private static void configureHttpConnector(Tomcat tomcat, TomcatConfig tomcatConfig) {
Connector connector = tomcat.getConnector();
connector.setProperty("server", "kicktipp");
connector.setPort(tomcatConfig.getPort());
connector.setRedirectPort(tomcatConfig.getSslPort());
addCompression(connector);
}
/*
This method inititates an additional Tomcat connector on port 8080 to redirect to HTTPS 8443 port.
*/
private Connector initiateHttpConnector() {
Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
connector.setScheme("http");
connector.setPort(http_port);
connector.setSecure(false);
connector.setRedirectPort(https_port);
return connector;
}
@Bean
public EmbeddedServletContainerFactory servletContainer() {
final TomcatEmbeddedServletContainerFactory tomcat =
new TomcatEmbeddedServletContainerFactory();
if (casProperties.getServer().getAjp().isEnabled()) {
final Connector ajpConnector =
new Connector(casProperties.getServer().getAjp().getProtocol());
ajpConnector.setProtocol(casProperties.getServer().getAjp().getProtocol());
ajpConnector.setPort(casProperties.getServer().getAjp().getPort());
ajpConnector.setSecure(casProperties.getServer().getAjp().isSecure());
ajpConnector.setAllowTrace(casProperties.getServer().getAjp().isAllowTrace());
ajpConnector.setScheme(casProperties.getServer().getAjp().getScheme());
ajpConnector.setAsyncTimeout(casProperties.getServer().getAjp().getAsyncTimeout());
ajpConnector.setEnableLookups(casProperties.getServer().getAjp().isEnableLookups());
ajpConnector.setMaxPostSize(casProperties.getServer().getAjp().getMaxPostSize());
if (casProperties.getServer().getAjp().getProxyPort() > 0) {
ajpConnector.setProxyPort(casProperties.getServer().getAjp().getProxyPort());
}
if (casProperties.getServer().getAjp().getRedirectPort() > 0) {
ajpConnector.setRedirectPort(casProperties.getServer().getAjp().getRedirectPort());
}
tomcat.addAdditionalTomcatConnectors(ajpConnector);
}
if (casProperties.getServer().getHttp().isEnabled()) {
final Connector connector = new Connector(casProperties.getServer().getHttp().getProtocol());
int port = casProperties.getServer().getHttp().getPort();
if (port <= 0) {
port = SocketUtils.findAvailableTcpPort();
}
connector.setPort(port);
tomcat.addAdditionalTomcatConnectors(connector);
}
tomcat
.getAdditionalTomcatConnectors()
.stream()
.filter(connector -> connector.getProtocolHandler() instanceof AbstractProtocol)
.forEach(
connector -> {
final AbstractProtocol handler = (AbstractProtocol) connector.getProtocolHandler();
handler.setSoTimeout(casProperties.getServer().getConnectionTimeout());
handler.setConnectionTimeout(casProperties.getServer().getConnectionTimeout());
});
return tomcat;
}
/**
* @param configuration
* @param httpPort
* @param useNIO
* @param connector
*/
private void configureConnector(
Configuration configuration, Integer httpPort, Boolean useNIO, Connector connector) {
LOG.debug("Configuring connector {}", connector);
connector.setScheme("http");
connector.setPort(httpPort);
if (configuration.isHttpSecureEnabled()) {
connector.setRedirectPort(configuration.getHttpSecurePort());
}
if (useNIO) {
connector.setProtocolHandlerClassName(Http11NioProtocol.class.getName());
} else {
connector.setProtocolHandlerClassName(Http11Protocol.class.getName());
}
// connector
LOG.debug("configuration done: {}", connector);
}
/**
* Start the instance using the ports provided
*
* @param port the http port to use
* @param securePort the secure https port to use
*/
@SuppressWarnings("unchecked")
public T start(final Integer port, final Integer securePort) {
if (port == null && securePort == null)
throw new IllegalStateException("You must specify a port or a secure port");
if (isRunning()) throw new IllegalStateException("Server already running");
final String startedMessage =
"Started "
+ this.getClass().getSimpleName().replace("Runner", "")
+ " listening on:"
+ (port != null ? " standard port " + port : "")
+ (securePort != null ? " secure port " + securePort : "");
try {
String servletContext = "";
tomcat = new Tomcat();
tomcat.setBaseDir(
new File(".").getCanonicalPath()
+ File.separatorChar
+ "tomcat"
+ (servletContext.length() > 0 ? "_" + servletContext : ""));
