View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.transport.http;
8   
9   import org.mule.api.MuleContext;
10  import org.mule.api.lifecycle.CreateException;
11  import org.mule.api.lifecycle.InitialisationException;
12  import org.mule.api.security.TlsDirectKeyStore;
13  import org.mule.api.security.TlsDirectTrustStore;
14  import org.mule.api.security.TlsIndirectKeyStore;
15  import org.mule.api.security.TlsProtocolHandler;
16  import org.mule.api.security.provider.SecurityProviderFactory;
17  import org.mule.api.security.tls.TlsConfiguration;
18  import org.mule.transport.ssl.SslServerSocketFactory;
19  import org.mule.transport.ssl.SslSocketFactory;
20  
21  import java.io.IOException;
22  import java.net.ServerSocket;
23  import java.net.URI;
24  import java.security.GeneralSecurityException;
25  import java.security.Provider;
26  
27  import javax.net.ssl.KeyManagerFactory;
28  import javax.net.ssl.SSLServerSocket;
29  import javax.net.ssl.SSLSocketFactory;
30  import javax.net.ssl.TrustManagerFactory;
31  
32  /**
33   * <code>HttpsConnector</code> provides Secure http connectivity on top of what is
34   * already provided with the Mule {@link org.mule.transport.http.HttpConnector}.
35   */
36  public class HttpsConnector extends HttpConnector implements TlsDirectKeyStore,
37      TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
38  {
39  
40      public static final String HTTPS = "https";
41      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
42      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
43  
44      // null initial keystore - see below
45      private TlsConfiguration tls = new TlsConfiguration(null);
46  
47      /**
48       * Timeout for establishing the SSL connection with the client.
49       */
50      private long sslHandshakeTimeout = 30000;
51  
52      public HttpsConnector(MuleContext context)
53      {
54          super(context);
55          setSocketFactory(new SslSocketFactory(tls));
56          setServerSocketFactory(new SslServerSocketFactory(tls));
57          // setting this true causes problems as socket closes before handshake finishes
58          setValidateConnections(false);
59      }
60  
61      @Override
62      protected ServerSocket getServerSocket(URI uri) throws IOException
63      {
64          SSLServerSocket serverSocket = (SSLServerSocket) super.getServerSocket(uri);
65          serverSocket.setNeedClientAuth(isRequireClientAuthentication());
66          return serverSocket;
67      }
68  
69      @Override
70      protected void doInitialise() throws InitialisationException
71      {
72          // if a keystore is not provided, the connector will only be used for
73          // client connections, and can work in anon mode.
74          try
75          {
76              tls.initialise(null == getKeyStore(), TlsConfiguration.JSSE_NAMESPACE);
77          }
78          catch (CreateException e)
79          {
80              throw new InitialisationException(e, this);
81          }
82          super.doInitialise();
83      }
84  
85      @Override
86      public String getProtocol()
87      {
88          return HTTPS;
89      }
90  
91      public String getClientKeyStore()
92      {
93          return tls.getClientKeyStore();
94      }
95  
96      public String getClientKeyStorePassword()
97      {
98          return tls.getClientKeyStorePassword();
99      }
100 
101     public String getClientKeyStoreType()
102     {
103         return this.tls.getClientKeyStoreType();
104     }
105 
106     public String getKeyManagerAlgorithm()
107     {
108         return tls.getKeyManagerAlgorithm();
109     }
110 
111     public KeyManagerFactory getKeyManagerFactory()
112     {
113         return tls.getKeyManagerFactory();
114     }
115 
116     public String getKeyPassword()
117     {
118         return tls.getKeyPassword();
119     }
120 
121     public String getKeyAlias()
122     {
123         return tls.getKeyAlias();
124     }
125 
126     public String getKeyStore()
127     {
128         return tls.getKeyStore();
129     }
130 
131     public String getKeyStoreType()
132     {
133         return tls.getKeyStoreType();
134     }
135 
136     public String getProtocolHandler()
137     {
138         return tls.getProtocolHandler();
139     }
140 
141     public Provider getProvider()
142     {
143         return tls.getProvider();
144     }
145 
146     public SecurityProviderFactory getSecurityProviderFactory()
