@Override
  public Connector build(
      Server server, MetricRegistry metrics, String name, ThreadPool threadPool) {
    logSupportedParameters();

    final HttpConfiguration httpConfig = buildHttpConfiguration();

    final HttpConnectionFactory httpConnectionFactory = buildHttpConnectionFactory(httpConfig);

    final SslContextFactory sslContextFactory = buildSslContextFactory();
    server.addBean(sslContextFactory);

    final SslConnectionFactory sslConnectionFactory =
        new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString());

    final Scheduler scheduler = new ScheduledExecutorScheduler();

    final ByteBufferPool bufferPool = buildBufferPool();

    final String timerName =
        name(
            HttpConnectionFactory.class, getBindHost(), Integer.toString(getPort()), "connections");

    return buildConnector(
        server,
        scheduler,
        bufferPool,
        name,
        threadPool,
        new InstrumentedConnectionFactory(sslConnectionFactory, metrics.timer(timerName)),
        httpConnectionFactory);
  }
  private SslConnectionFactory createSslConnectionFactory(KeyStoreInformation config) {
    SslContextFactory sslContextFactory = new SslContextFactory();

    sslContextFactory.setKeyStorePath(config.getKeyStorePath());
    sslContextFactory.setKeyStorePassword(String.valueOf(config.getKeyStorePassword()));
    sslContextFactory.setKeyManagerPassword(String.valueOf(config.getKeyPassword()));

    return new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
  }
Beispiel #3
0
  @Override
  public boolean parsedHeader(HttpField field) {
    HttpHeader header = field.getHeader();
    String value = field.getValue();
    if (value == null) value = "";
    if (header != null) {
      switch (header) {
        case EXPECT:
          if (_version.getVersion() >= HttpVersion.HTTP_1_1.getVersion()) {
            HttpHeaderValue expect = HttpHeaderValue.CACHE.get(value);
            switch (expect == null ? HttpHeaderValue.UNKNOWN : expect) {
              case CONTINUE:
                _expect100Continue = true;
                break;

              case PROCESSING:
                _expect102Processing = true;
                break;

              default:
                String[] values = value.split(",");
                for (int i = 0; values != null && i < values.length; i++) {
                  expect = HttpHeaderValue.CACHE.get(values[i].trim());
                  if (expect == null) _expect = true;
                  else {
                    switch (expect) {
                      case CONTINUE:
                        _expect100Continue = true;
                        break;
                      case PROCESSING:
                        _expect102Processing = true;
                        break;
                      default:
                        _expect = true;
                    }
                  }
                }
            }
          }
          break;

        case CONTENT_TYPE:
          MimeTypes.Type mime = MimeTypes.CACHE.get(value);
          String charset =
              (mime == null || mime.getCharset() == null)
                  ? MimeTypes.getCharsetFromContentType(value)
                  : mime.getCharset().toString();
          if (charset != null) _request.setCharacterEncodingUnchecked(charset);
          break;
        default:
      }
    }

    if (field.getName() != null) _request.getHttpFields().add(field);
    return false;
  }
  public ServerConnector createConnector(
      Server server, KeyStoreInformation config, String host, int port) {

    SslContextFactory sslContextFactory = new SslContextFactory();

    sslContextFactory.setKeyStorePath(config.getKeyStorePath());
    sslContextFactory.setKeyStorePassword(String.valueOf(config.getKeyStorePassword()));
    sslContextFactory.setKeyManagerPassword(String.valueOf(config.getKeyPassword()));

    ServerConnector connector =
        new ServerConnector(
            server,
            new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
            new HttpConnectionFactory());

    connector.setPort(port);
    connector.setHost(host);

    return connector;
  }
  protected void setupTest(ITestContext context) throws Exception {
    Reporter.log(
        String.format(
            "HTTP:%d, HTTPS:%d , HTTPS(Mutual):%d", PLAIN_PORT, SECURE_PORT, MUTUAL_SECURE_PORT),
        true);

    connectorServer = new Server();

    HttpConfiguration httpConfig = new HttpConfiguration();
    httpConfig.setSecureScheme("https");
    httpConfig.setSecurePort(SECURE_PORT);
    httpConfig.setOutputBufferSize(32768);

    // HTTP
    ServerConnector http =
        new ServerConnector(connectorServer, new HttpConnectionFactory(httpConfig));
    http.setPort(PLAIN_PORT);
    http.setHost("127.0.0.1");
    http.setIdleTimeout(30000);

    // HTTPS
    SslContextFactory sslContextFactory = createSsllContextFactory(false);

