You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by am...@apache.org on 2005/07/25 06:58:53 UTC
svn commit: r224689 - in
/geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo:
SecureConnector.java WebConnector.java WebContainer.java
Author: ammulder
Date: Sun Jul 24 21:58:50 2005
New Revision: 224689
URL: http://svn.apache.org/viewcvs?rev=224689&view=rev
Log:
First stab at interfaces used to managed web containers and connectors.
Added:
geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java (with props)
geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java (with props)
geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java (with props)
Added: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java?rev=224689&view=auto
==============================================================================
--- geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java (added)
+++ geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java Sun Jul 24 21:58:50 2005
@@ -0,0 +1,124 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.j2ee.management.geronimo;
+
+/**
+ * Common configuration settings for connectors that use SSL/TLS to conduct
+ * secure communications with clients.
+ *
+ * http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html
+ * http://mortbay.org/javadoc/org/mortbay/http/SslListener.html
+ *
+ * @version $Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14 Sep 2004) $
+ */
+public interface SecureConnector extends WebConnector {
+ public final static String KEYSTORE_TYPE_JKS = "JKS";
+ public final static String KEYSTORE_TYPE_PKCS12 = "PKCS12";
+ public final static String ALGORITHM_TYPE_SUN = "SunX509";
+ public final static String ALGORITHM_TYPE_IBM = "IbmX509";
+ public final static String PROTOCOL_TYPE_TLS = "TLS";
+ public final static String PROTOCOL_TYPE_SSL = "SSL";
+
+ /**
+ * Gets the name of the keystore file that holds the server certificate
+ * (and by default, the trusted CA certificates used for client certificate
+ * authentication). This is relative to the Geronimo home directory.
+ */
+ public String getKeystoreFileName();
+ /**
+ * Sets the name of the keystore file that holds the server certificate
+ * (and by default, the trusted CA certificates used for client certificate
+ * authentication). This is relative to the Geronimo home directory.
+ */
+ public void setKeystoreFileName(String name);
+ /**
+ * Gets the password used to access the keystore, and by default, used to
+ * access the server private key inside the keystore.
+ */
+ public String getKeystorePassword();
+ /**
+ * Sets the password used to access the keystore, and by default, used to
+ * access the server private key inside the keystore. Not all connectors
+ * support configuring different passwords for those two features; if so,
+ * a separate PrivateKeyPassword should be defined in an
+ * implementation-specific connector interface.
+ */
+ public void setKeystorePassword(String password);
+ /**
+ * Gets the format of the entries in the keystore. The default format for
+ * Java keystores is JKS, though some connector implementations support
+ * PCKS12 (and possibly other formats).
+ */
+ public String getKeystoreType();
+ /**
+ * Sets the format of the entries in the keystore. The default format for
+ * Java keystores is JKS, though some connector implementations support
+ * PCKS12 (and possibly other formats).
+ */
+ public void setKeystoreType(String type);
+ /**
+ * Gets the certificate algorithm used to access the keystore. This may
+ * be different for different JVM vendors, but should not usually be
+ * changed otherwise.
+ */
+ public String getAlgorithm();
+ /**
+ * Sets the certificate algorithm used to access the keystore. This may
+ * be different for different JVM vendors, but should not usually be
+ * changed otherwise.
+ */
+ public void setAlgorithm(String algorithm);
+ /**
+ * Gets the protocol used for secure communication. This should usually
+ * be TLS, though some JVM implementations (particularly some of IBM's)
+ * may not be compatible with popular browsers unless this is changed to
+ * SSL.
+ */
+ public String getProtocol();
+ /**
+ * Gets the protocol used for secure communication. This should usually
+ * be TLS, though some JVM implementations (particularly some of IBM's)
+ * may not be compatible with popular browsers unless this is changed to
+ * SSL. Don't change it if you're not having problems.
+ */
+ public void setProtocol(String protocol);
+ /**
+ * Checks whether clients are required to authenticate using client
+ * certificates in order to connect using this connector. If enabled,
+ * client certificates are validated using the trust store, which defaults
+ * to the same keystore file, keystore type, and keystore password as the
+ * regular keystore. Some connector implementations may allow you to
+ * configure those 3 values separately to use a different trust store.
+ *
+ * todo: confirm that Jetty defaults to keystore not JVM default trust store
+ */
+ public boolean isClientAuthRequired();
+ /**
+ * Checks whether clients are required to authenticate using client
+ * certificates in order to connect using this connector. If enabled,
+ * client certificates are validated using the trust store, which defaults
+ * to the same keystore file, keystore type, and keystore password as the
+ * regular keystore. Some connector implementations may allow you to
+ * configure those 3 values separately to use a different trust store.
+ *
+ * todo: confirm that Jetty defaults to keystore not JVM default trust store
+ */
+ public void setClientAuthRequired(boolean clientCert);
+
+ // Jetty: key password, integral/confidential separation
+ // Tomcat: trust keystore, trust password, trust keystore type, ciphers
+}
Propchange: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/SecureConnector.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java?rev=224689&view=auto
==============================================================================
--- geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java (added)
+++ geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java Sun Jul 24 21:58:50 2005
@@ -0,0 +1,129 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.j2ee.management.geronimo;
+
+import java.net.InetSocketAddress;
+
+/**
+ * The common configuration settings for a web container network connector --
+ * that is, the protocol and network settings used to connect to the web
+ * container (with a variety of tuning arguments as well).
