Package org.eclipse.jetty.util.ssl

Examples of org.eclipse.jetty.util.ssl.SslContextFactory

152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
      SelectChannelConnector connector = new SelectChannelConnector();
      connector.setHost(address.getCanonicalHostName());
      connector.setPort(port);

      if (configuration.getBoolean(Constants.Security.SSL_ENABLED, false)) {
        SslContextFactory sslContextFactory = new SslContextFactory();
        String keyStorePath = sConfiguration.get(Constants.Security.AuthenticationServer.SSL_KEYSTORE_PATH);
        String keyStorePassword = sConfiguration.get(Constants.Security.AuthenticationServer.SSL_KEYSTORE_PASSWORD);
        String keyStoreType = sConfiguration.get(Constants.Security.AuthenticationServer.SSL_KEYSTORE_TYPE,
                                                 Constants.Security.AuthenticationServer.DEFAULT_SSL_KEYSTORE_TYPE);
        String keyPassword = sConfiguration.get(Constants.Security.AuthenticationServer.SSL_KEYPASSWORD);

        Preconditions.checkArgument(keyStorePath != null, "Key Store Path Not Configured");
        Preconditions.checkArgument(keyStorePassword != null, "KeyStore Password Not Configured");

        sslContextFactory.setKeyStorePath(keyStorePath);
        sslContextFactory.setKeyStorePassword(keyStorePassword);
        sslContextFactory.setKeyStoreType(keyStoreType);
        if (keyPassword != null && keyPassword.length() != 0) {
          sslContextFactory.setKeyManagerPassword(keyPassword);
        }
        // TODO Figure out how to pick a certificate from key store

        SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
        int sslPort = configuration.getInt(Constants.Security.AuthenticationServer.SSL_PORT);
View Full Code Here
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
      checkArgument(this.sslKeyStorePath != null,
          "https configuration missing SSL key store path");
      checkArgument(this.sslKeyStorePassword != null,
          "https configuration missing SSL key store password");

      SslContextFactory sslContextFactory = new SslContextFactory();
      sslContextFactory.setKeyStoreType(this.sslKeyStoreType.name());
      sslContextFactory.setKeyStorePath(this.sslKeyStorePath);
      sslContextFactory.setKeyStorePassword(this.sslKeyStorePassword);
      if (this.sslKeyPassword != null) {
        sslContextFactory.setKeyManagerPassword(this.sslKeyPassword);
      } else {
        sslContextFactory
            .setKeyManagerPassword(this.sslKeyStorePassword);
      }

      if (this.sslTrustStorePath != null) {
        checkArgument(this.sslTrustStoreType != null,
            "missing trust store type for trust store");
        checkArgument(this.sslTrustStorePassword != null,
            "missing password for trust store");

        sslContextFactory.setTrustStoreType(this.sslTrustStoreType
            .name());
        sslContextFactory.setTrustStorePath(this.sslTrustStorePath);
        sslContextFactory
            .setTrustStorePassword(this.sslTrustStorePassword);
      }
      if (this.sslRequireClientCert) {
        checkArgument(this.sslTrustStorePath != null,
            "Client certificate authentication specified without "
                + "specifying a trust store");
        checkArgument(this.sslTrustStorePassword != null,
            "Client certificate authentication specified without "
                + "specifying a trust store password");
      }
      // if true: requires client to authenticate with certificate
      sslContextFactory.setNeedClientAuth(this.sslRequireClientCert);
      // if true: authenticates client certificate if provided
      sslContextFactory.setWantClientAuth(false);

      // HTTPS config
      HttpConfiguration httpsConfig = new HttpConfiguration();
      httpsConfig.addCustomizer(new SecureRequestCustomizer());
      httpsConfig.setOutputBufferSize(32768);
View Full Code Here
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
    // This means we will use the same truststore, keystore (and keys) for
    // the server as well as any client actions taken by this JVM in
    // talking to that server, but for the purposes of testing that should
    // be good enough
    final boolean useSsl = Boolean.getBoolean("tests.jettySsl");
    final SslContextFactory sslcontext = new SslContextFactory(false);
   
