public IoFuture<Connection> connect(
      CallbackHandler handler, Map<String, String> saslOptions, SSLContext sslContext)
      throws IOException {
    OptionMap.Builder builder = OptionMap.builder();
    builder.addAll(configuration.getOptionMap());
    builder.set(SASL_POLICY_NOANONYMOUS, Boolean.FALSE);
    builder.set(SASL_POLICY_NOPLAINTEXT, Boolean.FALSE);
    if (isLocal() == false) {
      builder.set(Options.SASL_DISALLOWED_MECHANISMS, Sequence.of(JBOSS_LOCAL_USER));
    }
    List<Property> tempProperties =
        new ArrayList<Property>(saslOptions != null ? saslOptions.size() : 1);
    tempProperties.add(Property.of("jboss.sasl.local-user.quiet-auth", "true"));
    if (saslOptions != null) {
      for (String currentKey : saslOptions.keySet()) {
        tempProperties.add(Property.of(currentKey, saslOptions.get(currentKey)));
      }
    }
    builder.set(Options.SASL_PROPERTIES, Sequence.of(tempProperties));

    builder.set(Options.SSL_ENABLED, true);
    builder.set(Options.SSL_STARTTLS, true);

    CallbackHandler actualHandler = handler != null ? handler : new AnonymousCallbackHandler();
    return endpoint.connect(uri, builder.getMap(), actualHandler, sslContext);
  }
  public static OptionMap populate(final ExpressionResolver resolver, final ModelNode model)
      throws OperationFailedException {
    OptionMap.Builder builder =
        OptionMap.builder()
            .set(Options.TCP_NODELAY, Boolean.TRUE)
            .set(Options.REUSE_ADDRESSES, true)
            .addAll(OptionList.resolveOptions(resolver, model, RemotingEndpointResource.OPTIONS));

    return builder.getMap();
  }
Beispiel #3
0
 protected static OptionMap getOptions(ModelNode properties) {
   final OptionMap optionMap;
   if (properties.isDefined() && properties.asInt() > 0) {
     OptionMap.Builder builder = OptionMap.builder();
     final ClassLoader loader = SecurityActions.getClassLoader(ConnectorResource.class);
     for (Property property : properties.asPropertyList()) {
       String name = property.getName();
       if (!name.contains(".")) {
         name = "org.xnio.Options." + name;
       }
       final Option option = Option.fromString(name, loader);
       builder.set(
           option,
           option.parseValue(property.getValue().get(CommonAttributes.VALUE).asString(), loader));
     }
     optionMap = builder.getMap();
   } else {
     optionMap = OptionMap.EMPTY;
   }
   return optionMap;
 }
Beispiel #4
0
  static OptionMap createOptionMap(final ModelNode parameters) {
    final OptionMap.Builder builder = OptionMap.builder();

    if (parameters.hasDefined(SASL)) {
      final ModelNode sasl = parameters.require(SASL);
      builder.set(Options.SASL_SERVER_AUTH, sasl.get(SERVER_AUTH).asBoolean());
      builder.set(Options.SASL_STRENGTH, SaslStrength.valueOf(sasl.get(STRENGTH).asString()));
      builder.set(Options.SASL_QOP, Sequence.of(asQopSet(sasl.get(QOP))));
      builder.set(Options.SASL_MECHANISMS, Sequence.of(asStringSet(sasl.get(INCLUDE_MECHANISMS))));

      if (sasl.hasDefined(POLICY)) {
        final ModelNode policy = sasl.require(POLICY);
        builder.set(Options.SASL_POLICY_FORWARD_SECRECY, policy.get(FORWARD_SECRECY).asBoolean());
        builder.set(Options.SASL_POLICY_NOACTIVE, policy.get(NO_ACTIVE).asBoolean());
        builder.set(Options.SASL_POLICY_NOANONYMOUS, policy.get(NO_ANONYMOUS).asBoolean());
        builder.set(Options.SASL_POLICY_NODICTIONARY, policy.get(NO_DICTIONARY).asBoolean());
        builder.set(Options.SASL_POLICY_NOPLAINTEXT, policy.get(NO_PLAIN_TEXT).asBoolean());
        builder.set(Options.SASL_POLICY_PASS_CREDENTIALS, policy.get(PASS_CREDENTIALS).asBoolean());
      }
    }
    return builder.getMap();
  }
  @Override
  public synchronized void start(StartContext context) throws StartException {
    super.start(context);

    SecurityRealm realm = securityRealm.getOptionalValue();

    // TODO: SSL support for the client
    // TODO: wire up idle timeout when new version of undertow arrives
    final ModCluster.Builder modClusterBuilder;
    final XnioWorker worker = workerInjectedValue.getValue();
    if (realm == null) {
      modClusterBuilder = ModCluster.builder(worker);
    } else {
      SSLContext sslContext = realm.getSSLContext();
      OptionMap.Builder builder = OptionMap.builder();
      builder.set(Options.USE_DIRECT_BUFFERS, true);
      OptionMap combined = builder.getMap();

      XnioSsl xnioSsl = new UndertowXnioSsl(worker.getXnio(), combined, sslContext);
      modClusterBuilder = ModCluster.builder(worker, UndertowClient.getInstance(), xnioSsl);
    }
    modClusterBuilder
        .setHealthCheckInterval(healthCheckInterval)
        .setMaxRequestTime(maxRequestTime)
        .setCacheConnections(cachedConnections)
        .setQueueNewRequests(requestQueueSize > 0)
        .setRequestQueueSize(requestQueueSize)
        .setRemoveBrokenNodes(removeBrokenNodes)
        .setTtl(connectionIdleTimeout)
        .setMaxConnections(connectionsPerThread)
        .setUseAlias(useAlias);

    modCluster = modClusterBuilder.build();

    MCMPConfig.Builder builder = MCMPConfig.builder();
    InetAddress multicastAddress = advertiseSocketBinding.getValue().getMulticastAddress();
    if (multicastAddress == null) {
      throw UndertowLogger.ROOT_LOGGER.advertiseSocketBindingRequiresMulticastAddress();
    }
    if (advertiseFrequency > 0) {
      builder
          .enableAdvertise()
          .setAdvertiseAddress(
              advertiseSocketBinding.getValue().getSocketAddress().getAddress().getHostAddress())
          .setAdvertiseGroup(multicastAddress.getHostAddress())
          .setAdvertisePort(advertiseSocketBinding.getValue().getPort())
          .setAdvertiseFrequency(advertiseFrequency)
          .setPath(advertisePath)
          .setProtocol(advertiseProtocol)
          .setSecurityKey(securityKey);
    }
    builder.setManagementHost(managementSocketBinding.getValue().getSocketAddress().getHostName());
    builder.setManagementPort(managementSocketBinding.getValue().getSocketAddress().getPort());

    config = builder.build();

    if (advertiseFrequency > 0) {
      try {
        modCluster.advertise(config);
      } catch (IOException e) {
        throw new RuntimeException(e);
      }
    }
    modCluster.start();
  }