You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by cr...@locus.apache.org on 2000/09/09 00:29:36 UTC
cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup Catalina.java
craigmcc 00/09/08 15:29:36
Modified: catalina/src/conf server.xml
catalina/src/share/org/apache/catalina Connector.java
catalina/src/share/org/apache/catalina/connector/http
HttpConnector.java
catalina/src/share/org/apache/catalina/connector/test
HttpConnector.java
catalina/src/share/org/apache/catalina/net
DefaultServerSocketFactory.java
ServerSocketFactory.java
catalina/src/share/org/apache/catalina/startup Catalina.java
Added: catalina/src/share/org/apache/catalina/net
SSLServerSocketFactory.java
Removed: catalina/src/share/org/apache/catalina/net
SSLSocketFactory.java
Log:
Make configuration of the server socket factory consistent with all the
other component configuration that is done in server.xml, by defining a
new "Server/Connector/Factory" parsing rule. The default server socket
factory returns unadorned java.net.ServerSocket sockets, while the SSL
server socket factory can be configured via XML attributes in the usual
way.
Revision Changes Path
1.5 +8 -6 jakarta-tomcat-4.0/catalina/src/conf/server.xml
Index: server.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/conf/server.xml,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- server.xml 2000/09/08 18:28:56 1.4
+++ server.xml 2000/09/08 22:29:33 1.5
@@ -23,20 +23,22 @@
in the appropriate place in this file.
3. Do: keytool -genkey -alias tomcat -keyalg RSA
RSA is essential to work with Netscape and IIS.
- Use "changeit" as password. ( or add keypass attribute )
+ Use "changeit" as password, or include a "keystorePass"
+ attribute in the <Factory> element. See class
+ org.apache.catalina.net.SSLServerSocketFactory Javadocs
+ for other options you can set here.
You don't need to sign the certificate.
4. Adjust the port number and other parameters as needed.
On Unix, you will not be able to listen on port 443 unless
you run as root.
-
- You can set parameter keystore and keypass if you want
- to change the default ( user.home/.keystore with changeit )
-->
<!--
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="8443" minProcessors="5" maxProcessors="75"
- acceptCount="10" debug="0" scheme="https" secure="true"
- socketFactory="org.apache.catalina.net.SSLSocketFactory" />
+ acceptCount="10" debug="0" scheme="https" secure="true">
+ <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
+ clientAuth="false" protocol="TLS"/>
+ </Connector>
-->
<!--
1.2 +21 -4 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Connector.java
Index: Connector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Connector.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Connector.java 2000/08/11 05:24:03 1.1
+++ Connector.java 2000/09/08 22:29:34 1.2
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Connector.java,v 1.1 2000/08/11 05:24:03 craigmcc Exp $
- * $Revision: 1.1 $
- * $Date: 2000/08/11 05:24:03 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/Connector.java,v 1.2 2000/09/08 22:29:34 craigmcc Exp $
+ * $Revision: 1.2 $
+ * $Date: 2000/09/08 22:29:34 $
*
* ====================================================================
*
@@ -65,6 +65,9 @@
package org.apache.catalina;
+import org.apache.catalina.net.ServerSocketFactory;
+
+
/**
* A <b>Connector</b> is a component responsible receiving requests from,
* and returning responses to, a client application. A Connector performs
@@ -114,7 +117,7 @@
* normative.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.1 $ $Date: 2000/08/11 05:24:03 $
+ * @version $Revision: 1.2 $ $Date: 2000/09/08 22:29:34 $
*/
public interface Connector {
@@ -137,6 +140,20 @@
* @param container The new Container to use
*/
public void setContainer(Container container);
+
+
+ /**
+ * Return the server socket factory used by this Container.
+ */
+ public ServerSocketFactory getFactory();
+
+
+ /**
+ * Set the server socket factory used by this Container.
