You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2013/12/07 21:10:59 UTC
svn commit: r1548961 - in /tomcat/trunk:
java/org/apache/tomcat/websocket/WsWebSocketContainer.java
webapps/docs/web-socket-howto.xml
Author: markt
Date: Sat Dec 7 20:10:59 2013
New Revision: 1548961
URL: http://svn.apache.org/r1548961
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55801
Add the ability to use a custom SSLContext when creating client wss connections.
Patch provided by Maciej Lypik.
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
tomcat/trunk/webapps/docs/web-socket-howto.xml
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1548961&r1=1548960&r2=1548961&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Sat Dec 7 20:10:59 2013
@@ -87,6 +87,13 @@ public class WsWebSocketContainer
public static final String SSL_TRUSTSTORE_PWD_PROPERTY =
"org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD";
public static final String SSL_TRUSTSTORE_PWD_DEFAULT = "changeit";
+ /**
+ * Property name to set to configure used SSLContext. The value should be an
+ * instance of SSLContext. If this property is present, the SSL_TRUSTSTORE*
+ * properties are ignored.
+ */
+ public static final String SSL_CONTEXT_PROPERTY =
+ "org.apache.tomcat.websocket.SSL_CONTEXT";
/**
* Property name to set to configure the timeout (in milliseconds) when
@@ -649,32 +656,38 @@ public class WsWebSocketContainer
throws DeploymentException {
try {
- // Create the SSL Context
- SSLContext sslContext = SSLContext.getInstance("TLS");
-
- // Trust store
- String sslTrustStoreValue =
- (String) userProperties.get(SSL_TRUSTSTORE_PROPERTY);
- if (sslTrustStoreValue != null) {
- String sslTrustStorePwdValue = (String) userProperties.get(
- SSL_TRUSTSTORE_PWD_PROPERTY);
- if (sslTrustStorePwdValue == null) {
- sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT;
- }
+ // See if a custom SSLContext has been provided
+ SSLContext sslContext =
+ (SSLContext) userProperties.get(SSL_CONTEXT_PROPERTY);
+
+ if (sslContext == null) {
+ // Create the SSL Context
+ sslContext = SSLContext.getInstance("TLS");
+
+ // Trust store
+ String sslTrustStoreValue =
+ (String) userProperties.get(SSL_TRUSTSTORE_PROPERTY);
+ if (sslTrustStoreValue != null) {
+ String sslTrustStorePwdValue = (String) userProperties.get(
+ SSL_TRUSTSTORE_PWD_PROPERTY);
+ if (sslTrustStorePwdValue == null) {
+ sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT;
+ }
- File keyStoreFile = new File(sslTrustStoreValue);
- KeyStore ks = KeyStore.getInstance("JKS");
- try (InputStream is = new FileInputStream(keyStoreFile)) {
- ks.load(is, sslTrustStorePwdValue.toCharArray());
- }
+ File keyStoreFile = new File(sslTrustStoreValue);
+ KeyStore ks = KeyStore.getInstance("JKS");
+ try (InputStream is = new FileInputStream(keyStoreFile)) {
+ ks.load(is, sslTrustStorePwdValue.toCharArray());
+ }
- TrustManagerFactory tmf = TrustManagerFactory.getInstance(
- TrustManagerFactory.getDefaultAlgorithm());
- tmf.init(ks);
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(
+ TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(ks);
- sslContext.init(null, tmf.getTrustManagers(), null);
- } else {
- sslContext.init(null, null, null);
+ sslContext.init(null, tmf.getTrustManagers(), null);
+ } else {
+ sslContext.init(null, null, null);
+ }
}
SSLEngine engine = sslContext.createSSLEngine();
Modified: tomcat/trunk/webapps/docs/web-socket-howto.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/web-socket-howto.xml?rev=1548961&r1=1548960&r2=1548961&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/web-socket-howto.xml (original)
+++ tomcat/trunk/webapps/docs/web-socket-howto.xml Sat Dec 7 20:10:59 2013
@@ -122,11 +122,16 @@
of the provided <code>javax.websocket.ClientEndpointConfig</code>. The
following user properties are supported:</p>
<ul>
+ <li><code>org.apache.tomcat.websocket.SSL_CONTEXT</code></li>
<li><code>org.apache.tomcat.websocket.SSL_PROTOCOLS</code></li>
<li><code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code></li>
<li><code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code></li>
</ul>
<p>The default truststore password is <code>changeit</code>.</p>
+ <p>If the <code>org.apache.tomcat.websocket.SSL_CONTEXT</code> property is
+ set then the <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code> and
+ <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code> properties
+ will be ignored.</p>
</section>
</body>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org