1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.transport.servlet.jetty; |
8 | |
|
9 | |
import org.mule.api.MuleContext; |
10 | |
import org.mule.api.lifecycle.CreateException; |
11 | |
import org.mule.api.lifecycle.InitialisationException; |
12 | |
import org.mule.api.security.TlsDirectKeyStore; |
13 | |
import org.mule.api.security.TlsDirectTrustStore; |
14 | |
import org.mule.api.security.TlsIndirectKeyStore; |
15 | |
import org.mule.api.security.TlsProtocolHandler; |
16 | |
import org.mule.api.security.provider.SecurityProviderFactory; |
17 | |
import org.mule.api.security.tls.TlsConfiguration; |
18 | |
import org.mule.util.SystemUtils; |
19 | |
|
20 | |
import java.io.IOException; |
21 | |
import java.security.Provider; |
22 | |
|
23 | |
import javax.net.ssl.KeyManagerFactory; |
24 | |
import javax.net.ssl.TrustManagerFactory; |
25 | |
|
26 | |
import org.mortbay.jetty.AbstractConnector; |
27 | |
import org.mortbay.jetty.security.SslSocketConnector; |
28 | |
|
29 | |
|
30 | |
|
31 | |
|
32 | |
|
33 | |
|
34 | |
public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler |
35 | |
{ |
36 | |
|
37 | |
public static final String JETTY_SSL = "jetty-ssl"; |
38 | |
public static final String HTTPS = "https"; |
39 | |
public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES"; |
40 | |
public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES"; |
41 | |
|
42 | 0 | private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE); |
43 | |
|
44 | |
public JettyHttpsConnector(MuleContext context) |
45 | |
{ |
46 | 0 | super(context); |
47 | 0 | registerSupportedProtocol("https"); |
48 | 0 | registerSupportedProtocol("jetty-ssl"); |
49 | 0 | } |
50 | |
|
51 | |
@Override |
52 | |
protected void doInitialise() throws InitialisationException |
53 | |
{ |
54 | 0 | validateSslConfig(); |
55 | 0 | super.doInitialise(); |
56 | 0 | } |
57 | |
|
58 | |
protected void validateSslConfig() throws InitialisationException |
59 | |
{ |
60 | |
try |
61 | |
{ |
62 | 0 | tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE); |
63 | |
} |
64 | 0 | catch (CreateException e) |
65 | |
{ |
66 | 0 | throw new InitialisationException(e, this); |
67 | 0 | } |
68 | 0 | } |
69 | |
|
70 | |
@Override |
71 | |
public String getProtocol() |
72 | |
{ |
73 | 0 | return JETTY_SSL; |
74 | |
} |
75 | |
|
76 | |
public String getClientKeyStore() |
77 | |
{ |
78 | 0 | return tls.getClientKeyStore(); |
79 | |
} |
80 | |
|
81 | |
public String getClientKeyStorePassword() |
82 | |
{ |
83 | 0 | return tls.getClientKeyStorePassword(); |
84 | |
} |
85 | |
|
86 | |
public String getClientKeyStoreType() |
87 | |
{ |
88 | 0 | return this.tls.getClientKeyStoreType(); |
89 | |
} |
90 | |
|
91 | |
public String getKeyManagerAlgorithm() |
92 | |
{ |
93 | 0 | return tls.getKeyManagerAlgorithm(); |
94 | |
} |
95 | |
|
96 | |
public KeyManagerFactory getKeyManagerFactory() |
97 | |
{ |
98 | 0 | return tls.getKeyManagerFactory(); |
99 | |
} |
100 | |
|
101 | |
public String getKeyPassword() |
102 | |
{ |
103 | 0 | return tls.getKeyPassword(); |
104 | |
} |
105 | |
|
106 | |
public String getKeyAlias() |
107 | |
{ |
108 | 0 | return tls.getKeyAlias(); |
109 | |
} |
110 | |
|
111 | |
public String getKeyStore() |
112 | |
{ |
113 | 0 | return tls.getKeyStore(); |
114 | |
} |
115 | |
|
116 | |
public String getKeyStoreType() |
117 | |
{ |
118 | 0 | return tls.getKeyStoreType(); |
119 | |
} |
120 | |
|
121 | |
public String getProtocolHandler() |
122 | |
{ |
123 | 0 | return tls.getProtocolHandler(); |
124 | |
} |
125 | |
|
126 | |
public Provider getProvider() |
127 | |
{ |
128 | 0 | return tls.getProvider(); |
129 | |
} |
130 | |
|
131 | |
public SecurityProviderFactory getSecurityProviderFactory() |
132 | |
{ |
133 | 0 | return tls.getSecurityProviderFactory(); |
134 | |
} |
135 | |
|
136 | |
public String getSslType() |
137 | |
{ |
138 | 0 | return tls.getSslType(); |
139 | |
} |
140 | |
|
141 | |
public String getKeyStorePassword() |
142 | |
{ |
143 | 0 | return tls.getKeyStorePassword(); |
144 | |
} |
145 | |
|
146 | |
public String getTrustManagerAlgorithm() |
147 | |
{ |
148 | 0 | return tls.getTrustManagerAlgorithm(); |
149 | |
} |
150 | |
|
151 | |
public TrustManagerFactory getTrustManagerFactory() |
152 | |
{ |
153 | 0 | return tls.getTrustManagerFactory(); |
154 | |
} |
155 | |
|
156 | |
public String getTrustStore() |
157 | |
{ |
158 | 0 | return tls.getTrustStore(); |
159 | |
} |
160 | |
|
161 | |
public String getTrustStorePassword() |
162 | |
{ |