+ *
+ * @param factory The new server socket factory
+ */
+ public void setFactory(ServerSocketFactory factory);
/**
1.3 +44 -93 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java
Index: HttpConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- HttpConnector.java 2000/08/21 16:08:52 1.2
+++ HttpConnector.java 2000/09/08 22:29:34 1.3
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v 1.2 2000/08/21 16:08:52 craigmcc Exp $
- * $Revision: 1.2 $
- * $Date: 2000/08/21 16:08:52 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/http/HttpConnector.java,v 1.3 2000/09/08 22:29:34 craigmcc Exp $
+ * $Revision: 1.3 $
+ * $Date: 2000/09/08 22:29:34 $
*
* ====================================================================
*
@@ -71,7 +71,6 @@
import java.net.Socket;
import java.util.Stack;
import java.util.Vector;
-import java.util.Hashtable;
import java.util.Enumeration;
import org.apache.catalina.Connector;
import org.apache.catalina.Container;
@@ -84,9 +83,10 @@
import org.apache.catalina.Logger;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
+import org.apache.catalina.net.DefaultServerSocketFactory;
+import org.apache.catalina.net.ServerSocketFactory;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.util.StringManager;
-import org.apache.catalina.net.ServerSocketFactory;
/**
@@ -94,7 +94,7 @@
*
* @author Craig R. McClanahan
* @author Remy Maucherat
- * @version $Revision: 1.2 $ $Date: 2000/08/21 16:08:52 $
+ * @version $Revision: 1.3 $ $Date: 2000/09/08 22:29:34 $
*/
@@ -106,18 +106,6 @@
/**
- * Server socket factory class name.
- */
- private String socketFactoryClassName;
-
-
- /**
- * Server socket factory parameter.
- */
- private Hashtable parameters = new Hashtable();
-
-
- /**
* The accept count for this Connector.
*/
private int acceptCount = 10;
@@ -161,6 +149,12 @@
/**
+ * The server socket factory for this component.
+ */
+ private ServerSocketFactory factory = null;
+
+
+ /**
* Descriptive information about this Connector implementation.
*/
private static final String info =
@@ -391,6 +385,33 @@
/**
+ * Return the server socket factory used by this Container.
+ */
+ public ServerSocketFactory getFactory() {
+
+ if (this.factory == null) {
+ synchronized (this) {
+ this.factory = new DefaultServerSocketFactory();
+ }
+ }
+ return (this.factory);
+
+ }
+
+
+ /**
+ * Set the server socket factory used by this Container.
+ *
+ * @param factory The new server socket factory
+ */
+ public void setFactory(ServerSocketFactory factory) {
+
+ this.factory = factory;
+
+ }
+
+
+ /**
* Return descriptive information about this Connector implementation.
*/
public String getInfo() {
@@ -467,19 +488,6 @@
/**
- * Set a server factory parameter.
- *
- * @param name Name of the parameter
- * @param value Value of the parameter
- */
- public void setParameter(String name, String value) {
-
- parameters.put(name, value);
-
- }
-
-
- /**
* Return the scheme that will be assigned to requests received
* through this connector. Default value is "http".
*/
@@ -527,26 +535,6 @@
}
- /**
- * Return the server socket factory class name.
- */
- public String getSocketFactory() {
-
- return (this.socketFactoryClassName);
-
- }
-
-
- /**
- * Set the server socket factory class name.
