Ejemplo n.º 1
0
  public void start() {
    final Xnio xnio;
    try {
      // Do what org.jboss.as.remoting.XnioUtil does
      xnio =
          Xnio.getInstance(
              null,
              Module.getModuleFromCallerModuleLoader(
                      ModuleIdentifier.fromString("org.jboss.xnio.nio"))
                  .getClassLoader());
    } catch (Exception e) {
      throw new IllegalStateException(e.getLocalizedMessage());
    }
    try {
      // TODO make this configurable
      worker =
          xnio.createWorker(
              OptionMap.builder()
                  .set(Options.WORKER_IO_THREADS, 4)
                  .set(Options.CONNECTION_HIGH_WATER, 1000000)
                  .set(Options.CONNECTION_LOW_WATER, 1000000)
                  .set(Options.WORKER_TASK_CORE_THREADS, 10)
                  .set(Options.WORKER_TASK_MAX_THREADS, 12)
                  .set(Options.TCP_NODELAY, true)
                  .set(Options.CORK, true)
                  .getMap());

      Builder serverOptionsBuilder =
          OptionMap.builder().set(Options.TCP_NODELAY, true).set(Options.REUSE_ADDRESSES, true);
      ChannelListener acceptListener = ChannelListeners.openListenerAdapter(openListener);
      if (httpAddress != null) {
        normalServer =
            worker.createStreamConnectionServer(
                httpAddress, acceptListener, serverOptionsBuilder.getMap());
        normalServer.resumeAccepts();
      }
      if (secureAddress != null) {
        SSLContext sslContext = securityRealm.getSSLContext();
        Set<AuthMechanism> supportedMechanisms =
            securityRealm.getSupportedAuthenticationMechanisms();
        if (supportedMechanisms.contains(AuthMechanism.CLIENT_CERT)) {
          if (supportedMechanisms.contains(AuthMechanism.DIGEST)
              || supportedMechanisms.contains(AuthMechanism.PLAIN)) {
            // Username / Password auth is possible so don't mandate a client certificate.
            serverOptionsBuilder.set(SSL_CLIENT_AUTH_MODE, REQUESTED);
          } else {
            serverOptionsBuilder.set(SSL_CLIENT_AUTH_MODE, REQUIRED);
          }
        }
        OptionMap secureOptions = serverOptionsBuilder.getMap();
        XnioSsl xnioSsl = new JsseXnioSsl(worker.getXnio(), secureOptions, sslContext);
        secureServer =
            xnioSsl.createSslConnectionServer(worker, secureAddress, acceptListener, secureOptions);
        secureServer.resumeAccepts();
      }
    } catch (IOException e) {
      throw new RuntimeException(e);
    }
  }
Ejemplo n.º 2
0
  public void start() {
    final Xnio xnio;
    try {
      // Do what org.jboss.as.remoting.XnioUtil does
      xnio =
          Xnio.getInstance(
              null,
              Module.getModuleFromCallerModuleLoader(
                      ModuleIdentifier.fromString("org.jboss.xnio.nio"))
                  .getClassLoader());
    } catch (Exception e) {
      throw new IllegalStateException(e.getLocalizedMessage());
    }
    try {
      // TODO make this configurable
      worker =
          xnio.createWorker(
              OptionMap.builder()
                  .set(Options.WORKER_IO_THREADS, 2)
                  .set(Options.WORKER_TASK_CORE_THREADS, 5)
                  .set(Options.WORKER_TASK_MAX_THREADS, 10)
                  .set(Options.TCP_NODELAY, true)
                  .set(Options.CORK, true)
                  .getMap());

      Builder serverOptionsBuilder =
          OptionMap.builder().set(Options.TCP_NODELAY, true).set(Options.REUSE_ADDRESSES, true);
      ChannelListener acceptListener = ChannelListeners.openListenerAdapter(openListener);
      if (httpAddress != null) {
        normalServer =
            worker.createStreamConnectionServer(
                httpAddress, acceptListener, serverOptionsBuilder.getMap());
        normalServer.resumeAccepts();
      }
      if (secureAddress != null) {
        if (sslClientAuthMode != null) {
          serverOptionsBuilder.set(SSL_CLIENT_AUTH_MODE, sslClientAuthMode);
        }
        OptionMap secureOptions = serverOptionsBuilder.getMap();
        XnioSsl xnioSsl = new UndertowXnioSsl(worker.getXnio(), secureOptions, sslContext);
        secureServer =
            xnioSsl.createSslConnectionServer(worker, secureAddress, acceptListener, secureOptions);
        secureServer.resumeAccepts();
      }
    } catch (IOException e) {
      throw new RuntimeException(e);
    }
  }
Ejemplo n.º 3
0
  // This duplicates the RealmSecurityProvider of AS7 to mimic the same security set-up
  private OptionMap createOptionMap() {
    List<String> mechanisms = new LinkedList<String>();
    Set<Property> properties = new HashSet<Property>();
    Builder builder = OptionMap.builder();

    if (saslMechanisms.contains(JBOSS_LOCAL_USER)) {
      mechanisms.add(JBOSS_LOCAL_USER);
      builder.set(SASL_POLICY_NOPLAINTEXT, false);
      properties.add(Property.of(LOCAL_DEFAULT_USER, DOLLAR_LOCAL));
    }

    if (saslMechanisms.contains(DIGEST_MD5)) {
      mechanisms.add(DIGEST_MD5);
      properties.add(Property.of(REALM_PROPERTY, REALM));
    }

    if (saslMechanisms.contains(PLAIN)) {
      mechanisms.add(PLAIN);
      builder.set(SASL_POLICY_NOPLAINTEXT, false);
    }

    if (saslMechanisms.isEmpty() || saslMechanisms.contains(ANONYMOUS)) {
      mechanisms.add(ANONYMOUS);
      builder.set(SASL_POLICY_NOANONYMOUS, false);
    }

    // TODO - SSL Options will be added in a subsequent task.
    builder.set(SSL_ENABLED, false);

    builder.set(SASL_MECHANISMS, Sequence.of(mechanisms));
    builder.set(SASL_PROPERTIES, Sequence.of(properties));

    return builder.getMap();
  }