147     {
148         return tls.getSecurityProviderFactory();
149     }
150 
151     public String getSslType()
152     {
153         return tls.getSslType();
154     }
155 
156     public String getKeyStorePassword()
157     {
158         return tls.getKeyStorePassword();
159     }
160 
161     public String getTrustManagerAlgorithm()
162     {
163         return tls.getTrustManagerAlgorithm();
164     }
165 
166     public TrustManagerFactory getTrustManagerFactory()
167     {
168         return tls.getTrustManagerFactory();
169     }
170 
171     public String getTrustStore()
172     {
173         return tls.getTrustStore();
174     }
175 
176     public String getTrustStorePassword()
177     {
178         return tls.getTrustStorePassword();
179     }
180 
181     public String getTrustStoreType()
182     {
183         return tls.getTrustStoreType();
184     }
185 
186     public boolean isExplicitTrustStoreOnly()
187     {
188         return tls.isExplicitTrustStoreOnly();
189     }
190 
191     public boolean isRequireClientAuthentication()
192     {
193         return tls.isRequireClientAuthentication();
194     }
195 
196     public void setClientKeyStore(String clientKeyStore) throws IOException
197     {
198         tls.setClientKeyStore(clientKeyStore);
199     }
200 
201     public void setClientKeyStorePassword(String clientKeyStorePassword)
202     {
203         tls.setClientKeyStorePassword(clientKeyStorePassword);
204     }
205 
206     public void setClientKeyStoreType(String clientKeyStoreType)
207     {
208         this.tls.setClientKeyStoreType(clientKeyStoreType);
209     }
210 
211     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
212     {
213         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
214     }
215 
216     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
217     {
218         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
219     }
220 
221     public void setKeyPassword(String keyPassword)
222     {
223         tls.setKeyPassword(keyPassword);
224     }
225 
226     public void setKeyAlias(String keyAlias)
227     {
228         tls.setKeyAlias(keyAlias);
229     }
230 
231     public void setKeyStore(String keyStore) throws IOException
232     {
233         tls.setKeyStore(keyStore);
234     }
235 
236     public void setKeyStoreType(String keystoreType)
237     {
238         tls.setKeyStoreType(keystoreType);
239     }
240 
241     public void setProtocolHandler(String protocolHandler)
242     {
243         tls.setProtocolHandler(protocolHandler);
244     }
245 
246     public void setProvider(Provider provider)
247     {
248         tls.setProvider(provider);
249     }
250 
251     public void setRequireClientAuthentication(boolean requireClientAuthentication)
252     {
253         tls.setRequireClientAuthentication(requireClientAuthentication);
254     }
255 
256     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
257     {
258         tls.setSecurityProviderFactory(spFactory);
259     }
260 
261     public void setSslType(String sslType)
262     {
263         tls.setSslType(sslType);
264     }
265 
266     public void setKeyStorePassword(String storePassword)
267     {
268         tls.setKeyStorePassword(storePassword);
269     }
270 
271     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
272     {
273         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
274     }
275 
276     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
277     {
278         tls.setTrustManagerFactory(trustManagerFactory);
279     }
280 
281     public void setTrustStore(String trustStore) throws IOException
282     {
283         tls.setTrustStore(trustStore);
284     }
285 
286     public void setTrustStorePassword(String trustStorePassword)
287     {
288         tls.setTrustStorePassword(trustStorePassword);
289     }
290 
291     public void setTrustStoreType(String trustStoreType)
292     {
293         tls.setTrustStoreType(trustStoreType);
294     }
295 
296     public long getSslHandshakeTimeout()
297     {
298         return sslHandshakeTimeout;
299     }
300 
301     public void setSslHandshakeTimeout(long sslHandshakeTimeout)
302     {
303         this.sslHandshakeTimeout = sslHandshakeTimeout;
304     }
305 
306     public SSLSocketFactory getSslSocketFactory() throws GeneralSecurityException
307     {
308         return tls.getSocketFactory();
309     }
310 
311 }