// add http port
tomcat.setPort(port != null ? port : securePort);
if (securePort != null) {
// add https connector
SSLFactory.buildKeyStore();
Connector httpsConnector = new Connector();
httpsConnector.setPort(securePort);
httpsConnector.setSecure(true);
httpsConnector.setAttribute("keyAlias", SSLFactory.KEY_STORE_ALIAS);
httpsConnector.setAttribute("keystorePass", SSLFactory.KEY_STORE_PASSWORD);
logger.trace(
"Loading key store from file ["
+ new File(SSLFactory.KEY_STORE_FILENAME).getAbsoluteFile()
+ "]");
httpsConnector.setAttribute(
"keystoreFile", new File(SSLFactory.KEY_STORE_FILENAME).getAbsoluteFile());
httpsConnector.setAttribute("clientAuth", "false");
httpsConnector.setAttribute("sslProtocol", "TLS");
httpsConnector.setAttribute("SSLEnabled", true);
Service service = tomcat.getService();
service.addConnector(httpsConnector);
Connector defaultConnector = tomcat.getConnector();
defaultConnector.setRedirectPort(securePort);
}
// add servlet
Context ctx = tomcat.addContext("/" + servletContext, new File(".").getAbsolutePath());
tomcat.addServlet("/" + servletContext, "mockServerServlet", getServlet());
ctx.addServletMapping("/*", "mockServerServlet");
// start server
tomcat.start();
// create and start shutdown thread
shutdownThread = new ShutdownThread(stopPort(port, securePort));
shutdownThread.start();
serverStarted(port, securePort);
logger.info(startedMessage);
System.out.println(startedMessage);
join();
} catch (Throwable t) {
logger.error("Exception while starting server", t);
}
return (T) this;
}
/**
* Start, register and bind the web connector.
*
* @param context the start context
* @throws StartException if the connector cannot be started
*/
public synchronized void start(StartContext context) throws StartException {
final SocketBinding binding = this.binding.getValue();
final InetSocketAddress address = binding.getSocketAddress();
final Executor executor = this.executor.getOptionalValue();
try {
// Create connector
final Connector connector = new Connector(protocol);
connector.setPort(address.getPort());
connector.setScheme(scheme);
if (enableLookups != null) connector.setEnableLookups(enableLookups);
if (maxPostSize != null) connector.setMaxPostSize(maxPostSize);
if (maxSavePostSize != null) connector.setMaxSavePostSize(maxSavePostSize);
if (proxyName != null) connector.setProxyName(proxyName);
if (proxyPort != null) connector.setProxyPort(proxyPort);
if (redirectPort != null) connector.setRedirectPort(redirectPort);
if (secure != null) connector.setSecure(secure);
if (executor != null) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setExecutor", Executor.class);
m.invoke(connector.getProtocolHandler(), executor);
}
if (address != null && address.getAddress() != null) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setAddress", InetAddress.class);
m.invoke(connector.getProtocolHandler(), address.getAddress());
}
if (maxConnections != null) {
try {
Method m =
connector.getProtocolHandler().getClass().getMethod("setPollerSize", Integer.TYPE);
m.invoke(connector.getProtocolHandler(), maxConnections);
} catch (NoSuchMethodException e) {
// Not all connectors will have this
}
try {
Method m =
connector.getProtocolHandler().getClass().getMethod("setSendfileSize", Integer.TYPE);
m.invoke(connector.getProtocolHandler(), maxConnections);
} catch (NoSuchMethodException e) {
// Not all connectors will have this
}
}
if (virtualServers != null) {
HashSet<String> virtualServersList = new HashSet<String>();
for (final ModelNode virtualServer : virtualServers.asList()) {
virtualServersList.add(virtualServer.asString());
}
connector.setAllowedHosts(virtualServersList);
}
if (ssl != null) {
boolean nativeSSL = false;
if (connector.getProtocolHandler() instanceof Http11AprProtocol) {
nativeSSL = true;
} else if (!(connector.getProtocolHandler() instanceof Http11Protocol)) {
throw new StartException("Non HTTP connectors dor not support SSL");
}
// Enable SSL
try {
Method m =
connector.getProtocolHandler().getClass().getMethod("setSSLEnabled", Boolean.TYPE);
m.invoke(connector.getProtocolHandler(), true);
} catch (NoSuchMethodException e) {
