View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.transport.servlet.jetty;
8   
9   import org.mule.api.MuleContext;
10  import org.mule.api.lifecycle.CreateException;
11  import org.mule.api.lifecycle.InitialisationException;
12  import org.mule.api.security.TlsDirectKeyStore;
13  import org.mule.api.security.TlsDirectTrustStore;
14  import org.mule.api.security.TlsIndirectKeyStore;
15  import org.mule.api.security.TlsProtocolHandler;
16  import org.mule.api.security.provider.SecurityProviderFactory;
17  import org.mule.api.security.tls.TlsConfiguration;
18  import org.mule.util.SystemUtils;
19  
20  import java.io.IOException;
21  import java.security.Provider;
22  
23  import javax.net.ssl.KeyManagerFactory;
24  import javax.net.ssl.TrustManagerFactory;
25  
26  import org.mortbay.jetty.AbstractConnector;
27  import org.mortbay.jetty.security.SslSocketConnector;
28  
29  /**
30   * The <code>JettyHttpsConnector</code> can be using to embed a Jetty server to receive requests on an http inbound endpoint.
31   * One server is created for each connector declared, many Jetty endpoints can share the same connector.
32   */
33  
34  public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
35  {
36  
37      public static final String JETTY_SSL = "jetty-ssl";
38      public static final String HTTPS = "https";
39      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
40      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
41  
42      private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE);
43  
44      public JettyHttpsConnector(MuleContext context)
45      {
46          super(context);
47          registerSupportedProtocol("https");
48          registerSupportedProtocol("jetty-ssl");
49      }
50  
51      @Override
52      protected void doInitialise() throws InitialisationException
53      {
54          validateSslConfig();
55          super.doInitialise();
56      }
57  
58      protected void validateSslConfig() throws InitialisationException
59      {
60          try
61          {
62              tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE);
63          }
64          catch (CreateException e)
65          {
66              throw new InitialisationException(e, this);
67          }
68      }
69  
70      @Override
71      public String getProtocol()
72      {
73          return JETTY_SSL;
74      }
75  
76      public String getClientKeyStore()
77      {
78          return tls.getClientKeyStore();
79      }
80  
81      public String getClientKeyStorePassword()
82      {
83          return tls.getClientKeyStorePassword();
84      }
85  
86      public String getClientKeyStoreType()
87      {
88          return this.tls.getClientKeyStoreType();
89      }
90  
91      public String getKeyManagerAlgorithm()
92      {
93          return tls.getKeyManagerAlgorithm();
94      }
95  
96      public KeyManagerFactory getKeyManagerFactory()
97      {
98          return tls.getKeyManagerFactory();
99      }
100 
101     public String getKeyPassword()
102     {
103         return tls.getKeyPassword();
104     }
105 
106     public String getKeyAlias()
107     {
108         return tls.getKeyAlias();
109     }
110 
111     public String getKeyStore()
112     {
113         return tls.getKeyStore();
114     }
115 
116     public String getKeyStoreType()
117     {
118         return tls.getKeyStoreType();
119     }
120 
121     public String getProtocolHandler()
122     {
123         return tls.getProtocolHandler();
124     }
125 
126     public Provider getProvider()
127     {
128         return tls.getProvider();
129     }
130 
131     public SecurityProviderFactory getSecurityProviderFactory()
132     {
133         return tls.getSecurityProviderFactory();
134     }
135 
136     public String getSslType()
137     {
138         return tls.getSslType();
139     }
140 
141     public String getKeyStorePassword()
142     {
143         return tls.getKeyStorePassword();
144     }
145 
146     public String getTrustManagerAlgorithm()
147     {
148         return tls.getTrustManagerAlgorithm();
149     }
150 
151     public TrustManagerFactory getTrustManagerFactory()
152     {
153         return tls.getTrustManagerFactory();
154     }
155 
156     public String getTrustStore()
157     {
158         return tls.getTrustStore();
159     }
160 
161     public String getTrustStorePassword()
162     {
163         return tls.getTrustStorePassword();
164     }
165 
166     public String getTrustStoreType()
167     {
168         return tls.getTrustStoreType();
169     }
170 
171     public boolean isExplicitTrustStoreOnly()
172     {
173         return tls.isExplicitTrustStoreOnly();
174     }
175 
176     public boolean isRequireClientAuthentication()
177     {
178         return tls.isRequireClientAuthentication();
179     }
180 
181     public void setClientKeyStore(String clientKeyStore) throws IOException
182     {
183         tls.setClientKeyStore(clientKeyStore);
184     }
185 
186     public void setClientKeyStorePassword(String clientKeyStorePassword)
187     {
188         tls.setClientKeyStorePassword(clientKeyStorePassword);
189     }
190 
191     public void setClientKeyStoreType(String clientKeyStoreType)
192     {
193         this.tls.setClientKeyStoreType(clientKeyStoreType);
194     }
195 
196     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
197     {
198         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
199     }
200 
201     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
202     {
203         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
204     }
205 
206     public void setKeyPassword(String keyPassword)
207     {
208         tls.setKeyPassword(keyPassword);
209     }
210 
211     public void setKeyAlias(String alias)
212     {
213         tls.setKeyAlias(alias);
214     }
215 
216     public void setKeyStore(String keyStore) throws IOException
217     {
218         tls.setKeyStore(keyStore);
219     }
220 
221     public void setKeyStoreType(String keystoreType)
222     {
223         tls.setKeyStoreType(keystoreType);
224     }
225 
226     public void setProtocolHandler(String protocolHandler)
227     {
228         tls.setProtocolHandler(protocolHandler);
229     }
230 
231     public void setProvider(Provider provider)
232     {
233         tls.setProvider(provider);
234     }
235 
236     public void setRequireClientAuthentication(boolean requireClientAuthentication)
237     {
238         tls.setRequireClientAuthentication(requireClientAuthentication);
239     }
240 
241     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
242     {
243         tls.setSecurityProviderFactory(spFactory);
244     }
245 
246     public void setSslType(String sslType)
247     {
248         tls.setSslType(sslType);
249     }
250 
251     public void setKeyStorePassword(String storePassword)
252     {
253         tls.setKeyStorePassword(storePassword);
254     }
255 
256     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
257     {
258         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
259     }
260 
261     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
262     {
263         tls.setTrustManagerFactory(trustManagerFactory);
264     }
265 
266     public void setTrustStore(String trustStore) throws IOException
267     {
268         tls.setTrustStore(trustStore);
269     }
270 
271     public void setTrustStorePassword(String trustStorePassword)
272     {
273         tls.setTrustStorePassword(trustStorePassword);
274     }
275 
276     public void setTrustStoreType(String trustStoreType)
277     {
278         tls.setTrustStoreType(trustStoreType);
279     }
280 
281     @Override
282     protected AbstractConnector createJettyConnector()
283     {
284         SslSocketConnector cnn = new SslSocketConnector();
285 
286         if (SystemUtils.isIbmJDK())
287         {
288             cnn.setProtocol("SSL_TLS");
289         }
290 
291         if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore());
292         if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword());
293         if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType());
294         if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm());
295         if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName());
296         if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword());
297         if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore());
298         if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType());
299         if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm());
300         return cnn;
301     }
302 }