1
2
3
4
5
6
7 package org.mule.transport.servlet.jetty;
8
9 import org.mule.api.MuleContext;
10 import org.mule.api.lifecycle.CreateException;
11 import org.mule.api.lifecycle.InitialisationException;
12 import org.mule.api.security.TlsDirectKeyStore;
13 import org.mule.api.security.TlsDirectTrustStore;
14 import org.mule.api.security.TlsIndirectKeyStore;
15 import org.mule.api.security.TlsProtocolHandler;
16 import org.mule.api.security.provider.SecurityProviderFactory;
17 import org.mule.api.security.tls.TlsConfiguration;
18 import org.mule.util.SystemUtils;
19
20 import java.io.IOException;
21 import java.security.Provider;
22
23 import javax.net.ssl.KeyManagerFactory;
24 import javax.net.ssl.TrustManagerFactory;
25
26 import org.mortbay.jetty.AbstractConnector;
27 import org.mortbay.jetty.security.SslSocketConnector;
28
29
30
31
32
33
34 public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
35 {
36
37 public static final String JETTY_SSL = "jetty-ssl";
38 public static final String HTTPS = "https";
39 public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
40 public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
41
42 private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE);
43
44 public JettyHttpsConnector(MuleContext context)
45 {
46 super(context);
47 registerSupportedProtocol("https");
48 registerSupportedProtocol("jetty-ssl");
49 }
50
51 @Override
52 protected void doInitialise() throws InitialisationException
53 {
54 validateSslConfig();
55 super.doInitialise();
56 }
57
58 protected void validateSslConfig() throws InitialisationException
59 {
60 try
61 {
62 tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE);
63 }
64 catch (CreateException e)
65 {
66 throw new InitialisationException(e, this);
67 }
68 }
69
70 @Override
71 public String getProtocol()
72 {
73 return JETTY_SSL;
74 }
75
76 public String getClientKeyStore()
77 {
78 return tls.getClientKeyStore();
79 }
80
81 public String getClientKeyStorePassword()
82 {
83 return tls.getClientKeyStorePassword();
84 }
85
86 public String getClientKeyStoreType()
87 {
88 return this.tls.getClientKeyStoreType();
89 }
90
91 public String getKeyManagerAlgorithm()
92 {
93 return tls.getKeyManagerAlgorithm();
94 }
95
96 public KeyManagerFactory getKeyManagerFactory()
97 {
98 return tls.getKeyManagerFactory();
99 }
100
101 public String getKeyPassword()
102 {
103 return tls.getKeyPassword();
104 }
105
106 public String getKeyAlias()
107 {
108 return tls.getKeyAlias();
109 }
110
111 public String getKeyStore()
112 {
113 return tls.getKeyStore();
114 }
115
116 public String getKeyStoreType()
117 {
118 return tls.getKeyStoreType();
119 }
120
121 public String getProtocolHandler()
122 {
123 return tls.getProtocolHandler();
124 }
125
126 public Provider getProvider()
127 {
128 return tls.getProvider();
129 }
130
131 public SecurityProviderFactory getSecurityProviderFactory()
132 {
133 return tls.getSecurityProviderFactory();
134 }
135
136 public String getSslType()
137 {
138 return tls.getSslType();
139 }
140
141 public String getKeyStorePassword()
142 {
143 return tls.getKeyStorePassword();
144 }
145
146 public String getTrustManagerAlgorithm()
147 {
148 return tls.getTrustManagerAlgorithm();
149 }
150
151 public TrustManagerFactory getTrustManagerFactory()
152 {
153 return tls.getTrustManagerFactory();
154 }
155
156 public String getTrustStore()
157 {
158 return tls.getTrustStore();
159 }
160
161 public String getTrustStorePassword()
162 {
163 return tls.getTrustStorePassword();
164 }
165
166 public String getTrustStoreType()
167 {
168 return tls.getTrustStoreType();
169 }
170
171 public boolean isExplicitTrustStoreOnly()
172 {
173 return tls.isExplicitTrustStoreOnly();
174 }
175
176 public boolean isRequireClientAuthentication()
177 {
178 return tls.isRequireClientAuthentication();
179 }
180
181 public void setClientKeyStore(String clientKeyStore) throws IOException
182 {
183 tls.setClientKeyStore(clientKeyStore);
184 }
185
186 public void setClientKeyStorePassword(String clientKeyStorePassword)
187 {
188 tls.setClientKeyStorePassword(clientKeyStorePassword);
189 }
190
191 public void setClientKeyStoreType(String clientKeyStoreType)
192 {
193 this.tls.setClientKeyStoreType(clientKeyStoreType);
194 }
195
196 public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
197 {
198 tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
199 }
200
201 public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
202 {
203 tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
204 }
205
206 public void setKeyPassword(String keyPassword)
207 {
208 tls.setKeyPassword(keyPassword);
209 }
210
211 public void setKeyAlias(String alias)
212 {
213 tls.setKeyAlias(alias);
214 }
215
216 public void setKeyStore(String keyStore) throws IOException
217 {
218 tls.setKeyStore(keyStore);
219 }
220
221 public void setKeyStoreType(String keystoreType)
222 {
223 tls.setKeyStoreType(keystoreType);
224 }
225
226 public void setProtocolHandler(String protocolHandler)
227 {
228 tls.setProtocolHandler(protocolHandler);
229 }
230
231 public void setProvider(Provider provider)
232 {
233 tls.setProvider(provider);
234 }
235
236 public void setRequireClientAuthentication(boolean requireClientAuthentication)
237 {
238 tls.setRequireClientAuthentication(requireClientAuthentication);
239 }
240
241 public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
242 {
243 tls.setSecurityProviderFactory(spFactory);
244 }
245
246 public void setSslType(String sslType)
247 {
248 tls.setSslType(sslType);
249 }
250
251 public void setKeyStorePassword(String storePassword)
252 {
253 tls.setKeyStorePassword(storePassword);
254 }
255
256 public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
257 {
258 tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
259 }
260
261 public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
262 {
263 tls.setTrustManagerFactory(trustManagerFactory);
264 }
265
266 public void setTrustStore(String trustStore) throws IOException
267 {
268 tls.setTrustStore(trustStore);
269 }
270
271 public void setTrustStorePassword(String trustStorePassword)
272 {
273 tls.setTrustStorePassword(trustStorePassword);
274 }
275
276 public void setTrustStoreType(String trustStoreType)
277 {
278 tls.setTrustStoreType(trustStoreType);
279 }
280
281 @Override
282 protected AbstractConnector createJettyConnector()
283 {
284 SslSocketConnector cnn = new SslSocketConnector();
285
286 if (SystemUtils.isIbmJDK())
287 {
288 cnn.setProtocol("SSL_TLS");
289 }
290
291 if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore());
292 if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword());
293 if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType());
294 if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm());
295 if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName());
296 if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword());
297 if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore());
298 if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType());
299 if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm());
300 return cnn;
301 }
302 }