new MockBalanceReporter());
router
.route(HttpMethod.POST, "/")
.produces(HttpHeaderValues.APPLICATION_JSON.toString())
.handler(BodyHandler.create())
.handler(ResponseContentTypeHandler.create())
.failureHandler(new JsonRpcErrorHandler(new HttpResponseFactory(), jsonDecoder))
.handler(new JsonRpcHandler(null, requestMapper, jsonDecoder));
final HttpServer web3ProviderHttpServer = vertx.createHttpServer(web3HttpServerOptions);
final CompletableFuture<Boolean> serverConfigured = new CompletableFuture<>();
web3ProviderHttpServer
.requestHandler(router)
.listen(result -> serverConfigured.complete(true));
serverConfigured.get();
serversCreated.add(web3ProviderHttpServer);
return web3ProviderHttpServer;
} catch (final KeyStoreException
| NoSuchAlgorithmException
| CertificateException
| IOException
| ExecutionException
| InterruptedException e) {
throw new RuntimeException("Failed to construct a TLS Enabled Server", e);
}
}
Example 4
| Source File: TlsEnabledHttpServerFactory.java From besu with Apache License 2.0 | 4 votes |
|
HttpServer create(
final TlsCertificateDefinition serverCert,
final TlsCertificateDefinition acceptedClientCerts,
final Path workDir,
final boolean tlsEnabled) {
try {
final Path serverFingerprintFile = workDir.resolve("server_known_clients");
populateFingerprintFile(serverFingerprintFile, acceptedClientCerts, Optional.empty());
final HttpServerOptions web3HttpServerOptions = new HttpServerOptions();
web3HttpServerOptions.setPort(0);
if (tlsEnabled) {
web3HttpServerOptions.setSsl(true);
web3HttpServerOptions.setClientAuth(ClientAuth.REQUIRED);
web3HttpServerOptions.setTrustOptions(
VertxTrustOptions.whitelistClients(serverFingerprintFile));
web3HttpServerOptions.setPfxKeyCertOptions(
new PfxOptions()
.setPath(serverCert.getPkcs12File().toString())
.setPassword(serverCert.getPassword()));
}
final Router router = Router.router(vertx);
router
.route(HttpMethod.GET, "/upcheck")
.produces(HttpHeaderValues.APPLICATION_JSON.toString())
.handler(TlsEnabledHttpServerFactory::handleRequest);
final HttpServer mockOrionHttpServer = vertx.createHttpServer(web3HttpServerOptions);
final CompletableFuture<Boolean> serverConfigured = new CompletableFuture<>();
mockOrionHttpServer.requestHandler(router).listen(result -> serverConfigured.complete(true));
serverConfigured.get();
serversCreated.add(mockOrionHttpServer);
return mockOrionHttpServer;
} catch (final KeyStoreException
| NoSuchAlgorithmException
| CertificateException
| IOException
| ExecutionException
| InterruptedException e) {
throw new RuntimeException("Failed to construct a TLS Enabled Server", e);
}
}
Example 5
| Source File: VertxHttpServerFactory.java From graviteeio-access-management with Apache License 2.0 | 4 votes |
|
@Override
public HttpServer getObject() throws Exception {
HttpServerOptions options = new HttpServerOptions();
// Binding port
options.setPort(httpServerConfiguration.getPort());
options.setHost(httpServerConfiguration.getHost());
// Netty pool buffers must be enabled by default
options.setUsePooledBuffers(true);
if (httpServerConfiguration.isSecured()) {
options.setSsl(httpServerConfiguration.isSecured());
options.setUseAlpn(httpServerConfiguration.isAlpn());
if (httpServerConfiguration.getClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.NONE) {
options.setClientAuth(ClientAuth.NONE);
} else if (httpServerConfiguration.getClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.REQUEST) {
options.setClientAuth(ClientAuth.REQUEST);
} else if (httpServerConfiguration.getClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.REQUIRED) {
options.setClientAuth(ClientAuth.REQUIRED);
}
if (httpServerConfiguration.getTrustStorePath() != null) {
