protected HttpServer createHttpServer() throws IOException {
HttpServer server = new HttpServer();
SocketListener listener = new SocketListener();
listener.setPort(SysConfig.getHttpPortAsInt());
server.addListener(listener);
return server;
}
/**
* Allow the Listener a chance to customise the request. before the server does its stuff. <br>
* This allows the required attributes to be set for SSL requests. <br>
* The requirements of the Servlet specs are:
*
* <ul>
* <li>an attribute named "javax.servlet.request.cipher_suite" of type String.
* <li>an attribute named "javax.servlet.request.key_size" of type Integer.
* <li>an attribute named "javax.servlet.request.X509Certificate" of type
* java.security.cert.X509Certificate[]. This is an array of objects of type
* X509Certificate, the order of this array is defined as being in ascending order of trust.
* The first certificate in the chain is the one set by the client, the next is the one used
* to authenticate the first, and so on.
* </ul>
*
* @param socket The Socket the request arrived on. This should be a javax.net.ssl.SSLSocket.
* @param request HttpRequest to be customised.
*/
protected void customizeRequest(Socket socket, HttpRequest request) {
super.customizeRequest(socket, request);
if (!(socket instanceof javax.net.ssl.SSLSocket))
return; // I'm tempted to let it throw an exception...
try {
SSLSocket sslSocket = (SSLSocket) socket;
SSLSession sslSession = sslSocket.getSession();
String cipherSuite = sslSession.getCipherSuite();
Integer keySize;
X509Certificate[] certs;
CachedInfo cachedInfo = (CachedInfo) sslSession.getValue(CACHED_INFO_ATTR);
if (cachedInfo != null) {
keySize = cachedInfo.getKeySize();
certs = cachedInfo.getCerts();
} else {
keySize = new Integer(ServletSSL.deduceKeyLength(cipherSuite));
certs = getCertChain(sslSession);
cachedInfo = new CachedInfo(keySize, certs);
sslSession.putValue(CACHED_INFO_ATTR, cachedInfo);
}
if (certs != null) request.setAttribute("javax.servlet.request.X509Certificate", certs);
else if (_needClientAuth) // Sanity check
throw new HttpException(HttpResponse.__403_Forbidden);
request.setAttribute("javax.servlet.request.cipher_suite", cipherSuite);
request.setAttribute("javax.servlet.request.key_size", keySize);
} catch (Exception e) {
log.warn(LogSupport.EXCEPTION, e);
}
}
@Override
public void run() {
if (!isRunning) {
try {
this.selectionKey.channel().close();
this.selectionKey.cancel();
} catch (IOException e) {
log.error(e.toString(), e);
}
} else {
synchronized (this) {
try {
if (this.selectionKey.isConnectable()) {
try {
((SocketChannel) selectionKey.channel()).finishConnect();
listener.connected(this);
this.selectionKey.interestOps(selectionKey.interestOps() | SelectionKey.OP_READ);
} catch (IOException conn) {
selectionKey.channel().close();
this.selectionKey.cancel();
this.listener.connect_error(this);
}
} else if (this.selectionKey.isReadable()) {
this.listener.read(this);
if (this.selectionKey.isValid()) {
this.selectionKey.interestOps(selectionKey.interestOps() | SelectionKey.OP_READ);
this.selectionKey.selector().wakeup();
}
}
if (this.selectionKey.isValid()
&& this.selectionKey.isWritable()
&& this.writeQueue.size() > 0) {
this.writeBuffer((SocketChannel) selectionKey.channel());
}
} catch (Exception e) {
log.error(e.toString(), e);
this.selectionKey.cancel();
this.close();
}
}
}
}