// No SSL support
throw new StartException(e);
}
if (nativeSSL) {
// OpenSSL configuration
try {
if (ssl.hasDefined(Constants.PASSWORD)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLPassword", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.PASSWORD).asString());
}
if (ssl.hasDefined(Constants.CERTIFICATE_KEY_FILE)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLCertificateKeyFile", String.class);
m.invoke(
connector.getProtocolHandler(),
ssl.get(Constants.CERTIFICATE_KEY_FILE).asString());
}
if (ssl.hasDefined(Constants.CIPHER_SUITE)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLCipherSuite", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.CIPHER_SUITE).asString());
}
if (ssl.hasDefined(Constants.PROTOCOL)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLProtocol", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.PROTOCOL).asString());
}
if (ssl.hasDefined(Constants.VERIFY_CLIENT)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLVerifyClient", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.VERIFY_CLIENT).asString());
}
if (ssl.hasDefined(Constants.VERIFY_DEPTH)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLVerifyDepth", Integer.TYPE);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.VERIFY_DEPTH).asInt());
}
if (ssl.hasDefined(Constants.CERTIFICATE_FILE)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLCertificateFile", String.class);
m.invoke(
connector.getProtocolHandler(), ssl.get(Constants.CERTIFICATE_FILE).asString());
}
if (ssl.hasDefined(Constants.CA_CERTIFICATE_FILE)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLCACertificateFile", String.class);
m.invoke(
connector.getProtocolHandler(),
ssl.get(Constants.CA_CERTIFICATE_FILE).asString());
}
if (ssl.hasDefined(Constants.CA_REVOCATION_URL)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setSSLCARevocationFile", String.class);
m.invoke(
connector.getProtocolHandler(), ssl.get(Constants.CA_REVOCATION_URL).asString());
}
} catch (NoSuchMethodException e) {
throw new StartException(e);
}
} else {
// JSSE configuration
try {
if (ssl.hasDefined(Constants.KEY_ALIAS)) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setKeyAlias", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.KEY_ALIAS).asString());
}
if (ssl.hasDefined(Constants.PASSWORD)) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setKeypass", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.PASSWORD).asString());
}
if (ssl.hasDefined(Constants.CERTIFICATE_KEY_FILE)) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setKeystore", String.class);
m.invoke(
connector.getProtocolHandler(),
ssl.get(Constants.CERTIFICATE_KEY_FILE).asString());
}
if (ssl.hasDefined(Constants.CIPHER_SUITE)) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setCiphers", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.CIPHER_SUITE).asString());
}
if (ssl.hasDefined(Constants.PROTOCOL)) {
Method m =
connector.getProtocolHandler().getClass().getMethod("setProtocols", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.PROTOCOL).asString());
}
if (ssl.hasDefined(Constants.VERIFY_CLIENT)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setClientauth", String.class);
m.invoke(connector.getProtocolHandler(), ssl.get(Constants.VERIFY_CLIENT).asString());
}
if (ssl.hasDefined(Constants.SESSION_CACHE_SIZE)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setAttribute", String.class, Object.class);
m.invoke(
connector.getProtocolHandler(),
"sessionCacheSize",
ssl.get(Constants.SESSION_CACHE_SIZE).asString());
}
if (ssl.hasDefined(Constants.SESSION_TIMEOUT)) {
Method m =
connector
.getProtocolHandler()
.getClass()
.getMethod("setAttribute", String.class, Object.class);
m.invoke(
connector.getProtocolHandler(),
"sessionCacheTimeout",
ssl.get(Constants.SESSION_TIMEOUT).asString());
}
} catch (NoSuchMethodException e) {
throw new StartException(e);
}
}
}
getWebServer().addConnector(connector);
this.connector = connector;
} catch (Exception e) {
throw new StartException(e);
}
// Register the binding after the connector is started
binding.getSocketBindings().getNamedRegistry().registerBinding(new ConnectorBinding(binding));
}
