View Javadoc

1   /*
2    * $Id: HttpsConnector.java 19191 2010-08-25 21:05:23Z tcarlson $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.transport.http;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.lifecycle.CreateException;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.TlsDirectKeyStore;
17  import org.mule.api.security.TlsDirectTrustStore;
18  import org.mule.api.security.TlsIndirectKeyStore;
19  import org.mule.api.security.TlsProtocolHandler;
20  import org.mule.api.security.provider.SecurityProviderFactory;
21  import org.mule.api.security.tls.TlsConfiguration;
22  import org.mule.transport.ssl.SslServerSocketFactory;
23  import org.mule.transport.ssl.SslSocketFactory;
24  
25  import java.io.IOException;
26  import java.net.ServerSocket;
27  import java.net.URI;
28  import java.security.GeneralSecurityException;
29  import java.security.Provider;
30  
31  import javax.net.ssl.KeyManagerFactory;
32  import javax.net.ssl.SSLServerSocket;
33  import javax.net.ssl.SSLSocketFactory;
34  import javax.net.ssl.TrustManagerFactory;
35  
36  /**
37   * <code>HttpsConnector</code> provides Secure http connectivity on top of what is already provided with the
38   * Mule {@link org.mule.transport.http.HttpConnector}.
39   */
40  public class HttpsConnector extends HttpConnector
41          implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
42  {
43  
44      public static final String HTTPS = "https";
45      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
46      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
47  
48      // null initial keystore - see below
49      private TlsConfiguration tls = new TlsConfiguration(null);
50      
51      /**
52       * Timeout for establishing the SSL connection with the client.
53       */
54      private long sslHandshakeTimeout = 30000;
55  
56      public HttpsConnector(MuleContext context)
57      {
58          super(context);
59          setSocketFactory(new SslSocketFactory(tls));
60          setServerSocketFactory(new SslServerSocketFactory(tls));
61          // setting this true causes problems as socket closes before handshake finishes
62          setValidateConnections(false);
63      }
64  
65      @Override
66      protected ServerSocket getServerSocket(URI uri) throws IOException
67      {
68          SSLServerSocket serverSocket = (SSLServerSocket) super.getServerSocket(uri);
69          serverSocket.setNeedClientAuth(isRequireClientAuthentication());
70          return serverSocket;
71      }
72  
73      @Override
74      protected void doInitialise() throws InitialisationException
75      {
76          // if a keystore is not provided, the connector will only be used for
77          // client connections, and can work in anon mode.
78          try
79          {
80              tls.initialise(null == getKeyStore(), TlsConfiguration.JSSE_NAMESPACE);
81          }
82          catch (CreateException e)
83          {
84              throw new InitialisationException(e, this);
85          }
86          super.doInitialise();
87      }
88  
89      @Override
90      public String getProtocol()
91      {
92          return HTTPS;
93      }
94  
95      public String getClientKeyStore()
96      {
97          return tls.getClientKeyStore();
98      }
99  
100     public String getClientKeyStorePassword()
101     {
102         return tls.getClientKeyStorePassword();
103     }
104 
105     public String getClientKeyStoreType()
106     {
107         return this.tls.getClientKeyStoreType();
108     }
109 
110     public String getKeyManagerAlgorithm()
111     {
112         return tls.getKeyManagerAlgorithm();
113     }
114 
115     public KeyManagerFactory getKeyManagerFactory()
116     {
117         return tls.getKeyManagerFactory();
118     }
119 
120     public String getKeyPassword()
121     {
122         return tls.getKeyPassword();
123     }
124 
125     public String getKeyStore()
126     {
127         return tls.getKeyStore();
128     }
129 
130     public String getKeyStoreType()
131     {
132         return tls.getKeyStoreType();
133     }
134 
135     public String getProtocolHandler()
136     {
137         return tls.getProtocolHandler();
138     }
139 
140     public Provider getProvider()
141     {
142         return tls.getProvider();
143     }
144 
