예제 #1
0
  // =========================================================================================================
  // HTTPS handling
  private HttpServer createHttpsServer(
      InetSocketAddress pSocketAddress, JolokiaServerConfig pConfig) {
    // initialise the HTTPS server
    try {
      HttpsServer server = HttpsServer.create(pSocketAddress, pConfig.getBacklog());
      SSLContext sslContext = SSLContext.getInstance(pConfig.getSecureSocketProtocol());

      // initialise the keystore
      KeyStore ks = getKeyStore(pConfig);

      // setup the key manager factory
      KeyManagerFactory kmf = getKeyManagerFactory(pConfig);
      kmf.init(ks, pConfig.getKeystorePassword());

      // setup the trust manager factory
      TrustManagerFactory tmf = getTrustManagerFactory(pConfig);
      tmf.init(ks);

      // setup the HTTPS context and parameters
      sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

      // Update the config to filter out bad protocols or ciphers
      pConfig.updateHTTPSSettingsFromContext(sslContext);

      server.setHttpsConfigurator(new JolokiaHttpsConfigurator(sslContext, pConfig));
      return server;
    } catch (GeneralSecurityException e) {
      throw new IllegalStateException("Cannot use keystore for https communication: " + e, e);
    } catch (IOException e) {
      throw new IllegalStateException("Cannot open keystore for https communication: " + e, e);
    }
  }
예제 #2
0
  private HttpServer httpsServer(InetSocketAddress address)
      throws IOException, GeneralSecurityException {
    // Initialize the keystore
    char[] password = "******".toCharArray();
    ks = KeyStore.getInstance("JKS");
    try (FileInputStream fis = new FileInputStream("UMS.jks")) {
      ks.load(fis, password);
    }

    // Setup the key manager factory
    kmf = KeyManagerFactory.getInstance("SunX509");
    kmf.init(ks, password);

    // Setup the trust manager factory
    tmf = TrustManagerFactory.getInstance("SunX509");
    tmf.init(ks);

    HttpsServer server = HttpsServer.create(address, 0);
    sslContext = SSLContext.getInstance("TLS");
    sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);

    server.setHttpsConfigurator(
        new HttpsConfigurator(sslContext) {
          @Override
          public void configure(HttpsParameters params) {
            try {
              // initialise the SSL context
              SSLContext c = SSLContext.getDefault();
              SSLEngine engine = c.createSSLEngine();
              params.setNeedClientAuth(true);
              params.setCipherSuites(engine.getEnabledCipherSuites());
              params.setProtocols(engine.getEnabledProtocols());

              // get the default parameters
              SSLParameters defaultSSLParameters = c.getDefaultSSLParameters();
              params.setSSLParameters(defaultSSLParameters);
            } catch (Exception e) {
              LOGGER.debug("https configure error  " + e);
            }
          }
        });
    return server;
  }
예제 #3
0
    /** {@inheritDoc} */
    public void configure(HttpsParameters params) {
      // initialise the SSL context
      SSLEngine engine = context.createSSLEngine();
      // get the default parameters
      SSLParameters defaultSSLParameters = context.getDefaultSSLParameters();

      // Cert authentication is delayed later to the ClientCertAuthenticator
      params.setWantClientAuth(serverConfig.useSslClientAuthentication());
      defaultSSLParameters.setWantClientAuth(serverConfig.useSslClientAuthentication());

      // Cipher Suites
      params.setCipherSuites(serverConfig.getSSLCipherSuites());
      defaultSSLParameters.setCipherSuites(serverConfig.getSSLCipherSuites());

      // Protocols
      params.setProtocols(serverConfig.getSSLProtocols());
      defaultSSLParameters.setProtocols(serverConfig.getSSLProtocols());

      params.setSSLParameters(defaultSSLParameters);
    }
예제 #4
0
    public void run() {
      try {
        URL url = new URL(protocol + "://localhost:" + port + "/test1/" + f);
        HttpURLConnection urlc = (HttpURLConnection) url.openConnection();
        if (urlc instanceof HttpsURLConnection) {
          HttpsURLConnection urlcs = (HttpsURLConnection) urlc;
          urlcs.setHostnameVerifier(
              new HostnameVerifier() {
                public boolean verify(String s, SSLSession s1) {
                  return true;
                }
              });
          urlcs.setSSLSocketFactory(ctx.getSocketFactory());
        }
        byte[] buf = new byte[4096];

        if (fixedLen) {
          urlc.setRequestProperty("XFixed", "yes");
        }
        InputStream is = urlc.getInputStream();
        File temp = File.createTempFile("Test1", null);
        temp.deleteOnExit();
        OutputStream fout = new BufferedOutputStream(new FileOutputStream(temp));
        int c, count = 0;
        while ((c = is.read(buf)) != -1) {
          count += c;
          fout.write(buf, 0, c);
        }
        is.close();
        fout.close();

        if (count != size) {
          throw new RuntimeException("wrong amount of data returned");
        }
        String orig = root + "/" + f;
        compare(new File(orig), temp);
        temp.delete();
      } catch (Exception e) {
        e.printStackTrace();
        fail = true;
      }
    }