- */
- public void setSocketFactory(String className) {
-
- socketFactoryClassName = className;
-
- }
-
-
// --------------------------------------------------------- Public Methods
@@ -679,39 +667,13 @@
*/
private ServerSocket open() throws IOException {
- // First, load the server socket factory
- Class socketFactoryClass = null;
- ServerSocketFactory socketFactory = null;
-
- if (socketFactoryClassName == null) {
- socketFactory = ServerSocketFactory.getDefault();
- } else {
- try {
- socketFactoryClass = Class.forName(socketFactoryClassName);
- socketFactory =
- (ServerSocketFactory) socketFactoryClass.newInstance();
- // Set the factory attributes
- Enumeration parametersNames = parameters.keys();
- while (parametersNames.hasMoreElements()) {
- String key = (String) parametersNames.nextElement();
- Object value = parameters.get(key);
- socketFactory.setAttribute(key, value);
- }
- } catch (Exception e) {
- log(sm.getString("httpConnector.failedSocketFactoryLoading"));
- return new ServerSocket(port, acceptCount);
- }
- }
+ // Acquire the server socket factory for this Connector
+ ServerSocketFactory factory = getFactory();
// If no address is specified, open a connection on all addresses
if (address == null) {
log(sm.getString("httpConnector.allAddresses"));
- try {
- return socketFactory.createSocket(port, acceptCount);
- } catch(InstantiationException e) {
- log(sm.getString("httpConnector.failedToCreateSocket"));
- return new ServerSocket(port, acceptCount);
- }
+ return (factory.createSocket(port, acceptCount));
}
// Open a server socket on the specified address
@@ -724,21 +686,10 @@
}
if (i < addresses.length) {
log(sm.getString("httpConnector.anAddress", address));
- try {
- return socketFactory.createSocket(port, acceptCount,
- addresses[i]);
- } catch(InstantiationException e) {
- log(sm.getString("httpConnector.failedToCreateSocket"));
- return new ServerSocket(port, acceptCount, addresses[i]);
- }
+ return (factory.createSocket(port, acceptCount, addresses[i]));
} else {
log(sm.getString("httpConnector.noAddress", address));
- try {
- return socketFactory.createSocket(port, acceptCount);
- } catch (InstantiationException e) {
- log(sm.getString("httpConnector.failedToCreateSocket"));
- return new ServerSocket(port, acceptCount);
- }
+ return (factory.createSocket(port, acceptCount));
}
}
1.3 +45 -7 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/test/HttpConnector.java
Index: HttpConnector.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/test/HttpConnector.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- HttpConnector.java 2000/08/21 16:09:44 1.2
+++ HttpConnector.java 2000/09/08 22:29:35 1.3
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/test/HttpConnector.java,v 1.2 2000/08/21 16:09:44 craigmcc Exp $
- * $Revision: 1.2 $
- * $Date: 2000/08/21 16:09:44 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/connector/test/HttpConnector.java,v 1.3 2000/09/08 22:29:35 craigmcc Exp $
+ * $Revision: 1.3 $
+ * $Date: 2000/09/08 22:29:35 $
*
* ====================================================================
*
@@ -82,6 +82,8 @@
import org.apache.catalina.Logger;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
+import org.apache.catalina.net.DefaultServerSocketFactory;
+import org.apache.catalina.net.ServerSocketFactory;
import org.apache.catalina.util.LifecycleSupport;
import org.apache.catalina.util.StringManager;
@@ -91,7 +93,7 @@
* purposes. Not intended to be the final solution.
*
* @author Craig R. McClanahan
- * @version $Revision: 1.2 $ $Date: 2000/08/21 16:09:44 $
+ * @version $Revision: 1.3 $ $Date: 2000/09/08 22:29:35 $
*/
@@ -146,6 +148,12 @@
/**
+ * The server socket factory for this component.
+ */
+ private ServerSocketFactory factory = null;
+
+
+ /**
* Descriptive information about this Connector implementation.
*/
private static final String info =
@@ -376,6 +384,33 @@
/**
+ * Return the server socket factory used by this Container.
+ */
+ public ServerSocketFactory getFactory() {
+
+ if (this.factory == null) {
+ synchronized (this) {
+ this.factory = new DefaultServerSocketFactory();
+ }
+ }
+ return (this.factory);
+
+ }
+
+
+ /**
+ * Set the server socket factory used by this Container.
