1
2
3
4
5
6
7
8
9
10
11 package org.mule.transport.servlet.jetty;
12
13 import org.mule.api.MuleContext;
14 import org.mule.api.lifecycle.CreateException;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.security.TlsDirectKeyStore;
17 import org.mule.api.security.TlsDirectTrustStore;
18 import org.mule.api.security.TlsIndirectKeyStore;
19 import org.mule.api.security.TlsProtocolHandler;
20 import org.mule.api.security.provider.SecurityProviderFactory;
21 import org.mule.api.security.tls.TlsConfiguration;
22 import org.mule.util.SystemUtils;
23
24 import java.io.IOException;
25 import java.security.Provider;
26
27 import javax.net.ssl.KeyManagerFactory;
28 import javax.net.ssl.TrustManagerFactory;
29
30 import org.mortbay.jetty.AbstractConnector;
31 import org.mortbay.jetty.security.SslSocketConnector;
32
33
34
35
36
37
38 public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
39 {
40
41 public static final String JETTY_SSL = "jetty-ssl";
42 public static final String HTTPS = "https";
43 public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
44 public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
45
46 private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE);
47
48 public JettyHttpsConnector(MuleContext context)
49 {
50 super(context);
51 registerSupportedProtocol("https");
52 registerSupportedProtocol("jetty-ssl");
53 }
54
55 protected void doInitialise() throws InitialisationException
56 {
57 validateSslConfig();
58 super.doInitialise();
59 }
60
61 protected void validateSslConfig() throws InitialisationException
62 {
63 try
64 {
65 tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE);
66 }
67 catch (CreateException e)
68 {
69 throw new InitialisationException(e, this);
70 }
71 }
72
73 public String getProtocol()
74 {
75 return JETTY_SSL;
76 }
77
78 public String getClientKeyStore()
79 {
80 return tls.getClientKeyStore();
81 }
82
83 public String getClientKeyStorePassword()
84 {
85 return tls.getClientKeyStorePassword();
86 }
87
88 public String getClientKeyStoreType()
89 {
90 return this.tls.getClientKeyStoreType();
91 }
92
93 public String getKeyManagerAlgorithm()
94 {
95 return tls.getKeyManagerAlgorithm();
96 }
97
98 public KeyManagerFactory getKeyManagerFactory()
99 {
100 return tls.getKeyManagerFactory();
101 }
102
103 public String getKeyPassword()
104 {
105 return tls.getKeyPassword();
106 }
107
108 public String getKeyStore()
109 {
110 return tls.getKeyStore();
111 }
112
113 public String getKeyStoreType()
114 {
115 return tls.getKeyStoreType();
116 }
117
118 public String getProtocolHandler()
119 {
120 return tls.getProtocolHandler();
121 }
122
123 public Provider getProvider()
124 {
125 return tls.getProvider();
126 }
127
128 public SecurityProviderFactory getSecurityProviderFactory()
129 {
130 return tls.getSecurityProviderFactory();
131 }
132
133 public String getSslType()
134 {
135 return tls.getSslType();
136 }
137
138 public String getKeyStorePassword()
139 {
140 return tls.getKeyStorePassword();
141 }
142
143 public String getTrustManagerAlgorithm()
144 {
145 return tls.getTrustManagerAlgorithm();
146 }
147
148 public TrustManagerFactory getTrustManagerFactory()
149 {
150 return tls.getTrustManagerFactory();
151 }
152
153 public String getTrustStore()
154 {
155 return tls.getTrustStore();
156 }
157
158 public String getTrustStorePassword()
159 {
160 return tls.getTrustStorePassword();
161 }
162
163 public String getTrustStoreType()
164 {
165 return tls.getTrustStoreType();
166 }
167
168 public boolean isExplicitTrustStoreOnly()
169 {
170 return tls.isExplicitTrustStoreOnly();
171 }
172
173 public boolean isRequireClientAuthentication()
174 {
175 return tls.isRequireClientAuthentication();
176 }
177
178 public void setClientKeyStore(String clientKeyStore) throws IOException
179 {
180 tls.setClientKeyStore(clientKeyStore);
181 }
182
183 public void setClientKeyStorePassword(String clientKeyStorePassword)
184 {
185 tls.setClientKeyStorePassword(clientKeyStorePassword);
186 }
187
188 public void setClientKeyStoreType(String clientKeyStoreType)
189 {
190 this.tls.setClientKeyStoreType(clientKeyStoreType);
191 }
192
193 public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
194 {
195 tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
196 }
197
198 public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
199 {
200 tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
201 }
202
203 public void setKeyPassword(String keyPassword)
204 {
205 tls.setKeyPassword(keyPassword);
206 }
207
208 public void setKeyStore(String keyStore) throws IOException
209 {
210 tls.setKeyStore(keyStore);
211 }
212
213 public void setKeyStoreType(String keystoreType)
214 {
215 tls.setKeyStoreType(keystoreType);
216 }
217
218 public void setProtocolHandler(String protocolHandler)
219 {
220 tls.setProtocolHandler(protocolHandler);
221 }
222
223 public void setProvider(Provider provider)
224 {
225 tls.setProvider(provider);
226 }
227
228 public void setRequireClientAuthentication(boolean requireClientAuthentication)
229 {
230 tls.setRequireClientAuthentication(requireClientAuthentication);
231 }
232
233 public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
234 {
235 tls.setSecurityProviderFactory(spFactory);
236 }
237
238 public void setSslType(String sslType)
239 {
240 tls.setSslType(sslType);
241 }
242
243 public void setKeyStorePassword(String storePassword)
244 {
245 tls.setKeyStorePassword(storePassword);
246 }
247
248 public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
249 {
250 tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
251 }
252
253 public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
254 {
255 tls.setTrustManagerFactory(trustManagerFactory);
256 }
257
258 public void setTrustStore(String trustStore) throws IOException
259 {
260 tls.setTrustStore(trustStore);
261 }
262
263 public void setTrustStorePassword(String trustStorePassword)
264 {
265 tls.setTrustStorePassword(trustStorePassword);
266 }
267
268 public void setTrustStoreType(String trustStoreType)
269 {
270 tls.setTrustStoreType(trustStoreType);
271 }
272
273 @Override
274 protected AbstractConnector createJettyConnector()
275 {
276 SslSocketConnector cnn = new SslSocketConnector();
277
278 if (SystemUtils.isIbmJDK())
279 {
280 cnn.setProtocol("SSL_TLS");
281 }
282
283 if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore());
284 if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword());
285 if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType());
286 if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm());
287 if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName());
288 if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword());
289 if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore());
290 if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType());
291 if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm());
292 return cnn;
293 }
294 }