private static Ssl getSsl(Protocol protocol) { Ssl ssl = protocol.getSsl(); if (ssl == null) { ssl = (Ssl) DefaultProxy.createDummyProxy(protocol, Ssl.class); } return ssl; }
@Override public void create(final CreateSsl command, ActionReport report) { NetworkConfig netConfig = command.config.getNetworkConfig(); // ensure we have the specified listener NetworkListener listener = netConfig.getNetworkListener(command.listenerId); Protocol httpProtocol; try { if (listener == null) { report.setMessage( WebContainer.rb.getString( MessageFormat.format(CREATE_SSL_HTTP_NOT_FOUND, command.listenerId))); httpProtocol = command.findOrCreateProtocol(command.listenerId); } else { httpProtocol = listener.findHttpProtocol(); Ssl ssl = httpProtocol.getSsl(); if (ssl != null) { report.setMessage( WebContainer.rb.getString( MessageFormat.format(CREATE_SSL_HTTP_ALREADY_EXISTS, command.listenerId))); report.setActionExitCode(ActionReport.ExitCode.FAILURE); return; } } ConfigSupport.apply( new SingleConfigCode<Protocol>() { public Object run(Protocol param) throws TransactionFailure { Ssl newSsl = param.createChild(Ssl.class); command.populateSslElement(newSsl); param.setSsl(newSsl); return newSsl; } }, httpProtocol); } catch (TransactionFailure e) { command.reportError(report, e); } command.reportSuccess(report); }
@Override public void delete(DeleteSsl command, ActionReport report) { NetworkConfig netConfig = command.config.getNetworkConfig(); NetworkListener networkListener = netConfig.getNetworkListener(command.listenerId); if (networkListener == null) { report.setMessage( WebContainer.rb.getString( MessageFormat.format(DELETE_SSL_HTTP_LISTENER_NOT_FOUND, command.listenerId))); report.setActionExitCode(ActionReport.ExitCode.FAILURE); return; } Protocol protocol = networkListener.findHttpProtocol(); if (protocol.getSsl() == null) { report.setMessage( WebContainer.rb.getString( MessageFormat.format(DELETE_SSL_ELEMENT_DOES_NOT_EXIST, command.listenerId))); report.setActionExitCode(ActionReport.ExitCode.FAILURE); return; } try { ConfigSupport.apply( new SingleConfigCode<Protocol>() { public Object run(Protocol param) { param.setSsl(null); return null; } }, networkListener.findHttpProtocol()); } catch (TransactionFailure e) { command.reportError(report, e); } }
protected void configureSubProtocol( final ServiceLocator habitat, final NetworkListener networkListener, final Protocol protocol, final FilterChainBuilder filterChainBuilder) { if (protocol.getHttp() != null) { final Http http = protocol.getHttp(); configureHttpProtocol( habitat, networkListener, http, filterChainBuilder, Boolean.valueOf(protocol.getSecurityEnabled())); } else if (protocol.getPortUnification() != null) { // Port unification final PortUnification pu = protocol.getPortUnification(); final String puFilterClassname = pu.getClassname(); PUFilter puFilter = null; if (puFilterClassname != null) { try { puFilter = Utils.newInstance(habitat, PUFilter.class, puFilterClassname, puFilterClassname); configureElement(habitat, networkListener, pu, puFilter); } catch (Exception e) { LOGGER.log( Level.WARNING, "Can not initialize port unification filter: " + puFilterClassname + " default filter will be used instead", e); } } if (puFilter == null) { puFilter = new PUFilter(); } List<org.glassfish.grizzly.config.dom.ProtocolFinder> findersConfig = pu.getProtocolFinder(); for (org.glassfish.grizzly.config.dom.ProtocolFinder finderConfig : findersConfig) { final String finderClassname = finderConfig.getClassname(); try { final ProtocolFinder protocolFinder = Utils.newInstance(habitat, ProtocolFinder.class, finderClassname, finderClassname); configureElement(habitat, networkListener, finderConfig, protocolFinder); final Protocol subProtocol = finderConfig.findProtocol(); final FilterChainBuilder subProtocolFilterChainBuilder = puFilter.getPUFilterChainBuilder(); // If subprotocol is secured - we need to wrap it under SSLProtocolFinder if (Boolean.valueOf(subProtocol.getSecurityEnabled())) { final PUFilter extraSslPUFilter = new PUFilter(); final Filter addedSSLFilter = configureSsl(habitat, getSsl(subProtocol), subProtocolFilterChainBuilder); subProtocolFilterChainBuilder.add(extraSslPUFilter); final FilterChainBuilder extraSslPUFilterChainBuilder = extraSslPUFilter.getPUFilterChainBuilder(); try { // temporary add SSL Filter, so subprotocol // will see it extraSslPUFilterChainBuilder.add(addedSSLFilter); configureSubProtocol( habitat, networkListener, subProtocol, extraSslPUFilterChainBuilder); } finally { // remove SSL Filter extraSslPUFilterChainBuilder.remove(addedSSLFilter); } extraSslPUFilter.register(protocolFinder, extraSslPUFilterChainBuilder.build()); puFilter.register( new SSLProtocolFinder(new SSLConfigurator(habitat, subProtocol.getSsl())), subProtocolFilterChainBuilder.build()); } else { configureSubProtocol( habitat, networkListener, subProtocol, subProtocolFilterChainBuilder); puFilter.register(protocolFinder, subProtocolFilterChainBuilder.build()); } } catch (Exception e) { LOGGER.log( Level.WARNING, "Can not initialize sub protocol. Finder: " + finderClassname, e); } } filterChainBuilder.add(puFilter); } else if (protocol.getHttpRedirect() != null) { filterChainBuilder.add(createHttpServerCodecFilter()); final HttpRedirectFilter filter = new HttpRedirectFilter(); filter.configure(habitat, networkListener, protocol.getHttpRedirect()); filterChainBuilder.add(filter); } else { ProtocolChainInstanceHandler pcihConfig = protocol.getProtocolChainInstanceHandler(); if (pcihConfig == null) { LOGGER.log(Level.WARNING, "Empty protocol declaration"); return; } ProtocolChain filterChainConfig = pcihConfig.getProtocolChain(); for (ProtocolFilter filterConfig : filterChainConfig.getProtocolFilter()) { final String filterClassname = filterConfig.getClassname(); try { final Filter filter = loadFilter(habitat, filterConfig.getName(), filterClassname); configureElement(habitat, networkListener, filterConfig, filter); filterChainBuilder.add(filter); } catch (Exception e) { LOGGER.log(Level.WARNING, "Can not initialize protocol filter: " + filterClassname, e); throw new IllegalStateException("Can not initialize protocol filter: " + filterClassname); } } } }