You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by jb...@apache.org on 2005/04/29 20:51:03 UTC
svn commit: r165331 - in /geronimo/trunk/modules:
assembly/src/plan/j2ee-server-plan.xml assembly/src/var/security/keystore
jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java
Author: jboynes
Date: Fri Apr 29 11:51:02 2005
New Revision: 165331
URL: http://svn.apache.org/viewcvs?rev=165331&view=rev
Log:
switch to Jetty SslConnector and start an https listener by default
Added:
geronimo/trunk/modules/assembly/src/var/security/keystore (with props)
Modified:
geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml?rev=165331&r1=165330&r2=165331&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml Fri Apr 29 11:51:02 2005
@@ -230,6 +230,18 @@
<!-- <attribute name="MaxIdleTime">10</attribute>-->
</gbean>
+ <gbean name="JettySSLConnector" class="org.apache.geronimo.jetty.connector.HTTPSConnector">
+ <attribute name="port">8443</attribute>
+ <attribute name="keystore">var/security/keystore</attribute>
+ <attribute name="keystoreType">JKS</attribute>
+ <attribute name="password">secret</attribute>
+ <attribute name="keyPassword">secret</attribute>
+ <attribute name="needClientAuth">false</attribute>
+ <attribute name="protocol">TLS</attribute>
+ <reference name="JettyContainer"><name>JettyWebContainer</name></reference>
+ <reference name="ServerInfo"><module>org/apache/geronimo/System</module><name>ServerInfo</name></reference>
+ </gbean>
+
<!-- EJB Protocol -->
<gbean gbeanName="openejb:type=NetworkService,name=EJB" class="org.openejb.server.StandardServiceStackGBean">
<attribute name="name">EJB</attribute>
Added: geronimo/trunk/modules/assembly/src/var/security/keystore
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/var/security/keystore?rev=165331&view=auto
==============================================================================
Binary file - no diff available.
Propchange: geronimo/trunk/modules/assembly/src/var/security/keystore
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java?rev=165331&r1=165330&r2=165331&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java (original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java Fri Apr 29 11:51:02 2005
@@ -17,77 +17,89 @@
package org.apache.geronimo.jetty.connector;
+import javax.net.ssl.KeyManagerFactory;
+
+import org.mortbay.http.SslListener;
+
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
import org.apache.geronimo.jetty.JettyContainer;
import org.apache.geronimo.system.serverinfo.ServerInfo;
-import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
-import org.mortbay.http.SunJsseListener;
/**
+ * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE).
+ *
* @version $Rev$ $Date$
*/
public class HTTPSConnector extends JettyConnector {
- private final SunJsseListener https;
+ private final SslListener https;
private final ServerInfo serverInfo;
private String keystore;
+ private String algorithm;
public HTTPSConnector(JettyContainer container, ServerInfo serverInfo) {
- super(container, new SunJsseListener());
+ super(container, new SslListener());
this.serverInfo = serverInfo;
- https = (SunJsseListener)listener;
+ https = (SslListener) listener;
}
public String getKeystore() {
+ // this does not delegate to https as it needs to be resolved against ServerInfo
return keystore;
}
public void setKeystore(String keystore) {
+ // this does not delegate to https as it needs to be resolved against ServerInfo
this.keystore = keystore;
}
- public void setKeyPassword(String password) {
- https.setKeyPassword(password);
+ public String getAlgorithm() {
+ return algorithm;
}
- public void setKeystoreProviderClass(String cls) {
- https.setKeystoreProviderClass(cls);
+ /**
+ * Algorithm to use.
+ * As different JVMs have different implementations available, the default
+ * algorithm can be used by supplying a null value.
+ *
+ * @param algorithm the algorithm to use, or null to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()}
+ */
+ public void setAlgorithm(String algorithm) {
+ // cache the value so the null
+ this.algorithm = algorithm;
+ if (algorithm == null) {
+ algorithm = KeyManagerFactory.getDefaultAlgorithm();
+ }
+ https.setAlgorithm(algorithm);
}
- public String getKeystoreProviderClass() {
- return https.getKeystoreProviderClass();
+ public void setPassword(String password) {
+ https.setPassword(password);
}
- public void setKeystoreProviderName(String cls) {
- https.setKeystoreProviderName(cls);
+ public void setKeyPassword(String password) {
+ https.setKeyPassword(password);
}
- public String getKeystoreProviderName() {
- return https.getKeystoreProviderName();
+ public String getProtocol() {
+ return https.getProtocol();
}
- public void setKeystoreType(String cls) {
- https.setKeystoreType(cls);
+ public void setProtocol(String protocol) {
+ https.setProtocol(protocol);
}
public String getKeystoreType() {
return https.getKeystoreType();
}
- public void setPassword(String password) {
- https.setPassword(password);
- }
-
- public void setUseDefaultTrustStore(boolean use) {
- https.setUseDefaultTrustStore(use);
+ public void setKeystoreType(String keystoreType) {
+ https.setKeystoreType(keystoreType);
}
- public boolean getUseDefaultTrustStore() {
- return https.getUseDefaultTrustStore();
- }
-
- public void setNeedClientAuth(boolean auth) {
- https.setNeedClientAuth(auth);
+ public void setNeedClientAuth(boolean needClientAuth) {
+ https.setNeedClientAuth(needClientAuth);
}
public boolean getNeedClientAuth() {
@@ -104,13 +116,12 @@
static {
GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Jetty HTTPS Connector", HTTPSConnector.class, JettyConnector.GBEAN_INFO);
infoFactory.addAttribute("keystore", String.class, true);
+ infoFactory.addAttribute("algorithm", String.class, true);
infoFactory.addAttribute("keyPassword", String.class, true);
- infoFactory.addAttribute("keystoreProviderClass", String.class, true);
- infoFactory.addAttribute("keystoreProviderName", String.class, true);
infoFactory.addAttribute("keystoreType", String.class, true);
- infoFactory.addAttribute("password", String.class, true);
- infoFactory.addAttribute("useDefaultTrustStore", boolean.class, true);
infoFactory.addAttribute("needClientAuth", boolean.class, true);
+ infoFactory.addAttribute("password", String.class, true);
+ infoFactory.addAttribute("protocol", String.class, true);
infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE);
infoFactory.setConstructor(new String[]{"JettyContainer", "ServerInfo"});
GBEAN_INFO = infoFactory.getBeanInfo();