Пример #1
0
  private static ModelNode createSSLConfModelNode(ConnectorAS7Bean connAS7) {
    ModelNode sslConf = new ModelNode();
    sslConf.get(ClientConstants.OP).set(ClientConstants.ADD);
    sslConf.get(ClientConstants.OP_ADDR).add("subsystem", "web");
    sslConf.get(ClientConstants.OP_ADDR).add("connector", connAS7.getConnectorName());
    sslConf.get(ClientConstants.OP_ADDR).add("ssl", "configuration");

    CliApiCommandBuilder sslBuilder = new CliApiCommandBuilder(sslConf);

    sslBuilder.addProperty("name", connAS7.getSslName());
    sslBuilder.addProperty("verify-client", connAS7.getVerifyClient());
    sslBuilder.addProperty("verify-depth", connAS7.getVerifyDepth());
    sslBuilder.addProperty("certificate-key-file", connAS7.getCertifKeyFile());
    sslBuilder.addProperty("password", connAS7.getPassword());
    sslBuilder.addProperty("protocol", connAS7.getProtocol());
    sslBuilder.addProperty("ciphers", connAS7.getCiphers());
    sslBuilder.addProperty("key-alias", connAS7.getKeyAlias());
    sslBuilder.addProperty("ca-certificate-file", connAS7.getCaCertifFile());
    sslBuilder.addProperty("session-cache-size", connAS7.getSessionCacheSize());
    sslBuilder.addProperty("session-timeout", connAS7.getSessionTimeout());
    return sslBuilder.getCommand();
  }
Пример #2
0
  /**
   * Creates a CLI script for adding a SSL configuration of the Connector
   *
   * @param connAS7 Connector containing SSL configuration
   * @return created string containing the CLI script for adding the SSL configuration
   * @deprecated Generate this from the ModelNode.
   */
  private static String createSSLConfScript(ConnectorAS7Bean connAS7) {
    CliAddScriptBuilder builder = new CliAddScriptBuilder();
    StringBuilder resultScript =
        new StringBuilder("/subsystem=web/connector=" + connAS7.getConnectorName());

    resultScript.append("/ssl=configuration:add(");

    builder.addProperty("name", connAS7.getSslName());
    builder.addProperty("verify-client", connAS7.getVerifyClient());
    builder.addProperty("verify-depth", connAS7.getVerifyDepth());
    builder.addProperty("certificate-key-file", connAS7.getCertifKeyFile());
    builder.addProperty("password", connAS7.getPassword());
    builder.addProperty("protocol", connAS7.getProtocol());
    builder.addProperty("ciphers", connAS7.getCiphers());
    builder.addProperty("key-alias", connAS7.getKeyAlias());
    builder.addProperty("ca-certificate-file", connAS7.getCaCertifFile());
    builder.addProperty("session-cache-size", connAS7.getSessionCacheSize());
    builder.addProperty("session-timeout", connAS7.getSessionTimeout());

    resultScript.append(builder.asString()).append(")");

    return resultScript.toString();
  }
Пример #3
0
  /**
   * Migrates a connector from AS5 to AS7
   *
   * @param connector object representing connector in AS5
   * @return migrated AS7's connector
   * @throws NodeGenerationException if socket-binding cannot be created or set
   */
  private ConnectorAS7Bean migrateConnector(
      ConnectorAS5Bean connector, ServerMigratorResource resource, MigrationContext ctx)
      throws NodeGenerationException {
    ConnectorAS7Bean connAS7 = new ConnectorAS7Bean();

    connAS7.setEnabled("true");
    connAS7.setEnableLookups(connector.getEnableLookups());
    connAS7.setMaxPostSize(connector.getMaxPostSize());
    connAS7.setMaxSavePostSize(connector.getMaxSavePostSize());
    connAS7.setProtocol(connector.getProtocol());
    connAS7.setProxyName(connector.getProxyName());
    connAS7.setProxyPort(connector.getProxyPort());
    connAS7.setRedirectPort(connector.getRedirectPort());

    // Ajp connector need scheme too. So http is set.
    connAS7.setScheme("http");

    // Socket-binding
    String protocol = null;
    if (connector.getProtocol().equals("HTTP/1.1")) {
      protocol = "true".equalsIgnoreCase(connector.getSslEnabled()) ? "https" : "http";
    } else {
      // TODO: This can't be just assumed!
      protocol = "ajp";
    }
    connAS7.setSocketBinding(createSocketBinding(connector.getPort(), protocol, resource));

    // Name
    connAS7.setConnectorName(protocol);

    // SSL enabled?
    if ("true".equalsIgnoreCase(connector.getSslEnabled())) {
      connAS7.setScheme("https");
      connAS7.setSecure(connector.getSecure());

      connAS7.setSslName("ssl");
      connAS7.setVerifyClient(connector.getClientAuth());

      if (connector.getKeystoreFile() != null) {
        String fName = new File(connector.getKeystoreFile()).getName();
        connAS7.setCertifKeyFile(AS7_CONFIG_DIR_PLACEHOLDER + "/keys/" + fName);
        CopyFileAction action = createCopyActionForKeyFile(resource, fName);
        if (action != null) ctx.getActions().add(action);
      }

      // TODO: No sure which protocols can be in AS5.
      if ((connector.getSslProtocol().equals("TLS")) || (connector.getSslProtocol() == null)) {
        connAS7.setSslProtocol("TLSv1");
      } else {
        connAS7.setSslProtocol(connector.getSslProtocol());
      }

      connAS7.setCiphers(connector.getCiphers());
      connAS7.setKeyAlias(connAS7.getKeyAlias());

      // TODO: AS 7 has just one password, while AS 5 has keystorePass and truststorePass.
      connAS7.setPassword(connector.getKeystorePass());
    }

    return connAS7;
  }