org.mortbay.jetty.security.SslSocketConnector Java Examples

The following examples show how to use org.mortbay.jetty.security.SslSocketConnector. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: TestJettyHelper.java    From hadoop with Apache License 2.0 6 votes vote down vote up
private Server createJettyServer() {
  try {
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket(0, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType(keyStoreType);
      c.setKeyPassword(keyStorePassword);
      server.setConnectors(new Connector[] {c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not stop embedded servlet container, " + ex.getMessage(), ex);
  }
}
 
Example #2
Source File: HttpServer.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needCertsAuth whether x509 certificate authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needCertsAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needCertsAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needCertsAuth);
  webServer.addConnector(sslListener);
}
 
Example #3
Source File: TestJettyHelper.java    From big-c with Apache License 2.0 6 votes vote down vote up
private Server createJettyServer() {
  try {
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket(0, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType(keyStoreType);
      c.setKeyPassword(keyStorePassword);
      server.setConnectors(new Connector[] {c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not stop embedded servlet container, " + ex.getMessage(), ex);
  }
}
 
Example #4
Source File: HttpServer.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needCertsAuth whether x509 certificate authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needCertsAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needCertsAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needCertsAuth);
  webServer.addConnector(sslListener);
}
 
Example #5
Source File: HttpServer.java    From RDFS with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needClientAuth whether client authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needClientAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needClientAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needClientAuth);
  webServer.addConnector(sslListener);
}
 
Example #6
Source File: HttpServer.java    From hadoop-gpu with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needClientAuth whether client authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needClientAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needClientAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needClientAuth);
  webServer.addConnector(sslListener);
}
 
Example #7
Source File: HttpServer.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param keystore location of the keystore
 * @param storPass password for the keystore
 * @param keyPass password for the key
 * @deprecated Use {@link #addSslListener(InetSocketAddress, Configuration, boolean)}
 */
@Deprecated
public void addSslListener(InetSocketAddress addr, String keystore,
    String storPass, String keyPass) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(keystore);
  sslListener.setPassword(storPass);
  sslListener.setKeyPassword(keyPass);
  webServer.addConnector(sslListener);
}
 
Example #8
Source File: MiniKMS.java    From hadoop with Apache License 2.0 5 votes vote down vote up
private static Server createJettyServer(String keyStore, String password, int inPort) {
  try {
    boolean ssl = keyStore != null;
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket((inPort < 0) ? 0 : inPort, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType("jks");
      c.setKeyPassword(password);
      server.setConnectors(new Connector[]{c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not start embedded servlet container, "
        + ex.getMessage(), ex);
  }
}
 
Example #9
Source File: HttpServer.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param keystore location of the keystore
 * @param storPass password for the keystore
 * @param keyPass password for the key
 * @deprecated Use {@link #addSslListener(InetSocketAddress, Configuration, boolean)}
 */
@Deprecated
public void addSslListener(InetSocketAddress addr, String keystore,
    String storPass, String keyPass) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(keystore);
  sslListener.setPassword(storPass);
  sslListener.setKeyPassword(keyPass);
  webServer.addConnector(sslListener);
}
 
Example #10
Source File: MiniKMS.java    From big-c with Apache License 2.0 5 votes vote down vote up
private static Server createJettyServer(String keyStore, String password, int inPort) {
  try {
    boolean ssl = keyStore != null;
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket((inPort < 0) ? 0 : inPort, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType("jks");
      c.setKeyPassword(password);
      server.setConnectors(new Connector[]{c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not start embedded servlet container, "
        + ex.getMessage(), ex);
  }
}
 
Example #11
Source File: ProxyHttpServer.java    From RDFS with Apache License 2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected Connector createBaseListener(Configuration conf)
    throws IOException {
  final String sAddr;
  if (null == (sAddr = conf.get("proxy.http.test.listener.addr"))) {
    SslSocketConnector sslListener = new SslSocketConnector();
    sslListener.setKeystore(conf.get("ssl.server.keystore.location"));
    sslListener.setPassword(conf.get("ssl.server.keystore.password", ""));
    sslListener.setKeyPassword(conf.get("ssl.server.keystore.keypassword", ""));
    sslListener.setKeystoreType(conf.get("ssl.server.keystore.type", "jks"));
    sslListener.setNeedClientAuth(true);
    System.setProperty("javax.net.ssl.trustStore",
        conf.get("ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword",
        conf.get("ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType",
        conf.get("ssl.server.truststore.type", "jks"));
    return sslListener;
  }
  // unit test
  InetSocketAddress proxyAddr = NetUtils.createSocketAddr(sAddr);
  SelectChannelConnector testlistener = new SelectChannelConnector();
  testlistener.setUseDirectBuffers(false);
  testlistener.setHost(proxyAddr.getHostName());
  testlistener.setPort(proxyAddr.getPort());
  return testlistener;
}
 