+ *
+ * @param factory The new server socket factory
+ */
+ public void setFactory(ServerSocketFactory factory) {
+
+ this.factory = factory;
+
+ }
+
+
+ /**
* Return descriptive information about this Connector implementation.
*/
public String getInfo() {
@@ -631,10 +666,13 @@
*/
private ServerSocket open() throws IOException {
+ // Acquire the server socket factory for this Connector
+ ServerSocketFactory factory = getFactory();
+
// If no address is specified, open a connection on all addresses
if (address == null) {
log(sm.getString("httpConnector.allAddresses"));
- return new ServerSocket(port, acceptCount);
+ return (factory.createSocket(port, acceptCount));
}
// Open a server socket on the specified address
@@ -647,10 +685,10 @@
}
if (i < addresses.length) {
log(sm.getString("httpConnector.anAddress", address));
- return new ServerSocket(port, acceptCount, addresses[i]);
+ return (factory.createSocket(port, acceptCount, addresses[i]));
} else {
log(sm.getString("httpConnector.noAddress", address));
- return new ServerSocket(port, acceptCount);
+ return (factory.createSocket(port, acceptCount));
}
}
1.2 +63 -24 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java
Index: DefaultServerSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- DefaultServerSocketFactory.java 2000/08/11 22:44:39 1.1
+++ DefaultServerSocketFactory.java 2000/09/08 22:29:35 1.2
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v 1.1 2000/08/11 22:44:39 craigmcc Exp $
- * $Revision: 1.1 $
- * $Date: 2000/08/11 22:44:39 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/DefaultServerSocketFactory.java,v 1.2 2000/09/08 22:29:35 craigmcc Exp $
+ * $Revision: 1.2 $
+ * $Date: 2000/09/08 22:29:35 $
*
* ====================================================================
*
@@ -64,42 +64,81 @@
package org.apache.catalina.net;
-import java.io.*;
-import java.net.*;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+
+
/**
- * Default server socket factory. Doesn't do much except give us
- * plain ol' server sockets.
+ * Default server socket factory, which returns unadorned server sockts.
*
* @author db@eng.sun.com
* @author Harish Prabandham
+ * @author Craig R. McClanahan
*/
-// Default implementation of server sockets.
+public final class DefaultServerSocketFactory implements ServerSocketFactory {
-//
-// WARNING: Some of the APIs in this class are used by J2EE.
-// Please talk to harishp@eng.sun.com before making any changes.
-//
-class DefaultServerSocketFactory extends ServerSocketFactory {
- DefaultServerSocketFactory () {
- /* NOTHING */
- }
+ // --------------------------------------------------------- Public Methods
+
- public ServerSocket createSocket (int port)
- throws IOException {
- return new ServerSocket (port);
+ /**
+ * Returns a server socket which uses all network interfaces on
+ * the host, and is bound to a the specified port. The socket is
+ * configured with the socket options (such as accept timeout)
+ * given to this factory.
+ *
+ * @param port the port to listen to
+ *
+ * @exception IOException for networking errors
+ */
+ public ServerSocket createSocket (int port) throws IOException {
+
+ return (new ServerSocket(port));
+
}
+
+ /**
+ * Returns a server socket which uses all network interfaces on
+ * the host, is bound to a the specified port, and uses the
+ * specified connection backlog. The socket is configured with
+ * the socket options (such as accept timeout) given to this factory.
+ *
+ * @param port the port to listen to
+ * @param backlog how many connections are queued
+ *
+ * @exception IOException for networking errors
+ */
public ServerSocket createSocket (int port, int backlog)
- throws IOException {
- return new ServerSocket (port, backlog);
+ throws IOException {
+
+ return (new ServerSocket(port, backlog));
+
}
+
+ /**
+ * Returns a server socket which uses only the specified network
+ * interface on the local host, is bound to a the specified port,
+ * and uses the specified connection backlog. The socket is configured
+ * with the socket options (such as accept timeout) given to this factory.
