org.apache.coyote.http11.AbstractHttp11JsseProtocol Java Examples
The following examples show how to use
org.apache.coyote.http11.AbstractHttp11JsseProtocol.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: TomcatApplication.java From micro-server with Apache License 2.0 | 6 votes |
|
private void addSSL(Connector connector) {
try {
SSLProperties sslProperties = serverData.getRootContext().getBean(SSLProperties.class);
ProtocolHandler handler = connector.getProtocolHandler();
if (sslProperties != null && handler instanceof AbstractHttp11JsseProtocol) {
new SSLConfigurationBuilder().build((AbstractHttp11JsseProtocol) handler, sslProperties);
connector.setScheme("https");
connector.setSecure(true);
}
} catch (BeanNotOfRequiredTypeException e) {
}
}
Example #2
| Source File: SSLConfigurationBuilder.java From micro-server with Apache License 2.0 | 6 votes |
|
public void build(AbstractHttp11JsseProtocol<?> protocol,SSLProperties sslProperties) {
protocol.setKeystoreFile(sslProperties.getKeyStoreFile()); // contains server keypair
protocol.setKeyPass(sslProperties.getKeyStorePass());
sslProperties.getKeyStoreType().ifPresent(type->protocol.setKeystoreType(type));
sslProperties.getKeyStoreProvider().ifPresent(provider->protocol.setKeystoreProvider(provider));
sslProperties.getTrustStoreFile().ifPresent(file->protocol.setTruststoreFile(file)); // contains client certificate
sslProperties.getTrustStorePass().ifPresent(pass->protocol.setTruststorePass(pass));
sslProperties.getTrustStoreType().ifPresent(type->protocol.setTruststoreType(type));
sslProperties.getTrustStoreProvider().ifPresent(provider->protocol.setTruststoreProvider(provider));
sslProperties.getClientAuth().ifPresent(auth->protocol.setClientAuth(auth));
protocol.setSSLEnabled(true);
sslProperties.getCiphers().ifPresent(ciphers->protocol.setCiphers(ciphers));
sslProperties.getProtocol().ifPresent(pr->protocol.setSslProtocol(pr));
}
Example #3
| Source File: Connector.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
/**
* Connector的初始化工作。
* 1. 创建适配器。并设置协议处理器的适配器。
* 2. 协议处理器的初始化工作()。
* {@link ProtocolHandler}的中文注释。
* @throws LifecycleException
*/
@Override
protected void initInternal() throws LifecycleException {
super.initInternal();
// 初始化的时候设置我们的适配器。
adapter = new CoyoteAdapter(this);
protocolHandler.setAdapter(adapter);
// Make sure parseBodyMethodsSet has a default
if (null == parseBodyMethodsSet) {
setParseBodyMethods(getParseBodyMethods());
}
if (protocolHandler.isAprRequired() && !AprLifecycleListener.isAprAvailable()) {
throw new LifecycleException(sm.getString("coyoteConnector.protocolHandlerNoApr",
getProtocolHandlerClassName()));
}
if (AprLifecycleListener.isAprAvailable() && AprLifecycleListener.getUseOpenSSL() &&
protocolHandler instanceof AbstractHttp11JsseProtocol) {
AbstractHttp11JsseProtocol<?> jsseProtocolHandler =
(AbstractHttp11JsseProtocol<?>) protocolHandler;
if (jsseProtocolHandler.isSSLEnabled() &&
jsseProtocolHandler.getSslImplementationName() == null) {
// OpenSSL is compatible with the JSSE configuration, so use it if APR is available
jsseProtocolHandler.setSslImplementationName(OpenSSLImplementation.class.getName());
}
}
try {
/**
* 此处请点:
* {@link AbstractHttp11JsseProtocol#init()}
*/
protocolHandler.init();
} catch (Exception e) {
throw new LifecycleException(
sm.getString("coyoteConnector.protocolHandlerInitializationFailed"), e);
}
}
Example #4
| Source File: TestCustomSsl.java From Tomcat8-Source-Read with MIT License | 4 votes |
|
private void doTestCustomTrustManager(TrustType trustType)
throws Exception {
Tomcat tomcat = getTomcatInstance();
Assume.assumeTrue("SSL renegotiation has to be supported for this test",
TesterSupport.isRenegotiationSupported(getTomcatInstance()));
TesterSupport.configureClientCertContext(tomcat);
// Override the defaults
ProtocolHandler handler = tomcat.getConnector().getProtocolHandler();
if (handler instanceof AbstractHttp11JsseProtocol) {
((AbstractHttp11JsseProtocol<?>) handler).setTruststoreFile(null);
} else {
// Unexpected
Assert.fail("Unexpected handler type");
}
if (trustType.equals(TrustType.ALL)) {
tomcat.getConnector().setAttribute("trustManagerClassName",
"org.apache.tomcat.util.net.TesterSupport$TrustAllCerts");
} else if (trustType.equals(TrustType.CA)) {
tomcat.getConnector().setAttribute("trustManagerClassName",
"org.apache.tomcat.util.net.TesterSupport$SequentialTrustManager");
}
// Start Tomcat
tomcat.start();
TesterSupport.configureClientSsl();
// Unprotected resource
ByteChunk res =
getUrl("https://localhost:" + getPort() + "/unprotected");
Assert.assertEquals("OK", res.toString());
