コード例 #1
0
 private void configureSslClientAuth(AbstractHttp11JsseProtocol<?> protocol, Ssl ssl) {
   if (ssl.getClientAuth() == ClientAuth.NEED) {
     protocol.setClientAuth(Boolean.TRUE.toString());
   } else if (ssl.getClientAuth() == ClientAuth.WANT) {
     protocol.setClientAuth("want");
   }
 }
コード例 #2
0
 private void configureSslKeyStore(AbstractHttp11JsseProtocol<?> protocol, Ssl ssl) {
   try {
     protocol.setKeystoreFile(ResourceUtils.getURL(ssl.getKeyStore()).toString());
   } catch (FileNotFoundException ex) {
     throw new EmbeddedServletContainerException(
         "Could not load key store: " + ex.getMessage(), ex);
   }
   if (ssl.getKeyStoreType() != null) {
     protocol.setKeystoreType(ssl.getKeyStoreType());
   }
   if (ssl.getKeyStoreProvider() != null) {
     protocol.setKeystoreProvider(ssl.getKeyStoreProvider());
   }
 }
コード例 #3
0
 protected void configureSslStoreProvider(
     AbstractHttp11JsseProtocol<?> protocol, SslStoreProvider sslStoreProvider) {
   Assert.isInstanceOf(
       Http11NioProtocol.class,
       protocol,
       "SslStoreProvider can only be used with Http11NioProtocol");
   ((Http11NioProtocol) protocol).getEndpoint().setAttribute("sslStoreProvider", sslStoreProvider);
   protocol.setSslImplementationName(TomcatEmbeddedJSSEImplementation.class.getName());
 }
コード例 #4
0
 /**
  * Configure Tomcat's {@link AbstractHttp11JsseProtocol} for SSL.
  *
  * @param protocol the protocol
  * @param ssl the ssl details
  */
 protected void configureSsl(AbstractHttp11JsseProtocol<?> protocol, Ssl ssl) {
   protocol.setSSLEnabled(true);
   protocol.setSslProtocol(ssl.getProtocol());
   configureSslClientAuth(protocol, ssl);
   protocol.setKeystorePass(ssl.getKeyStorePassword());
   protocol.setKeyPass(ssl.getKeyPassword());
   protocol.setKeyAlias(ssl.getKeyAlias());
   protocol.setCiphers(StringUtils.arrayToCommaDelimitedString(ssl.getCiphers()));
   if (ssl.getEnabledProtocols() != null) {
     protocol.setProperty(
         "sslEnabledProtocols",
         StringUtils.arrayToCommaDelimitedString(ssl.getEnabledProtocols()));
   }
   if (getSslStoreProvider() != null) {
     configureSslStoreProvider(protocol, getSslStoreProvider());
   } else {
     configureSslKeyStore(protocol, ssl);
     configureSslTrustStore(protocol, ssl);
   }
 }