+ *
+ * @param port the port to listen to
+ * @param backlog how many connections are queued
+ * @param ifAddress the network interface address to use
+ *
+ * @exception IOException for networking errors
+ */
public ServerSocket createSocket (int port, int backlog,
- InetAddress ifAddress)
- throws IOException {
- return new ServerSocket (port, backlog, ifAddress);
+ InetAddress ifAddress)
+ throws IOException {
+
+ return (new ServerSocket(port, backlog, ifAddress));
+
}
+
+
}
1.2 +22 -90 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/ServerSocketFactory.java
Index: ServerSocketFactory.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/ServerSocketFactory.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ServerSocketFactory.java 2000/08/11 22:44:39 1.1
+++ ServerSocketFactory.java 2000/09/08 22:29:35 1.2
@@ -60,105 +60,40 @@
package org.apache.catalina.net;
-import java.io.*;
-import java.net.*;
-import java.util.Hashtable;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+
+
/**
- * This class creates server sockets. It may be subclassed by other
- * factories, which create particular types of server sockets. This
- * provides a general framework for the addition of public socket-level
- * functionality. It it is the server side analogue of a socket factory,
- * and similarly provides a way to capture a variety of policies related
- * to the sockets being constructed.
- *
- * <P> Like socket factories, Server Socket factory instances have two
- * categories of methods. First are methods used to create sockets.
- * Second are methods which set properties used in the production of
- * sockets, such as networking options. There is also an environment
- * specific default server socket factory; frameworks will often use
- * their own customized factory.
+ * Interface that describes the common characteristics of factory classes
+ * that create server sockets required by a Connector. A concreate
+ * implementation of this interface will be assigned to a Connector
+ * via the <code>setFactory()</code> method.
*
- * <P><hr><em> It may be desirable to move this interface into the
- * <b>java.net</b> package, so that is not an extension but the preferred
- * interface. Should this be serializable, making it a JavaBean which can
- * be saved along with its networking configuration?
- * </em>
- *
* @author db@eng.sun.com
* @author Harish Prabandham
+ * @author Craig R. McClanahan
*/
-public abstract class ServerSocketFactory implements Cloneable {
+public interface ServerSocketFactory {
- //
- // NOTE: JDK 1.1 bug in class GC, this can get collected
- // even though it's always accessible via getDefault().
- //
- private static ServerSocketFactory theFactory;
- protected Hashtable attributes=new Hashtable();
+ // --------------------------------------------------------- Public Methods
- /**
- * Constructor is used only by subclasses.
- */
- protected ServerSocketFactory () {
- /* NOTHING */
- }
-
- /** General mechanism to pass attributes from the
- * ServerConnector to the socket factory.
- *
- * Note that the "prefered" mechanism is to
- * use bean setters and explicit methods, but
- * this allows easy configuration via server.xml
- * or simple Properties
- */
- public void setAttribute( String name, Object value ) {
- if( name!=null && value !=null)
- attributes.put( name, value );
- }
-
/**
- * Returns a copy of the environment's default socket factory.
- */
- public static ServerSocketFactory getDefault () {
- //
- // optimize typical case: no synch needed
- //
-
- if (theFactory == null) {
- synchronized (ServerSocketFactory.class) {
- //
- // Different implementations of this method could
- // work rather differently. For example, driving
- // this from a system property, or using a different
- // implementation than JavaSoft's.
- //
-
- theFactory = new DefaultServerSocketFactory ();
- }
- }
-
- try {
- return (ServerSocketFactory) theFactory.clone ();
- } catch (CloneNotSupportedException e) {
- throw new RuntimeException (e.getMessage ());
- }
- }
-
- /**
* Returns a server socket which uses all network interfaces on
* the host, and is bound to a the specified port. The socket is
* configured with the socket options (such as accept timeout)
* given to this factory.