145     public SecurityProviderFactory getSecurityProviderFactory()
146     {
147         return tls.getSecurityProviderFactory();
148     }
149 
150     public String getSslType()
151     {
152         return tls.getSslType();
153     }
154 
155     public String getKeyStorePassword()
156     {
157         return tls.getKeyStorePassword();
158     }
159 
160     public String getTrustManagerAlgorithm()
161     {
162         return tls.getTrustManagerAlgorithm();
163     }
164 
165     public TrustManagerFactory getTrustManagerFactory()
166     {
167         return tls.getTrustManagerFactory();
168     }
169 
170     public String getTrustStore()
171     {
172         return tls.getTrustStore();
173     }
174 
175     public String getTrustStorePassword()
176     {
177         return tls.getTrustStorePassword();
178     }
179 
180     public String getTrustStoreType()
181     {
182         return tls.getTrustStoreType();
183     }
184 
185     public boolean isExplicitTrustStoreOnly()
186     {
187         return tls.isExplicitTrustStoreOnly();
188     }
189 
190     public boolean isRequireClientAuthentication()
191     {
192         return tls.isRequireClientAuthentication();
193     }
194 
195     public void setClientKeyStore(String clientKeyStore) throws IOException
196     {
197         tls.setClientKeyStore(clientKeyStore);
198     }
199 
200     public void setClientKeyStorePassword(String clientKeyStorePassword)
201     {
202         tls.setClientKeyStorePassword(clientKeyStorePassword);
203     }
204 
205     public void setClientKeyStoreType(String clientKeyStoreType)
206     {
207         this.tls.setClientKeyStoreType(clientKeyStoreType);
208     }
209 
210     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
211     {
212         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
213     }
214 
215     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
216     {
217         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
218     }
219 
220     public void setKeyPassword(String keyPassword)
221     {
222         tls.setKeyPassword(keyPassword);
223     }
224 
225     public void setKeyStore(String keyStore) throws IOException
226     {
227         tls.setKeyStore(keyStore);
228     }
229 
230     public void setKeyStoreType(String keystoreType)
231     {
232         tls.setKeyStoreType(keystoreType);
233     }
234 
235     public void setProtocolHandler(String protocolHandler)
236     {
237         tls.setProtocolHandler(protocolHandler);
238     }
239 
240     public void setProvider(Provider provider)
241     {
242         tls.setProvider(provider);
243     }
244 
245     public void setRequireClientAuthentication(boolean requireClientAuthentication)
246     {
247         tls.setRequireClientAuthentication(requireClientAuthentication);
248     }
249 
250     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
251     {
252         tls.setSecurityProviderFactory(spFactory);
253     }
254 
255     public void setSslType(String sslType)
256     {
257         tls.setSslType(sslType);
258     }
259 
260     public void setKeyStorePassword(String storePassword)
261     {
262         tls.setKeyStorePassword(storePassword);
263     }
264 
265     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
266     {
267         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
268     }
269 
270     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
271     {
272         tls.setTrustManagerFactory(trustManagerFactory);
273     }
274 
275     public void setTrustStore(String trustStore) throws IOException
276     {
277         tls.setTrustStore(trustStore);
278     }
279 
280     public void setTrustStorePassword(String trustStorePassword)
281     {
282         tls.setTrustStorePassword(trustStorePassword);
283     }
284 
285     public void setTrustStoreType(String trustStoreType)
286     {
287         tls.setTrustStoreType(trustStoreType);
288     }
289 
290     public long getSslHandshakeTimeout()
291     {
292         return sslHandshakeTimeout;
293     }
294 
295     public void setSslHandshakeTimeout(long sslHandshakeTimeout)
296     {
297         this.sslHandshakeTimeout = sslHandshakeTimeout;
298     }
299 
300     public SSLSocketFactory getSslSocketFactory() throws GeneralSecurityException
301     {
302         return tls.getSocketFactory();
303     }
304     
305 }