if (httpServerConfiguration.getTrustStoreType() == null || httpServerConfiguration.getTrustStoreType().isEmpty() ||
httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_JKS)) {
options.setTrustStoreOptions(new JksOptions()
.setPath(httpServerConfiguration.getTrustStorePath())
.setPassword(httpServerConfiguration.getTrustStorePassword()));
} else if (httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PEM)) {
options.setPemTrustOptions(new PemTrustOptions()
.addCertPath(httpServerConfiguration.getTrustStorePath()));
} else if (httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PKCS12)) {
options.setPfxTrustOptions(new PfxOptions()
.setPath(httpServerConfiguration.getTrustStorePath())
.setPassword(httpServerConfiguration.getTrustStorePassword()));
}
}
if (httpServerConfiguration.getKeyStorePath() != null) {
if (httpServerConfiguration.getKeyStoreType() == null || httpServerConfiguration.getKeyStoreType().isEmpty() ||
httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_JKS)) {
options.setKeyStoreOptions(new JksOptions()
.setPath(httpServerConfiguration.getKeyStorePath())
.setPassword(httpServerConfiguration.getKeyStorePassword()));
} else if (httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PEM)) {
options.setPemKeyCertOptions(new PemKeyCertOptions()
.addCertPath(httpServerConfiguration.getKeyStorePath()));
} else if (httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PKCS12)) {
options.setPfxKeyCertOptions(new PfxOptions()
.setPath(httpServerConfiguration.getKeyStorePath())
.setPassword(httpServerConfiguration.getKeyStorePassword()));
}
}
}
// Customizable configuration
options.setCompressionSupported(httpServerConfiguration.isCompressionSupported());
options.setIdleTimeout(httpServerConfiguration.getIdleTimeout());
options.setTcpKeepAlive(httpServerConfiguration.isTcpKeepAlive());
return vertx.createHttpServer(options);
}
Example 6
| Source File: VertxHttpServerFactory.java From gravitee-gateway with Apache License 2.0 | 4 votes |
|
@Override
public HttpServer getObject() throws Exception {
HttpServerOptions options = new HttpServerOptions();
// Binding port
options.setPort(httpServerConfiguration.getPort());
options.setHost(httpServerConfiguration.getHost());
// Netty pool buffers must be enabled by default
options.setUsePooledBuffers(true);
if (httpServerConfiguration.isSecured()) {
options.setSsl(httpServerConfiguration.isSecured());
options.setUseAlpn(httpServerConfiguration.isAlpn());
if (httpServerConfiguration.isClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.NONE) {
options.setClientAuth(ClientAuth.NONE);
} else if (httpServerConfiguration.isClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.REQUEST) {
options.setClientAuth(ClientAuth.REQUEST);
} else if (httpServerConfiguration.isClientAuth() == VertxHttpServerConfiguration.ClientAuthMode.REQUIRED) {
options.setClientAuth(ClientAuth.REQUIRED);
}
if (httpServerConfiguration.getTrustStorePath() != null) {
if (httpServerConfiguration.getTrustStoreType() == null || httpServerConfiguration.getTrustStoreType().isEmpty() ||
httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_JKS)) {
options.setTrustStoreOptions(new JksOptions()
.setPath(httpServerConfiguration.getTrustStorePath())
.setPassword(httpServerConfiguration.getTrustStorePassword()));
} else if (httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PEM)) {
options.setPemTrustOptions(new PemTrustOptions()
.addCertPath(httpServerConfiguration.getTrustStorePath()));
} else if (httpServerConfiguration.getTrustStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PKCS12)) {
options.setPfxTrustOptions(new PfxOptions()
.setPath(httpServerConfiguration.getTrustStorePath())
.setPassword(httpServerConfiguration.getTrustStorePassword()));