*
* @param port the port to listen to
+ *
* @exception IOException for networking errors
- * @exception InstantiationException for construction errors
*/
- public abstract ServerSocket createSocket (int port)
- throws IOException, InstantiationException;
+ public ServerSocket createSocket (int port) throws IOException;
+
/**
* Returns a server socket which uses all network interfaces on
@@ -168,12 +103,12 @@
*
* @param port the port to listen to
* @param backlog how many connections are queued
+ *
* @exception IOException for networking errors
- * @exception InstantiationException for construction errors
*/
+ public ServerSocket createSocket (int port, int backlog)
+ throws IOException;
- public abstract ServerSocket createSocket (int port, int backlog)
- throws IOException, InstantiationException;
/**
* Returns a server socket which uses only the specified network
@@ -184,15 +119,12 @@
* @param port the port to listen to
* @param backlog how many connections are queued
* @param ifAddress the network interface address to use
+ *
* @exception IOException for networking errors
- * @exception InstantiationException for construction errors
*/
+ public ServerSocket createSocket (int port, int backlog,
+ InetAddress ifAddress)
+ throws IOException;
- public abstract ServerSocket createSocket (int port,
- int backlog, InetAddress ifAddress)
- throws IOException, InstantiationException;
- public void initSocket( Socket s ) {
- }
}
-
1.1 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/net/SSLServerSocketFactory.java
Index: SSLServerSocketFactory.java
===================================================================
/*
* ====================================================================
*
* The Apache Software License, Version 1.1
*
* Copyright (c) 1999 The Apache Software Foundation. All rights
* reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. The end-user documentation included with the redistribution, if
* any, must include the following acknowlegement:
* "This product includes software developed by the
* Apache Software Foundation (http://www.apache.org/)."
* Alternately, this acknowlegement may appear in the software itself,
* if and wherever such third-party acknowlegements normally appear.
*
* 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
* Foundation" must not be used to endorse or promote products derived
* from this software without prior written permission. For written
* permission, please contact apache@apache.org.
*
* 5. Products derived from this software may not be called "Apache"
* nor may "Apache" appear in their names without prior written
* permission of the Apache Group.
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
* [Additional notices, if required by prior licensing conditions]
*
*/
package org.apache.catalina.net;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;
import javax.net.ServerSocketFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.HandshakeCompletedEvent;
import com.sun.net.ssl.KeyManagerFactory;
import com.sun.net.ssl.SSLContext;
import com.sun.net.ssl.TrustManagerFactory;
/**
* Socket factory for SSL sockets, using the Java Server Sockets Extension
* (JSSE) reference implementation support classes. Besides the usual
* configuration mechanism based on setting JavaBeans properties, this
* component may also be configured by passing a series of attributes set
* with calls to <code>setAttribute()</code>. The following attribute
* names are recognized, with default values in square brackets:
* <ul>
* <li><strong>algorithm</strong> - Certificate encoding algorithm
* to use. [SunX509]</li>
* <li><strong>clientAuth</strong> - Require client authentication if
* set to <code>true</code>. [false]</li>
* <li><strong>keystoreFile</strong> - Pathname to the Key Store file to be
* loaded. ["./keystore" in the user home directory]</li>
* <li><strong>keystorePass</strong> - Password for the Key Store file to be
* loaded. ["changeit"]</li>
* <li><strong>keystoreType</strong> - Type of the Key Store file to be
* loaded. ["JKS"]</li>
* <li><strong>protocol</strong> - SSL protocol to use. [TLS]</li>
* </ul>
*
* @author Harish Prabandham
* @author Costin Manolache
* @author Craig McClanahan
*/
public class SSLServerSocketFactory
implements org.apache.catalina.net.ServerSocketFactory {
// ----------------------------------------------------- Instance Variables
/**
* The configured socket factory.
*/
private javax.net.ssl.SSLServerSocketFactory sslProxy = null;
/**
* The trust manager factory used with JSSE 1.0.1.