+ *
+ * http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
+ * http://mortbay.org/javadoc/org/mortbay/http/SocketListener.html
+ *
+ * @version $Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14 Sep 2004) $
+ */
+public interface WebConnector {
+ /**
+ * Gets the network port that this connector listens on.
+ */
+ public int getPort();
+ /**
+ * Sets the network port that this connector listens on.
+ */
+ public void setPort(int port);
+ /**
+ * Gets the hostname/IP that this connector listens on.
+ */
+ public String getHost();
+ /**
+ * Sets the hostname/IP that this connector listens on. This is typically
+ * most useful for machines with multiple network cards, but can be used
+ * to limit a connector to only listen for connections from the local
+ * machine (127.0.0.1). To listen on all available network interfaces,
+ * specify an address of 0.0.0.0.
+ */
+ public void setHost(String host);
+ /**
+ * Every connector must specify a property of type InetSocketAddress
+ * because we use that to identify the network services to print a list
+ * during startup. However, this can be read-only since the host and port
+ * are set separately using setHost and setPort.
+ */
+ public InetSocketAddress getListenAddress();
+
+ /**
+ * Gets the size of the buffer used to handle network data for this
+ * connector.
+ */
+ public int getBufferSizeBytes();
+ /**
+ * Gets the size of the buffer used to handle network data for this
+ * connector.
+ */
+ public void setBufferSizeBytes(int bytes);
+ /**
+ * Gets the maximum number of threads used to service connections from
+ * this connector.
+ */
+ public int getMaxThreads();
+ /**
+ * Sets the maximum number of threads used to service connections from
+ * this connector.
+ */
+ public void setMaxThreads(int threads);
+ /**
+ * Gets the maximum number of connections that may be queued while all
+ * threads are busy. Any requests received while the queue is full will
+ * be rejected.
+ */
+ public int getAcceptQueueSize();
+ /**
+ * Sets the maximum number of connections that may be queued while all
+ * threads are busy. Any requests received while the queue is full will
+ * be rejected.
+ */
+ public void setAcceptQueueSize(int size);
+ /**
+ * Gets the amount of time the socket used by this connector will linger
+ * after being closed. -1 indicates that socket linger is disabled.
+ */
+ public int getLingerMillis();
+ /**
+ * Sets the amount of time the socket used by this connector will linger
+ * after being closed. Use -1 to disable socket linger.
+ */
+ public void setLingerMillis(int millis);
+ /**
+ * Gets whether the TCP_NODELAY flag is set for the sockets used by this
+ * connector. This usually enhances performance, so it should typically
+ * be set.
+ */
+ public boolean isTcpNoDelay();
+ /**
+ * Sets whether the TCP_NODELAY flag is set for the sockets used by this
+ * connector. This usually enhances performance, so it should typically
+ * be set.
+ */
+ public void setTcpNoDelay(boolean enable);
+ /**
+ * Gets the network port to which traffic will be redirected if this
+ * connector handles insecure traffic and the request requires a secure
+ * connection. Needless to say, this should point to another connector
+ * configured for SSL.
+ */
+ public int getRedirectPort();
+ /**
+ * Gets the network port to which traffic will be redirected if this
+ * connector handles insecure traffic and the request requires a secure
+ * connection. Needless to say, this should point to another connector
+ * configured for SSL. If no SSL connector is available, any port can
+ * be used as they all fail equally well. :)
+ */
+ public void setRedirectPort(int port);
+}
Propchange: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebConnector.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java?rev=224689&view=auto
==============================================================================
--- geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java (added)
+++ geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java Sun Jul 24 21:58:50 2005
@@ -0,0 +1,49 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.j2ee.management.geronimo;
+
+/**
+ * The common configuration settings for a web container (currently, Tomcat or
+ * Jetty).
+ *
+ * @version $Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14 Sep 2004) $
+ */
+public interface WebContainer {
+ public final static String PROTOCOL_HTTP = "http";
+ public final static String PROTOCOL_HTTPS = "https";
+ public final static String PROTOCOL_AJP = "ajp";
+
+ /**
+ * Gets the protocols which this container can configure connectors for.
+ */
+ public String[] getSupportedProtocols();
+
+ /**
+ * Creates a new connector, and returns the ObjectName for it. Note that
+ * the connector may well require further customization before being fully
+ * functional (e.g. SSL settings for an HTTPS connector).
+ */
+ public String addConnector(String uniqueName, String protocol, String host, int port);
+
+ /**
+ * Gets the ObjectNames of any existing connectors for the specified
+ * protocol.
+ *
+ * @param protocol A protocol as returned by getSupportedProtocols
+ */
+ public String[] getConnectors(String protocol);
+}
Propchange: geronimo/trunk/modules/j2ee/src/java/org/apache/geronimo/j2ee/management/geronimo/WebContainer.java
------------------------------------------------------------------------------
svn:eol-style = native