}
}
if (httpServerConfiguration.getKeyStorePath() != null) {
if (httpServerConfiguration.getKeyStoreType() == null || httpServerConfiguration.getKeyStoreType().isEmpty() ||
httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_JKS)) {
options.setKeyStoreOptions(new JksOptions()
.setPath(httpServerConfiguration.getKeyStorePath())
.setPassword(httpServerConfiguration.getKeyStorePassword()));
} else if (httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PEM)) {
options.setPemKeyCertOptions(new PemKeyCertOptions()
.addCertPath(httpServerConfiguration.getKeyStorePath()));
} else if (httpServerConfiguration.getKeyStoreType().equalsIgnoreCase(CERTIFICATE_FORMAT_PKCS12)) {
options.setPfxKeyCertOptions(new PfxOptions()
.setPath(httpServerConfiguration.getKeyStorePath())
.setPassword(httpServerConfiguration.getKeyStorePassword()));
}
}
}
options.setHandle100ContinueAutomatically(true);
// Customizable configuration
options.setCompressionSupported(httpServerConfiguration.isCompressionSupported());
options.setIdleTimeout(httpServerConfiguration.getIdleTimeout());
options.setTcpKeepAlive(httpServerConfiguration.isTcpKeepAlive());
options.setMaxChunkSize(httpServerConfiguration.getMaxChunkSize());
options.setMaxHeaderSize(httpServerConfiguration.getMaxHeaderSize());
// Configure websocket
System.setProperty("vertx.disableWebsockets", Boolean.toString(!httpServerConfiguration.isWebsocketEnabled()));
return vertx.createHttpServer(options);
}
Example 7
| Source File: Server.java From wisdom with Apache License 2.0 | 4 votes |
|
private void bind(int p, Handler<AsyncResult<Void>> completion) {
// Get port number.
final int thePort = pickAPort(port);
HttpServerOptions options = new HttpServerOptions();
if (ssl) {
options.setSsl(true);
options.setTrustStoreOptions(SSLServerContext.getTrustStoreOption(accessor));
options.setKeyStoreOptions(SSLServerContext.getKeyStoreOption(accessor));
if (authentication) {
options.setClientAuth(ClientAuth.REQUIRED);
}
}
if (hasCompressionEnabled()) {
options.setCompressionSupported(true);
}
if (configuration.getIntegerWithDefault("vertx.acceptBacklog", -1) != -1) {
options.setAcceptBacklog(configuration.getInteger("vertx.acceptBacklog"));
}
if (configuration.getIntegerWithDefault("vertx.maxWebSocketFrameSize", -1) != -1) {
options.setMaxWebsocketFrameSize(configuration.getInteger("vertx.maxWebSocketFrameSize"));
}
if (configuration.getStringArray("wisdom.websocket.subprotocols").length > 0) {
options.setWebsocketSubProtocols(configuration.get("wisdom.websocket.subprotocols"));
}
if (configuration.getStringArray("vertx.websocket-subprotocols").length > 0) {
options.setWebsocketSubProtocols(configuration.get("vertx.websocket-subprotocols"));
}
if (configuration.getIntegerWithDefault("vertx.receiveBufferSize", -1) != -1) {
options.setReceiveBufferSize(configuration.getInteger("vertx.receiveBufferSize"));
}
if (configuration.getIntegerWithDefault("vertx.sendBufferSize", -1) != -1) {
options.setSendBufferSize(configuration.getInteger("vertx.sendBufferSize"));
}
http = vertx.createHttpServer(options)
.requestHandler(new HttpHandler(vertx, accessor, this))
.websocketHandler(new WebSocketHandler(accessor, this));
http.listen(thePort, host, event -> {
if (event.succeeded()) {
logger.info("Wisdom is going to serve HTTP requests on port {}.", thePort);
port = thePort;
completion.handle(Future.succeededFuture());
} else if (port == 0) {
logger.debug("Cannot bind on port {} (port already used probably)", thePort, event.cause());
bind(0, completion);
} else {
logger.error("Cannot bind on port {} (port already used probably)", thePort, event.cause());
completion.handle(Future.failedFuture("Cannot bind on port " + thePort));
}
});
}