*/
// TrustManagerFactory trustManagerFactory = null;
// ------------------------------------------------------------- Properties
/**
* Certificate encoding algorithm to be used.
*/
private String algorithm = "SunX509";
public String getAlgorithm() {
return (this.algorithm);
}
public void setAlgorithm(String algorithm) {
this.algorithm = algorithm;
}
/**
* Should we require client authentication?
*/
private boolean clientAuth = false;
public boolean getClientAuth() {
return (this.clientAuth);
}
public void setClientAuth(boolean clientAuth) {
this.clientAuth = clientAuth;
}
/**
* The internal represenation of the key store file that contains
* our server certificate.
*/
private KeyStore keyStore = null;
public KeyStore getKeyStore() throws IOException {
if (sslProxy == null)
initialize();
return (this.keyStore);
}
/**
* Pathname to the key store file to be used.
*/
private String keystoreFile =
System.getProperty("user.home") + "/.keystore";
public String getKeystoreFile() {
return (this.keystoreFile);
}
public void setKeystoreFile(String keystoreFile) {
this.keystoreFile = keystoreFile;
}
/**
* Password for accessing the key store file.
*/
private String keystorePass = "changeit";
public String getKeystorePass() {
return (this.keystorePass);
}
public void setKeystorePass(String keystorePass) {
this.keystorePass = keystorePass;
}
/**
* Storeage type of the key store file to be used.
*/
private String keystoreType = "JKS";
public String getKeystoreType() {
return (this.keystoreType);
}
public void setKeystoreType(String keystoreType) {
this.keystoreType = keystoreType;
}
/**
* SSL protocol variant to use.
*/
private String protocol = "TLS";
public String getProtocol() {
return (this.protocol);
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
// --------------------------------------------------------- Public Methods
/**
* Return a server socket that uses all network interfaces on the host,
* and is bound to a specified port. The socket is configured with the
* socket options (such as accept timeout) given to this factory.
*
* @param port Port to listen to
*
* @exception IOException if an input/output or network error occurs
*/
public ServerSocket createSocket(int port) throws IOException {
if (sslProxy == null)
initialize();
ServerSocket socket =
sslProxy.createServerSocket(port);
initServerSocket(socket);
return (socket);
}
/**
* Return a server socket that uses all network interfaces on the host,
* and is bound to a specified port, and uses the specified
* connection backlog. The socket is configured with the
* socket options (such as accept timeout) given to this factory.
*
* @param port Port to listen to
* @param backlog Maximum number of connections to be queued
*
* @exception IOException if an input/output or network error occurs
*/
public ServerSocket createSocket(int port, int backlog)
throws IOException {
if (sslProxy == null)
initialize();
ServerSocket socket =
sslProxy.createServerSocket(port, backlog);
initServerSocket(socket);
return (socket);
}
/**
* Return a server socket that uses the specified interface on the host,
* and is bound to a specified port, and uses the specified
* connection backlog. The socket is configured with the
* socket options (such as accept timeout) given to this factory.
*
* @param port Port to listen to
* @param backlog Maximum number of connections to be queued
* @param ifAddress Address of the interface to be used
*
* @exception IOException if an input/output or network error occurs
*/
public ServerSocket createSocket(int port, int backlog,
InetAddress ifAddress)
throws IOException {
if (sslProxy == null)
initialize();
ServerSocket socket =
sslProxy.createServerSocket(port, backlog, ifAddress);
initServerSocket(socket);
return (socket);
}
// -------------------------------------------------------- Private Methods
/**
* Initialize objects that will be required to create sockets.
*
* @exception IOException if an input/output error occurs
*/
private synchronized void initialize() throws IOException {
initKeyStore();
initProxy();
}
/**
* Initialize the internal representation of the key store file.
