// =========================================================================================================
// HTTPS handling
private HttpServer createHttpsServer(
InetSocketAddress pSocketAddress, JolokiaServerConfig pConfig) {
// initialise the HTTPS server
try {
HttpsServer server = HttpsServer.create(pSocketAddress, pConfig.getBacklog());
SSLContext sslContext = SSLContext.getInstance(pConfig.getSecureSocketProtocol());
// initialise the keystore
KeyStore ks = getKeyStore(pConfig);
// setup the key manager factory
KeyManagerFactory kmf = getKeyManagerFactory(pConfig);
kmf.init(ks, pConfig.getKeystorePassword());
// setup the trust manager factory
TrustManagerFactory tmf = getTrustManagerFactory(pConfig);
tmf.init(ks);
// setup the HTTPS context and parameters
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
// Update the config to filter out bad protocols or ciphers
pConfig.updateHTTPSSettingsFromContext(sslContext);
server.setHttpsConfigurator(new JolokiaHttpsConfigurator(sslContext, pConfig));
return server;
} catch (GeneralSecurityException e) {
throw new IllegalStateException("Cannot use keystore for https communication: " + e, e);
} catch (IOException e) {
throw new IllegalStateException("Cannot open keystore for https communication: " + e, e);
}
}
@Before
public void setup() {
HttpsServer server =
httpsServer(port(), certificate(pathResource("cert.jks"), "mocohttps", "mocohttps"));
server.response("foo");
this.runner = Runner.runner(server);
runner.start();
helper = new MocoTestHelper();
}
@Test
public void should_return_expected_result_without_port() throws Exception {
final HttpsServer server = httpsServer(DEFAULT_CERTIFICATE);
server.request(by("foo")).response("bar");
running(
server,
new Runnable() {
@Override
public void run() throws Exception {
assertThat(helper.postContent(httpsRoot(server.port()), "foo"), is("bar"));
}
});
}
@Test
public void should_return_expected_result() throws Exception {
HttpsServer server = httpsServer(port(), DEFAULT_CERTIFICATE);
server.response("foo");
running(
server,
new Runnable() {
@Override
public void run() throws Exception {
assertThat(helper.get(httpsRoot()), is("foo"));
}
});
}
@Test
public void should_return_expected_result_with_global_config() throws Exception {
HttpsServer server = httpsServer(port(), DEFAULT_CERTIFICATE, context("/foo"));
server.request(by(uri("/bar"))).response("foo");
running(
server,
new Runnable() {
@Override
public void run() throws Exception {
assertThat(helper.get(remoteHttpsUrl("/foo/bar")), is("foo"));
}
});
}
@Test
public void should_return_expected_result_with_monitor() throws Exception {
RequestHit hit = requestHit();
HttpsServer server = httpsServer(port(), DEFAULT_CERTIFICATE, hit);
server.request(by("foo")).response("bar");
running(
server,
new Runnable() {
@Override
public void run() throws Exception {
assertThat(helper.postContent(httpsRoot(), "foo"), is("bar"));
}
});
hit.verify(by("foo"), once());
}
private HttpServer httpsServer(InetSocketAddress address)
throws IOException, GeneralSecurityException {
// Initialize the keystore
char[] password = "******".toCharArray();
ks = KeyStore.getInstance("JKS");
try (FileInputStream fis = new FileInputStream("UMS.jks")) {
ks.load(fis, password);
}
// Setup the key manager factory
kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, password);
// Setup the trust manager factory
tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
HttpsServer server = HttpsServer.create(address, 0);
sslContext = SSLContext.getInstance("TLS");
sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
server.setHttpsConfigurator(
new HttpsConfigurator(sslContext) {
@Override
public void configure(HttpsParameters params) {
try {
// initialise the SSL context
SSLContext c = SSLContext.getDefault();
SSLEngine engine = c.createSSLEngine();
params.setNeedClientAuth(true);
params.setCipherSuites(engine.getEnabledCipherSuites());
params.setProtocols(engine.getEnabledProtocols());
// get the default parameters
SSLParameters defaultSSLParameters = c.getDefaultSSLParameters();
params.setSSLParameters(defaultSSLParameters);
} catch (Exception e) {
LOGGER.debug("https configure error " + e);
}
}
});
return server;
}
public static void main(String[] args) throws Exception {
HttpServer s1 = null;
HttpsServer s2 = null;
ExecutorService executor = null;
try {
String root = System.getProperty("test.src") + "/docs";
System.out.print("Test12: ");
InetSocketAddress addr = new InetSocketAddress(0);
s1 = HttpServer.create(addr, 0);
s2 = HttpsServer.create(addr, 0);
HttpHandler h = new FileServerHandler(root);
HttpContext c1 = s1.createContext("/test1", h);
HttpContext c2 = s2.createContext("/test1", h);
executor = Executors.newCachedThreadPool();
s1.setExecutor(executor);
s2.setExecutor(executor);
ctx = new SimpleSSLContext(System.getProperty("test.src")).get();
s2.setHttpsConfigurator(new HttpsConfigurator(ctx));
s1.start();
s2.start();
int port = s1.getAddress().getPort();
int httpsport = s2.getAddress().getPort();
Runner r[] = new Runner[8];
r[0] = new Runner(true, "http", root + "/test1", port, "smallfile.txt", 23);
r[1] = new Runner(true, "http", root + "/test1", port, "largefile.txt", 2730088);
r[2] = new Runner(true, "https", root + "/test1", httpsport, "smallfile.txt", 23);
r[3] = new Runner(true, "https", root + "/test1", httpsport, "largefile.txt", 2730088);
r[4] = new Runner(false, "http", root + "/test1", port, "smallfile.txt", 23);
r[5] = new Runner(false, "http", root + "/test1", port, "largefile.txt", 2730088);
r[6] = new Runner(false, "https", root + "/test1", httpsport, "smallfile.txt", 23);
r[7] = new Runner(false, "https", root + "/test1", httpsport, "largefile.txt", 2730088);
start(r);
join(r);
System.out.println("OK");
} finally {
delay();
if (s1 != null) s1.stop(2);
if (s2 != null) s2.stop(2);
if (executor != null) executor.shutdown();
}
}