    if (useSsl) {
      if (null != System.getProperty("javax.net.ssl.keyStore")) {
        sslcontext.setKeyStorePath
        (System.getProperty("javax.net.ssl.keyStore"));
      }
      if (null != System.getProperty("javax.net.ssl.keyStorePassword")) {
        sslcontext.setKeyStorePassword
        (System.getProperty("javax.net.ssl.keyStorePassword"));
      }
      if (null != System.getProperty("javax.net.ssl.trustStore")) {
        sslcontext.setTrustStore
        (System.getProperty("javax.net.ssl.trustStore"));
      }
      if (null != System.getProperty("javax.net.ssl.trustStorePassword")) {
        sslcontext.setTrustStorePassword
        (System.getProperty("javax.net.ssl.trustStorePassword"));
      }
      sslcontext.setNeedClientAuth(Boolean.getBoolean("tests.jettySsl.clientAuth"));
    }
   
    final Connector connector;
    final QueuedThreadPool threadPool;
    if ("SelectChannel".equals(connectorName)) {
View Full Code Here
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
        }

        SSLContext sslContext = context == null ? null : context.getSSLContext();

        // Get a reference to the current ssl context factory...
        SslContextFactory factory = sslConnector.getSslContextFactory();

        if (context != null) {

            // Should not be using this method since it does not use all of the values
            // from the passed SslContext instance.....
            factory.setSslContext(sslContext);

        } else {

            if (keyStore != null) {
                factory.setKeyStorePath(keyStore);
            }
            if (keyStorePassword != null) {
                factory.setKeyStorePassword(keyStorePassword);
            }
            // if the keyPassword hasn't been set, default it to the
            // key store password
            if (keyPassword == null && keyStorePassword != null) {
                factory.setKeyStorePassword(keyStorePassword);
            }
            if (keyStoreType != null) {
                factory.setKeyStoreType(keyStoreType);
            }
            if (secureRandomCertficateAlgorithm != null) {
                factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
            }
            if (keyCertificateAlgorithm != null) {
                factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
            }
            if (trustCertificateAlgorithm != null) {
                factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
            }
            if (protocol != null) {
                factory.setProtocol(protocol);
            }
        }

        return sslConnector;
    }
View Full Code Here
23
24
25
26
27
28
29
30
31
32
33
34
35
public class WSSTransportTest extends WSTransportTest {
    @Override
    protected Connector createJettyConnector() {
        SslSocketConnector sslConnector = new SslSocketConnector();
        SslContextFactory contextFactory = sslConnector.getSslContextFactory();
        contextFactory.setKeyStorePath("src/test/resources/server.keystore");
        contextFactory.setKeyStorePassword("password");
        contextFactory.setTrustStore("src/test/resources/client.keystore");
        contextFactory.setTrustStorePassword("password");
        sslConnector.setPort(8080);
        return sslConnector;
    }
View Full Code Here
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
      sslConnectorTwoWay.setTruststoreType("PKCS12");
      sslConnectorTwoWay.setNeedClientAuth(configs.getTwoWaySsl());

      //Secured connector for 1-way auth
      //SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector();
      SslContextFactory contextFactory = new SslContextFactory(true);
      //sslConnectorOneWay.setPort(AGENT_ONE_WAY_AUTH);
      contextFactory.setKeyStorePath(keystore);
      // sslConnectorOneWay.setKeystore(keystore);
      contextFactory.setTrustStore(keystore);
      // sslConnectorOneWay.setTruststore(keystore);
      contextFactory.setKeyStorePassword(srvrCrtPass);
      // sslConnectorOneWay.setPassword(srvrCrtPass);

      contextFactory.setKeyManagerPassword(srvrCrtPass);

      // sslConnectorOneWay.setKeyPassword(srvrCrtPass);

      contextFactory.setTrustStorePassword(srvrCrtPass);
      //sslConnectorOneWay.setTrustPassword(srvrCrtPass);

      contextFactory.setKeyStoreType("PKCS12");
      //sslConnectorOneWay.setKeystoreType("PKCS12");
      contextFactory.setTrustStoreType("PKCS12");

