Examples of org.glassfish.grizzly.ssl.SSLEngineConfigurator

• org.glassfish.grizzly.ssl.SSLEngineConfigurator
  Utility class, which helps to configure {@link SSLEngine}. @author Alexey Stashok

        try {
            webServer = GrizzlyHttpServerFactory.createHttpServer(
                    getBaseURI(),
                    rc,
                    true,
                    new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true)
            );

            // start Grizzly embedded server //
            System.out.println("Jersey app started. Try out " + BASE_URI + "\nHit CTRL + C to stop it...");
            webServer.start();

        FilterChain chain = listener.getFilterChain();
        if (chain == null) {
            final FilterChainBuilder builder = FilterChainBuilder.stateless();
            builder.add(new TransportFilter());
            if (listener.isSecure()) {
                SSLEngineConfigurator sslConfig = listener.getSslEngineConfig();
                if (sslConfig == null) {
                    sslConfig = new SSLEngineConfigurator(
                            SSLContextConfigurator.DEFAULT_CONFIG,
                            false,
                            false,
                            false);
                    listener.setSSLEngineConfig(sslConfig);

            NetworkListener listener = new NetworkListener("grizzly",
                getBaseURI().getHost(),
                getBaseURI().getPort());
            listener.setSecure(true);
            listener.setSSLEngineConfig(
                new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true));
            webServer.addListener(listener);

//            ServerConfiguration config = webServer.getServerConfiguration();
//            config.addHttpHandler(cxfAdapter, getBaseURI().getPath());

        listener.setSecure(true);

        if (networkListenerConfig.getSslEngine() == null) {
            // Use defaults
            listener.setSSLEngineConfig(new SSLEngineConfigurator(sslContext));
        } else {
            UrsusJerseyApplicationConfiguration.SSLEngine sslEngine =
                    networkListenerConfig.getSslEngine();

            SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext);

            sslEngineConfigurator.setEnabledCipherSuites(sslEngine.getEnabledCipherSuites());
            sslEngineConfigurator.setEnabledProtocols(sslEngine.getEnabledProtocols());
            sslEngineConfigurator.setCipherConfigured(sslEngine.isCipherConfigured());
            sslEngineConfigurator.setProtocolConfigured(sslEngine.isProtocolConfigured());
            sslEngineConfigurator.setClientMode(sslEngine.isClientMode());
            sslEngineConfigurator.setNeedClientAuth(sslEngine.isNeedClientAuth());
            sslEngineConfigurator.setWantClientAuth(sslEngine.isWantClientAuth());

            listener.setSSLEngineConfig(sslEngineConfigurator);
        }
    }

    }

    protected static Filter configureSsl(final ServiceLocator habitat,
                                       final Ssl ssl,
                                       final FilterChainBuilder filterChainBuilder) {
        final SSLEngineConfigurator serverConfig = new SSLConfigurator(habitat, ssl);
//        final SSLEngineConfigurator clientConfig = new SSLConfigurator(habitat, ssl);
//        clientConfig.setClientMode(true);
        final SSLBaseFilter sslFilter = new SSLBaseFilter(serverConfig,
         //                                             clientConfig,
                                                      isRenegotiateOnClientAuthWant(ssl));

        /* HTTPS listener */
        NetworkListener httpsListener = new NetworkListener("otp_secure", params.bindAddress, params.securePort);
        // Ideally we'd share the threads between HTTP and HTTPS.
        httpsListener.setSecure(true);
        httpsListener.setSSLEngineConfig(
                new SSLEngineConfigurator(sslConfig)
                        .setClientMode(false)
                        .setNeedClientAuth(false)
        );

        // For both HTTP and HTTPS listeners: enable gzip compression, set thread pool, add listener to httpServer.

        FilterChain chain = listener.getFilterChain();
        if (chain == null) {
            final FilterChainBuilder builder = FilterChainBuilder.stateless();
            builder.add(new TransportFilter());
            if (listener.isSecure()) {
                SSLEngineConfigurator sslConfig = listener.getSslEngineConfig();
                if (sslConfig == null) {
                    sslConfig = new SSLEngineConfigurator(
                            SSLContextConfigurator.DEFAULT_CONFIG,
                            false,
                            false,
                            false);
                    listener.setSSLEngineConfig(sslConfig);

                        ClientEngine engine,
                        Map<String, Object> properties) {
        this.uri = uri;
        this.timeoutMs = timeoutMs;

        SSLEngineConfigurator sslEngineConfigurator = (properties == null ? null : (SSLEngineConfigurator) properties.get(GrizzlyClientContainer.SSL_ENGINE_CONFIGURATOR));
        // if we are trying to access "wss" scheme and we don't have sslEngineConfigurator instance
        // we should try to create ssl connection using JVM properties.
        if (uri.getScheme().equalsIgnoreCase("wss") && sslEngineConfigurator == null) {
            SSLContextConfigurator defaultConfig = new SSLContextConfigurator();
            defaultConfig.retrieve(System.getProperties());
            sslEngineConfigurator = new SSLEngineConfigurator(defaultConfig, true, false, false);
        }

        try {
            this.clientSSLEngineConfigurator = sslEngineConfigurator;
            this.workerThreadPoolConfig = Utils.getProperty(properties, GrizzlyClientSocket.WORKER_THREAD_POOL_CONFIG, ThreadPoolConfig.class);

        listener.setSecure(true);

        if (networkListenerConfig.getSslEngine() == null) {
            // Use defaults
            listener.setSSLEngineConfig(new SSLEngineConfigurator(sslContext));
        } else {
            UrsusApplicationConfiguration.SSLEngine sslEngine =
                    networkListenerConfig.getSslEngine();

            SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext);

            sslEngineConfigurator.setEnabledCipherSuites(sslEngine.getEnabledCipherSuites());
            sslEngineConfigurator.setEnabledProtocols(sslEngine.getEnabledProtocols());
            sslEngineConfigurator.setCipherConfigured(sslEngine.isCipherConfigured());
            sslEngineConfigurator.setProtocolConfigured(sslEngine.isProtocolConfigured());
            sslEngineConfigurator.setClientMode(sslEngine.isClientMode());
            sslEngineConfigurator.setNeedClientAuth(sslEngine.isNeedClientAuth());
            sslEngineConfigurator.setWantClientAuth(sslEngine.isWantClientAuth());

            listener.setSSLEngineConfig(sslEngineConfigurator);
        }
    }

        if (keystoreUrl != null) {
            sslContextConfigurator.setKeyStoreFile(keystoreUrl.getFile());
            sslContextConfigurator.setKeyStorePass("changeit");
        }

        return new SSLEngineConfigurator(sslContextConfigurator.createSSLContext(), false, false, false);
    }