    // HTTPS Configuration
    HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
    httpsConfig.addCustomizer(new SecureRequestCustomizer());

    // HTTPS connector
    ServerConnector https =
        new ServerConnector(
            connectorServer,
            new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
            new HttpConnectionFactory(httpsConfig));
    https.setPort(SECURE_PORT);
    http.setHost("127.0.0.1");
    https.setIdleTimeout(500000);

    // Mutual HTTPS connector
    sslContextFactory = createSsllContextFactory(false);
    sslContextFactory.setWantClientAuth(true);
    sslContextFactory.setNeedClientAuth(false);

    ServerConnector mutualHttps =
        new ServerConnector(
            connectorServer,
            new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
            new HttpConnectionFactory(httpsConfig));
    mutualHttps.setPort(MUTUAL_SECURE_PORT);
    http.setHost("127.0.0.1");
    mutualHttps.setIdleTimeout(500000);

    connectorServer.setConnectors(new Connector[] {http, https, mutualHttps});

    // Initializing the security handler
    ServletContextHandler handler =
        new ServletContextHandler(
            connectorServer, "/", ServletContextHandler.SESSIONS | ServletContextHandler.SECURITY);

    ServletHolder holder = handler.getServletHandler().newServletHolder(BaseHolder.Source.EMBEDDED);

    serverConnectorFramework = serverConnectorFrameworkFactory.acquire();
    localConnectorFramework = localConnectorFrameworkFactory.acquire();
    holder.setServlet(new OpenICFWebSocketServletBase(serverConnectorFrameworkFactory));
    holder.setInitParameter("maxIdleTime", "300000");
    holder.setInitParameter("maxAsyncWriteTimeout", "60000");

    holder.setInitParameter("maxBinaryMessageSize", "32768");
    holder.setInitParameter("inputBufferSize", "4096");

    handler.addServlet(holder, "/openicf/*");

    SecurityHandler sh = getSecurityHandler();
    sh.setHandler(handler);

    connectorServer.setHandler(sh);
    connectorServer.start();
    Reporter.log("Jetty Server Started", true);

    // Initialise the ConnectorFramework

    serverConnectorFramework
        .get()
        .getLocalManager()
        .addConnectorBundle(TstConnector.class.getProtectionDomain().getCodeSource().getLocation());

    localConnectorFramework
        .get()
        .getLocalManager()
        .addConnectorBundle(TstConnector.class.getProtectionDomain().getCodeSource().getLocation());

    connectorServer.start();
  }
  public static Server initJetty(
      final String bindAddress,
      final int port,
      boolean useSSL,
      boolean needClientAuth,
      String protocols,
      String ciphers,
      Properties sysProps)
      throws Exception {

    final Server jettyServer = new Server();

    // Add a handler collection here, so that each new context adds itself
    // to this collection.
    jettyServer.setHandler(new HandlerCollection());
    ServerConnector connector = null;

    HttpConfiguration httpConfig = new HttpConfiguration();
    httpConfig.setSecureScheme(HTTPS);
    httpConfig.setSecurePort(port);

    if (useSSL) {
      SslContextFactory sslContextFactory = new SslContextFactory();

      sslContextFactory.setNeedClientAuth(needClientAuth);

      if (!StringUtils.isBlank(ciphers) && !"any".equalsIgnoreCase(ciphers)) {
        // If use has mentioned "any" let the SSL layer decide on the ciphers
        sslContextFactory.setIncludeCipherSuites(SSLUtil.readArray(ciphers));
      }

      String protocol = SSLUtil.getSSLAlgo(SSLUtil.readArray(protocols));
      if (protocol != null) {
        sslContextFactory.setProtocol(protocol);
      } else {
        logger.warn(ManagementStrings.SSL_PROTOCOAL_COULD_NOT_BE_DETERMINED);
      }

      if (StringUtils.isBlank(sysProps.getProperty("javax.net.ssl.keyStore"))) {
        throw new GemFireConfigException(
            "Key store can't be empty if SSL is enabled for HttpService");
      }

      sslContextFactory.setKeyStorePath(sysProps.getProperty("javax.net.ssl.keyStore"));

      if (!StringUtils.isBlank(sysProps.getProperty("javax.net.ssl.keyStoreType"))) {
        sslContextFactory.setKeyStoreType(sysProps.getProperty("javax.net.ssl.keyStoreType"));
      }

      if (!StringUtils.isBlank(sysProps.getProperty("javax.net.ssl.keyStorePassword"))) {
        sslContextFactory.setKeyStorePassword(
            sysProps.getProperty("javax.net.ssl.keyStorePassword"));
      }

      if (!StringUtils.isBlank(sysProps.getProperty("javax.net.ssl.trustStore"))) {
        sslContextFactory.setTrustStorePath(sysProps.getProperty("javax.net.ssl.trustStore"));
      }

      if (!StringUtils.isBlank(sysProps.getProperty("javax.net.ssl.trustStorePassword"))) {
        sslContextFactory.setTrustStorePassword(
            sysProps.getProperty("javax.net.ssl.trustStorePassword"));
      }

      httpConfig.addCustomizer(new SecureRequestCustomizer());