Example #12
Source File: HttpServer.java    From RDFS with Apache License 2.0 5 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param keystore location of the keystore
 * @param storPass password for the keystore
 * @param keyPass password for the key
 * @deprecated Use {@link #addSslListener(InetSocketAddress, Configuration, boolean)}
 */
@Deprecated
public void addSslListener(InetSocketAddress addr, String keystore,
    String storPass, String keyPass) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(keystore);
  sslListener.setPassword(storPass);
  sslListener.setKeyPassword(keyPass);
  webServer.addConnector(sslListener);
}
 
Example #13
Source File: ProxyHttpServer.java    From hadoop-gpu with Apache License 2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected Connector createBaseListener(Configuration conf)
    throws IOException {
  final String sAddr;
  if (null == (sAddr = conf.get("proxy.http.test.listener.addr"))) {
    SslSocketConnector sslListener = new SslSocketConnector();
    sslListener.setKeystore(conf.get("ssl.server.keystore.location"));
    sslListener.setPassword(conf.get("ssl.server.keystore.password", ""));
    sslListener.setKeyPassword(conf.get("ssl.server.keystore.keypassword", ""));
    sslListener.setKeystoreType(conf.get("ssl.server.keystore.type", "jks"));
    sslListener.setNeedClientAuth(true);
    System.setProperty("javax.net.ssl.trustStore",
        conf.get("ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword",
        conf.get("ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType",
        conf.get("ssl.server.truststore.type", "jks"));
    return sslListener;
  }
  // unit test
  InetSocketAddress proxyAddr = NetUtils.createSocketAddr(sAddr);
  SelectChannelConnector testlistener = new SelectChannelConnector();
  testlistener.setUseDirectBuffers(false);
  testlistener.setHost(proxyAddr.getHostName());
  testlistener.setPort(proxyAddr.getPort());
  return testlistener;
}
 
Example #14
Source File: HttpServer.java    From hadoop-gpu with Apache License 2.0 5 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param keystore location of the keystore
 * @param storPass password for the keystore
 * @param keyPass password for the key
 * @deprecated Use {@link #addSslListener(InetSocketAddress, Configuration, boolean)}
 */
@Deprecated
public void addSslListener(InetSocketAddress addr, String keystore,
    String storPass, String keyPass) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(keystore);
  sslListener.setPassword(storPass);
  sslListener.setKeyPassword(keyPass);
  webServer.addConnector(sslListener);
}
 
Example #15
Source File: SubsonicDeployer.java    From subsonic with GNU General Public License v3.0 4 votes vote down vote up
private void deployWebApp() {
    try {
        Server server = new Server();
        SelectChannelConnector connector = new SelectChannelConnector();
        connector.setMaxIdleTime(MAX_IDLE_TIME_MILLIS);
        connector.setHeaderBufferSize(HEADER_BUFFER_SIZE);
        connector.setHost(getHost());
        connector.setPort(getPort());
        if (isHttpsEnabled()) {
            connector.setConfidentialPort(getHttpsPort());
        }
        server.addConnector(connector);

        if (isHttpsEnabled()) {
            SslSocketConnector sslConnector = new SslSocketConnector();
            sslConnector.setMaxIdleTime(MAX_IDLE_TIME_MILLIS);
            sslConnector.setHeaderBufferSize(HEADER_BUFFER_SIZE);
            sslConnector.setHost(getHost());
            sslConnector.setPort(getHttpsPort());
            sslConnector.setKeystore(System.getProperty("subsonic.ssl.keystore", getClass().getResource("/subsonic.keystore").toExternalForm()));
            sslConnector.setPassword(System.getProperty("subsonic.ssl.password", "subsonic"));
            server.addConnector(sslConnector);
        }

        WebAppContext context = new WebAppContext();
        context.setTempDirectory(getJettyDirectory());
        context.setContextPath(getContextPath());
        context.setWar(getWar());
        context.setOverrideDescriptor("/web-jetty.xml");

        if (isHttpsEnabled()) {

            // Allow non-https for streaming and cover art (for Chromecast, UPnP, Sonos etc)
            context.getSecurityHandler().setConstraintMappings(new ConstraintMapping[]{
                    createConstraintMapping("/stream", Constraint.DC_NONE),
                    createConstraintMapping("/coverArt.view", Constraint.DC_NONE),
                    createConstraintMapping("/ws/*", Constraint.DC_NONE),
                    createConstraintMapping("/sonos/*", Constraint.DC_NONE),
                    createConstraintMapping("/", Constraint.DC_CONFIDENTIAL)
            });
        }

        server.addHandler(context);
        server.start();

        System.err.println("Subsonic running on: " + getUrl());
        if (isHttpsEnabled()) {
            System.err.println("                and: " + getHttpsUrl());
        }

    } catch (Throwable x) {
        x.printStackTrace();
        exception = x;
    }
}