// Protected resource
res.recycle();
int rc = -1;
try {
rc = getUrl("https://localhost:" + getPort() + "/protected", res,
null, null);
} catch (SocketException se) {
if (!trustType.equals(TrustType.NONE)) {
Assert.fail(se.getMessage());
se.printStackTrace();
}
} catch (SSLException he) {
if (!trustType.equals(TrustType.NONE)) {
Assert.fail(he.getMessage());
he.printStackTrace();
}
}
if (trustType.equals(TrustType.CA)) {
if (log.isDebugEnabled()) {
int count = TesterSupport.getLastClientAuthRequestedIssuerCount();
log.debug("Last client KeyManager usage: " + TesterSupport.getLastClientAuthKeyManagerUsage() +
", " + count + " requested Issuers, first one: " +
(count > 0 ? TesterSupport.getLastClientAuthRequestedIssuer(0).getName() : "NONE"));
log.debug("Expected requested Issuer: " + TesterSupport.getClientAuthExpectedIssuer());
}
Assert.assertTrue("Checking requested client issuer against " +
TesterSupport.getClientAuthExpectedIssuer(),
TesterSupport.checkLastClientAuthRequestedIssuers());
}
if (trustType.equals(TrustType.NONE)) {
Assert.assertTrue(rc != 200);
Assert.assertEquals("", res.toString());
} else {
Assert.assertEquals(200, rc);
Assert.assertEquals("OK-" + TesterSupport.ROLE, res.toString());
}
}
Example #5
| Source File: TestCustomSsl.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
private void doTestCustomTrustManager(boolean serverTrustAll)
throws Exception {
if (!TesterSupport.RFC_5746_SUPPORTED) {
// Make sure SSL renegotiation is not disabled in the JVM
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation",
"true");
}
Tomcat tomcat = getTomcatInstance();
Assume.assumeTrue("SSL renegotiation has to be supported for this test",
TesterSupport.isRenegotiationSupported(getTomcatInstance()));
TesterSupport.configureClientCertContext(tomcat);
// Override the defaults
ProtocolHandler handler = tomcat.getConnector().getProtocolHandler();
if (handler instanceof AbstractHttp11JsseProtocol) {
((AbstractHttp11JsseProtocol<?>) handler).setTruststoreFile(null);
} else {
// Unexpected
fail("Unexpected handler type");
}
if (serverTrustAll) {
tomcat.getConnector().setAttribute("trustManagerClassName",
"org.apache.tomcat.util.net.TesterSupport$TrustAllCerts");
}
// Start Tomcat
tomcat.start();
TesterSupport.configureClientSsl();
// Unprotected resource
ByteChunk res =
getUrl("https://localhost:" + getPort() + "/unprotected");
assertEquals("OK", res.toString());
// Protected resource
res.recycle();
int rc = -1;
try {
rc = getUrl("https://localhost:" + getPort() + "/protected", res,
null, null);
} catch (SocketException se) {
if (serverTrustAll) {
fail(se.getMessage());
se.printStackTrace();
}
} catch (SSLException he) {
if (serverTrustAll) {
fail(he.getMessage());
he.printStackTrace();
}
}
if (serverTrustAll) {
assertEquals(200, rc);
assertEquals("OK-" + TesterSupport.ROLE, res.toString());
} else {
assertTrue(rc != 200);
assertEquals("", res.toString());
}
}
Example #6
| Source File: TestCustomSsl.java From tomcatsrc with Apache License 2.0 | 4 votes |
|
private void doTestCustomTrustManager(boolean serverTrustAll)
throws Exception {
if (!TesterSupport.RFC_5746_SUPPORTED) {
// Make sure SSL renegotiation is not disabled in the JVM
System.setProperty("sun.security.ssl.allowUnsafeRenegotiation",
"true");
}
Tomcat tomcat = getTomcatInstance();
Assume.assumeTrue("SSL renegotiation has to be supported for this test",
TesterSupport.isRenegotiationSupported(getTomcatInstance()));
TesterSupport.configureClientCertContext(tomcat);
// Override the defaults
ProtocolHandler handler = tomcat.getConnector().getProtocolHandler();
if (handler instanceof AbstractHttp11JsseProtocol) {
((AbstractHttp11JsseProtocol<?>) handler).setTruststoreFile(null);
} else {
// Unexpected
fail("Unexpected handler type");
}
if (serverTrustAll) {
tomcat.getConnector().setAttribute("trustManagerClassName",
"org.apache.tomcat.util.net.TesterSupport$TrustAllCerts");
}
// Start Tomcat
tomcat.start();
TesterSupport.configureClientSsl();
// Unprotected resource
ByteChunk res =
getUrl("https://localhost:" + getPort() + "/unprotected");
assertEquals("OK", res.toString());
// Protected resource
res.recycle();
int rc = -1;
try {
rc = getUrl("https://localhost:" + getPort() + "/protected", res,
null, null);
} catch (SocketException se) {
if (serverTrustAll) {
fail(se.getMessage());
se.printStackTrace();
}
} catch (SSLException he) {
if (serverTrustAll) {
fail(he.getMessage());
he.printStackTrace();
}
}
if (serverTrustAll) {
assertEquals(200, rc);
assertEquals("OK-" + TesterSupport.ROLE, res.toString());
} else {
assertTrue(rc != 200);
assertEquals("", res.toString());
}
}