*
* @exception IOException if an input/output exception occurs
*/
private void initKeyStore() throws IOException {
try {
keyStore = KeyStore.getInstance(keystoreType);
FileInputStream istream = new FileInputStream(keystoreFile);
keyStore.load(istream, keystorePass.toCharArray());
istream.close();
} catch (Exception e) {
// FIXME - send to an appropriate log file?
System.out.println("initKeyStore: " + e);
e.printStackTrace(System.out);
throw new IOException(e.toString());
}
}
/**
* Initialize the SSL socket factory.
*
* @exception IOException if an input/output error occurs
*/
private void initProxy() throws IOException {
try {
/*
Security.addProvider(new sun.security.provider.Sun());
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
*/
// Create an SSL context used to create an SSL socket factory
SSLContext context = SSLContext.getInstance(protocol);
// Create the key manager factory used to extract the server key
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance(algorithm);
keyManagerFactory.init(keyStore, keystorePass.toCharArray());
// Create the trust manager factory used for checking certificates
/*
trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
trustManagerFactory.init(keyStore);
*/
// Initialize the context with the key managers
context.init(keyManagerFactory.getKeyManagers(), null,
new java.security.SecureRandom());
// Create the proxy and return
sslProxy = context.getServerSocketFactory();
} catch (Exception e) {
// FIXME - send to an appropriate log file?
System.out.println("initProxy: " + e);
e.printStackTrace(System.out);
throw new IOException(e.toString());
}
}
/**
* Set the requested properties for this server socket.
*
* @param ssocket The server socket to be configured
*/
private void initServerSocket(ServerSocket ssocket) {
SSLServerSocket socket = (SSLServerSocket) ssocket;
// Enable all available cipher suites when the socket is connected
String cipherSuites[] = socket.getSupportedCipherSuites();
socket.setEnabledCipherSuites(cipherSuites);
// Set client authentication if necessary
socket.setNeedClientAuth(clientAuth);
}
}
1.2 +12 -11 jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java
Index: Catalina.java
===================================================================
RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Catalina.java 2000/08/11 23:38:41 1.1
+++ Catalina.java 2000/09/08 22:29:36 1.2
@@ -1,7 +1,7 @@
/*
- * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v 1.1 2000/08/11 23:38:41 craigmcc Exp $
- * $Revision: 1.1 $
- * $Date: 2000/08/11 23:38:41 $
+ * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/Catalina.java,v 1.2 2000/09/08 22:29:36 craigmcc Exp $
+ * $Revision: 1.2 $
+ * $Date: 2000/09/08 22:29:36 $
*
* ====================================================================
*
@@ -94,7 +94,7 @@
* </u>
*
* @author Craig R. McClanahan
- * @version $Revision: 1.1 $ $Date: 2000/08/11 23:38:41 $
+ * @version $Revision: 1.2 $ $Date: 2000/09/08 22:29:36 $
*/
public final class Catalina {
@@ -259,13 +259,14 @@
mapper.addRule("Server/Connector", mapper.addChild
("addConnector", "org.apache.catalina.Connector"));
- mapper.addRule("Server/Connector/Parameter",
- mapper.methodSetter("setParameter", 2));
- mapper.addRule("Server/Connector/Parameter",
- mapper.methodParam(0, "name"));
- mapper.addRule("Server/Connector/Parameter",
- mapper.methodParam(1, "value") );
-
+ mapper.addRule("Server/Connector/Factory", mapper.objectCreate
+ ("org.apache.catalina.net.DefaultServerSocketFactory",
+ "className"));
+ mapper.addRule("Server/Connector/Factory", mapper.setProperties());
+ mapper.addRule("Server/Connector/Factory", mapper.addChild
+ ("setFactory",
+ "org.apache.catalina.net.ServerSocketFactory"));
+
mapper.addRule("Server/Connector/Listener", mapper.objectCreate
(null, "className"));
mapper.addRule("Server/Connector/Listener", mapper.setProperties());