Java Code Examples for org.mortbay.jetty.security.SslSocketConnector#setNeedClientAuth()

The following examples show how to use org.mortbay.jetty.security.SslSocketConnector#setNeedClientAuth() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestJettyHelper.java    From hadoop with Apache License 2.0 6 votes vote down vote up
private Server createJettyServer() {
  try {
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket(0, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType(keyStoreType);
      c.setKeyPassword(keyStorePassword);
      server.setConnectors(new Connector[] {c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not stop embedded servlet container, " + ex.getMessage(), ex);
  }
}
 
Example 2
Source File: HttpServer.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needCertsAuth whether x509 certificate authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needCertsAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needCertsAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needCertsAuth);
  webServer.addConnector(sslListener);
}
 
Example 3
Source File: TestJettyHelper.java    From big-c with Apache License 2.0 6 votes vote down vote up
private Server createJettyServer() {
  try {
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket(0, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType(keyStoreType);
      c.setKeyPassword(keyStorePassword);
      server.setConnectors(new Connector[] {c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not stop embedded servlet container, " + ex.getMessage(), ex);
  }
}
 
Example 4
Source File: HttpServer.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needCertsAuth whether x509 certificate authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needCertsAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needCertsAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needCertsAuth);
  webServer.addConnector(sslListener);
}
 
Example 5
Source File: HttpServer.java    From RDFS with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needClientAuth whether client authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needClientAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needClientAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needClientAuth);
  webServer.addConnector(sslListener);
}
 
Example 6
Source File: HttpServer.java    From hadoop-gpu with Apache License 2.0 6 votes vote down vote up
/**
 * Configure an ssl listener on the server.
 * @param addr address to listen on
 * @param sslConf conf to retrieve ssl options
 * @param needClientAuth whether client authentication is required
 */
public void addSslListener(InetSocketAddress addr, Configuration sslConf,
    boolean needClientAuth) throws IOException {
  if (webServer.isStarted()) {
    throw new IOException("Failed to add ssl listener");
  }
  if (needClientAuth) {
    // setting up SSL truststore for authenticating clients
    System.setProperty("javax.net.ssl.trustStore", sslConf.get(
        "ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword", sslConf.get(
        "ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType", sslConf.get(
        "ssl.server.truststore.type", "jks"));
  }
  SslSocketConnector sslListener = new SslSocketConnector();
  sslListener.setHost(addr.getHostName());
  sslListener.setPort(addr.getPort());
  sslListener.setKeystore(sslConf.get("ssl.server.keystore.location"));
  sslListener.setPassword(sslConf.get("ssl.server.keystore.password", ""));
  sslListener.setKeyPassword(sslConf.get("ssl.server.keystore.keypassword", ""));
  sslListener.setKeystoreType(sslConf.get("ssl.server.keystore.type", "jks"));
  sslListener.setNeedClientAuth(needClientAuth);
  webServer.addConnector(sslListener);
}
 
Example 7
Source File: MiniKMS.java    From hadoop with Apache License 2.0 5 votes vote down vote up
private static Server createJettyServer(String keyStore, String password, int inPort) {
  try {
    boolean ssl = keyStore != null;
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket((inPort < 0) ? 0 : inPort, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType("jks");
      c.setKeyPassword(password);
      server.setConnectors(new Connector[]{c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not start embedded servlet container, "
        + ex.getMessage(), ex);
  }
}
 
Example 8
Source File: MiniKMS.java    From big-c with Apache License 2.0 5 votes vote down vote up
private static Server createJettyServer(String keyStore, String password, int inPort) {
  try {
    boolean ssl = keyStore != null;
    InetAddress localhost = InetAddress.getByName("localhost");
    String host = "localhost";
    ServerSocket ss = new ServerSocket((inPort < 0) ? 0 : inPort, 50, localhost);
    int port = ss.getLocalPort();
    ss.close();
    Server server = new Server(0);
    if (!ssl) {
      server.getConnectors()[0].setHost(host);
      server.getConnectors()[0].setPort(port);
    } else {
      SslSocketConnector c = new SslSocketConnectorSecure();
      c.setHost(host);
      c.setPort(port);
      c.setNeedClientAuth(false);
      c.setKeystore(keyStore);
      c.setKeystoreType("jks");
      c.setKeyPassword(password);
      server.setConnectors(new Connector[]{c});
    }
    return server;
  } catch (Exception ex) {
    throw new RuntimeException("Could not start embedded servlet container, "
        + ex.getMessage(), ex);
  }
}
 
Example 9
Source File: ProxyHttpServer.java    From RDFS with Apache License 2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected Connector createBaseListener(Configuration conf)
    throws IOException {
  final String sAddr;
  if (null == (sAddr = conf.get("proxy.http.test.listener.addr"))) {
    SslSocketConnector sslListener = new SslSocketConnector();
    sslListener.setKeystore(conf.get("ssl.server.keystore.location"));
    sslListener.setPassword(conf.get("ssl.server.keystore.password", ""));
    sslListener.setKeyPassword(conf.get("ssl.server.keystore.keypassword", ""));
    sslListener.setKeystoreType(conf.get("ssl.server.keystore.type", "jks"));
    sslListener.setNeedClientAuth(true);
    System.setProperty("javax.net.ssl.trustStore",
        conf.get("ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword",
        conf.get("ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType",
        conf.get("ssl.server.truststore.type", "jks"));
    return sslListener;
  }
  // unit test
  InetSocketAddress proxyAddr = NetUtils.createSocketAddr(sAddr);
  SelectChannelConnector testlistener = new SelectChannelConnector();
  testlistener.setUseDirectBuffers(false);
  testlistener.setHost(proxyAddr.getHostName());
  testlistener.setPort(proxyAddr.getPort());
  return testlistener;
}
 
Example 10
Source File: ProxyHttpServer.java    From hadoop-gpu with Apache License 2.0 5 votes vote down vote up
/** {@inheritDoc} */
protected Connector createBaseListener(Configuration conf)
    throws IOException {
  final String sAddr;
  if (null == (sAddr = conf.get("proxy.http.test.listener.addr"))) {
    SslSocketConnector sslListener = new SslSocketConnector();
    sslListener.setKeystore(conf.get("ssl.server.keystore.location"));
    sslListener.setPassword(conf.get("ssl.server.keystore.password", ""));
    sslListener.setKeyPassword(conf.get("ssl.server.keystore.keypassword", ""));
    sslListener.setKeystoreType(conf.get("ssl.server.keystore.type", "jks"));
    sslListener.setNeedClientAuth(true);
    System.setProperty("javax.net.ssl.trustStore",
        conf.get("ssl.server.truststore.location", ""));
    System.setProperty("javax.net.ssl.trustStorePassword",
        conf.get("ssl.server.truststore.password", ""));
    System.setProperty("javax.net.ssl.trustStoreType",
        conf.get("ssl.server.truststore.type", "jks"));
    return sslListener;
  }
  // unit test
  InetSocketAddress proxyAddr = NetUtils.createSocketAddr(sAddr);
  SelectChannelConnector testlistener = new SelectChannelConnector();
  testlistener.setUseDirectBuffers(false);
  testlistener.setHost(proxyAddr.getHostName());
  testlistener.setPort(proxyAddr.getPort());
  return testlistener;
}