      // Somehow With HTTP_2.0 Jetty throwing NPE. Need to investigate further whether all GemFire
      // web application(Pulse, REST) can do with HTTP_1.1
      connector =
          new ServerConnector(
              jettyServer,
              new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
              new HttpConnectionFactory(httpConfig));

      connector.setPort(port);
    } else {
      connector = new ServerConnector(jettyServer, new HttpConnectionFactory(httpConfig));

      connector.setPort(port);
    }

    jettyServer.setConnectors(new Connector[] {connector});

    if (!StringUtils.isBlank(bindAddress)) {
      connector.setHost(bindAddress);
    }

    if (bindAddress != null && !bindAddress.isEmpty()) {
      JettyHelper.bindAddress = bindAddress;
    }

    JettyHelper.port = port;

    return jettyServer;
  }
  public static void main(String[] args) throws Exception {
    // Since this example shows off SSL configuration, we need a keystore with the appropriate key.
    // These two
    // lines are purely a hack to get access to a keystore that we use in many unit tests and should
    // probably be
    // a direct path to your own keystore (used on line 29).
    String jetty_home =
        System.getProperty("jetty.home", "../../jetty-distribution/target/distribution");
    System.setProperty("jetty.home", jetty_home);

    // Create a basic jetty server object without declaring the port.  Since we are configuring
    // connectors
    // directly we'll be setting ports on those connectors.
    Server server = new Server();

    // HTTP Configuration
    // HttpConfiguration is a collection of configuration information appropriate for http and
    // https. The default
    // scheme for http is <code>http</code> of course, as the default for secured http is
    // <code>https</code> but
    // we show setting the scheme to show it can be done.  The port for secured communication is
    // also set here.
    HttpConfiguration http_config = new HttpConfiguration();
    http_config.setSecureScheme("https");
    http_config.setSecurePort(8443);
    http_config.setOutputBufferSize(32768);

    // HTTP connector
    // The first server connector we create is the one for http, passing in the http configuration
    // we configured
    // above so it can get things like the output buffer size, etc. We also set the port (8080) and
    // configure an
    // idle timeout.
    ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config));
    http.setPort(8080);
    http.setIdleTimeout(30000);

    // SSL Context Factory for HTTPS and SPDY
    // SSL requires a certificate so we configure a factory for ssl contents with information
    // pointing to what
    // keystore the ssl connection needs to know about. Much more configuration is available the ssl
    // context,
    // including things like choosing the particular certificate out of a keystore to be used.
    SslContextFactory sslContextFactory = new SslContextFactory();
    sslContextFactory.setKeyStorePath(jetty_home + "/etc/keystore");
    sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
    sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");

    // HTTPS Configuration
    // A new HttpConfiguration object is needed for the next connector and you can pass the old one
    // as an
    // argument to effectively clone the contents. On this HttpConfiguration object we add a
    // SecureRequestCustomizer which is how a new connector is able to resolve the https connection
    // before
    // handing control over to the Jetty Server.
    HttpConfiguration https_config = new HttpConfiguration(http_config);
    https_config.addCustomizer(new SecureRequestCustomizer());

    // HTTPS connector
    // We create a second ServerConnector, passing in the http configuration we just made along with
    // the
    // previously created ssl context factory. Next we set the port and a longer idle timeout.
    ServerConnector https =
        new ServerConnector(
            server,
            new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
            new HttpConnectionFactory(https_config));
    https.setPort(8443);
    https.setIdleTimeout(500000);

    // Here you see the server having multiple connectors registered with it, now requests can flow
    // into the server
    // from both http and https urls to their respective ports and be processed accordingly by
    // jetty. A simple
    // handler is also registered with the server so the example has something to pass requests off
    // to.

    // Set the connectors
    server.setConnectors(new Connector[] {http, https});

    // Set a handler
    server.setHandler(new HelloHandler());

    // Start the server
    server.start();
    server.join();
  }