      //sslConnectorOneWay.setTruststoreType("PKCS12");
      contextFactory.setNeedClientAuth(false);
      // sslConnectorOneWay.setWantClientAuth(false);
      // sslConnectorOneWay.setNeedClientAuth(false);
      SslSelectChannelConnector sslConnectorOneWay = new SslSelectChannelConnector(contextFactory);
      sslConnectorOneWay.setPort(AGENT_ONE_WAY_AUTH);
      sslConnectorOneWay.setAcceptors(2);
View Full Code Here
239
240
241
242
243
244
245
246
247
248
249
250
251
                    throw new IllegalConfigurationException("Key store is not configured. Cannot start management on HTTPS port without keystore");
                }
                String keyStorePath = (String)keyStore.getAttribute(KeyStore.PATH);
                String keyStorePassword = keyStore.getPassword();

                SslContextFactory factory = new SslContextFactory();
                factory.setKeyStorePath(keyStorePath);
                factory.setKeyStorePassword(keyStorePassword);

                connector = new SslSocketConnector(factory);
            }
            else
            {
View Full Code Here
331
332
333
334
335
336
337
338
339
340
341
342
343
        for (Connector connector : connectors)
        {
            CurrentActor.get().message(ManagementConsoleMessages.LISTENING(stringifyConnectorScheme(connector), connector.getPort()));
            if (connector instanceof SslSocketConnector)
            {
                SslContextFactory sslContextFactory = ((SslSocketConnector)connector).getSslContextFactory();
                if (sslContextFactory != null && sslContextFactory.getKeyStorePath() != null)
                {
                    CurrentActor.get().message(ManagementConsoleMessages.SSL_KEYSTORE(sslContextFactory.getKeyStorePath()));
                }
            }
        }
    }
View Full Code Here
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
      throw new ServiceLifecycleException("Public certificate for the gateway is not of the expected type of X509Certificate. Something is wrong with the gateway keystore.");
    }
  }
 
  public Object buildSSlConnector( String keystoreFileName ) {
    SslContextFactory sslContextFactory = new SslContextFactory( true );
    sslContextFactory.setCertAlias( "gateway-identity" );
//    String keystorePath = gatewayHomeDir + File.separatorChar +  "conf" + File.separatorChar +  "security" + File.separatorChar + "keystores" + File.separatorChar + "gateway.jks";
    sslContextFactory.setKeyStoreType("JKS");
    sslContextFactory.setKeyStorePath(keystoreFileName);
    char[] master = ms.getMasterSecret();
    sslContextFactory.setKeyStorePassword(new String(master));
    char[] keypass = as.getPasswordFromAliasForCluster(GATEWAY_CREDENTIAL_STORE_NAME, GATEWAY_IDENTITY_PASSPHRASE);
    if (keypass == null) {
      // there has been no alias created for the key - let's assume it is the same as the keystore password
      keypass = master;
    }
    sslContextFactory.setKeyManagerPassword(new String(keypass));

    // TODO: make specific truststore too?
//    sslContextFactory.setTrustStore(keystorePath);
//    sslContextFactory.setTrustStorePassword(new String(keypass));
    sslContextFactory.setNeedClientAuth( false );
    sslContextFactory.setTrustAll( true );
    SslConnector sslConnector = new SslSelectChannelConnector( sslContextFactory );

    return sslConnector;
 
View Full Code Here
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
    }

    private HttpClient createHttpClient(HttpClientConfig config, Exception created)
    {
        created.fillInStackTrace();
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setEndpointIdentificationAlgorithm("HTTPS");
        if (config.getKeyStorePath() != null) {
            sslContextFactory.setKeyStorePath(config.getKeyStorePath());
            sslContextFactory.setKeyStorePassword(config.getKeyStorePassword());
        }

        HttpClient httpClient = new HttpClient(sslContextFactory);
        httpClient.setMaxConnectionsPerDestination(config.getMaxConnectionsPerServer());
View Full Code Here
TOP

Related Classes of org.eclipse.jetty.util.ssl.SslContextFactory

  • $.Start
  • by.stub.server.JettyFactory
  • com.betfair.cougar.client.AsyncHttpExecutable
  • com.betfair.cougar.transport.jetty.JettyServerWrapper
  • com.blacklocus.webapp.RunServer
  • com.cisco.oss.foundation.http.jetty.JettyHttpClient
  • com.dtolabs.rundeck.RunServer
  • com.facebook.presto.jdbc.internal.airlift.http.client.jetty.JettyHttpClient
  • com.foundationdb.http.HttpConductorImpl
  • com.mycompany.Start
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.