163 | 0 | return tls.getTrustStorePassword(); |
164 | |
} |
165 | |
|
166 | |
public String getTrustStoreType() |
167 | |
{ |
168 | 0 | return tls.getTrustStoreType(); |
169 | |
} |
170 | |
|
171 | |
public boolean isExplicitTrustStoreOnly() |
172 | |
{ |
173 | 0 | return tls.isExplicitTrustStoreOnly(); |
174 | |
} |
175 | |
|
176 | |
public boolean isRequireClientAuthentication() |
177 | |
{ |
178 | 0 | return tls.isRequireClientAuthentication(); |
179 | |
} |
180 | |
|
181 | |
public void setClientKeyStore(String clientKeyStore) throws IOException |
182 | |
{ |
183 | 0 | tls.setClientKeyStore(clientKeyStore); |
184 | 0 | } |
185 | |
|
186 | |
public void setClientKeyStorePassword(String clientKeyStorePassword) |
187 | |
{ |
188 | 0 | tls.setClientKeyStorePassword(clientKeyStorePassword); |
189 | 0 | } |
190 | |
|
191 | |
public void setClientKeyStoreType(String clientKeyStoreType) |
192 | |
{ |
193 | 0 | this.tls.setClientKeyStoreType(clientKeyStoreType); |
194 | 0 | } |
195 | |
|
196 | |
public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly) |
197 | |
{ |
198 | 0 | tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly); |
199 | 0 | } |
200 | |
|
201 | |
public void setKeyManagerAlgorithm(String keyManagerAlgorithm) |
202 | |
{ |
203 | 0 | tls.setKeyManagerAlgorithm(keyManagerAlgorithm); |
204 | 0 | } |
205 | |
|
206 | |
public void setKeyPassword(String keyPassword) |
207 | |
{ |
208 | 0 | tls.setKeyPassword(keyPassword); |
209 | 0 | } |
210 | |
|
211 | |
public void setKeyAlias(String alias) |
212 | |
{ |
213 | 0 | tls.setKeyAlias(alias); |
214 | 0 | } |
215 | |
|
216 | |
public void setKeyStore(String keyStore) throws IOException |
217 | |
{ |
218 | 0 | tls.setKeyStore(keyStore); |
219 | 0 | } |
220 | |
|
221 | |
public void setKeyStoreType(String keystoreType) |
222 | |
{ |
223 | 0 | tls.setKeyStoreType(keystoreType); |
224 | 0 | } |
225 | |
|
226 | |
public void setProtocolHandler(String protocolHandler) |
227 | |
{ |
228 | 0 | tls.setProtocolHandler(protocolHandler); |
229 | 0 | } |
230 | |
|
231 | |
public void setProvider(Provider provider) |
232 | |
{ |
233 | 0 | tls.setProvider(provider); |
234 | 0 | } |
235 | |
|
236 | |
public void setRequireClientAuthentication(boolean requireClientAuthentication) |
237 | |
{ |
238 | 0 | tls.setRequireClientAuthentication(requireClientAuthentication); |
239 | 0 | } |
240 | |
|
241 | |
public void setSecurityProviderFactory(SecurityProviderFactory spFactory) |
242 | |
{ |
243 | 0 | tls.setSecurityProviderFactory(spFactory); |
244 | 0 | } |
245 | |
|
246 | |
public void setSslType(String sslType) |
247 | |
{ |
248 | 0 | tls.setSslType(sslType); |
249 | 0 | } |
250 | |
|
251 | |
public void setKeyStorePassword(String storePassword) |
252 | |
{ |
253 | 0 | tls.setKeyStorePassword(storePassword); |
254 | 0 | } |
255 | |
|
256 | |
public void setTrustManagerAlgorithm(String trustManagerAlgorithm) |
257 | |
{ |
258 | 0 | tls.setTrustManagerAlgorithm(trustManagerAlgorithm); |
259 | 0 | } |
260 | |
|
261 | |
public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory) |
262 | |
{ |
263 | 0 | tls.setTrustManagerFactory(trustManagerFactory); |
264 | 0 | } |
265 | |
|
266 | |
public void setTrustStore(String trustStore) throws IOException |
267 | |
{ |
268 | 0 | tls.setTrustStore(trustStore); |
269 | 0 | } |
270 | |
|
271 | |
public void setTrustStorePassword(String trustStorePassword) |
272 | |
{ |
273 | 0 | tls.setTrustStorePassword(trustStorePassword); |
274 | 0 | } |
275 | |
|
276 | |
public void setTrustStoreType(String trustStoreType) |
277 | |
{ |
278 | 0 | tls.setTrustStoreType(trustStoreType); |
279 | 0 | } |
280 | |
|
281 | |
@Override |
282 | |
protected AbstractConnector createJettyConnector() |
283 | |
{ |
284 | 0 | SslSocketConnector cnn = new SslSocketConnector(); |
285 | |
|
286 | 0 | if (SystemUtils.isIbmJDK()) |
287 | |
{ |
288 | 0 | cnn.setProtocol("SSL_TLS"); |
289 | |
} |
290 | |
|
291 | 0 | if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore()); |
292 | 0 | if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword()); |
293 | 0 | if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType()); |
294 | 0 | if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm()); |
295 | 0 | if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName()); |
296 | 0 | if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword()); |
297 | 0 | if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore()); |
298 | 0 | if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType()); |
299 | 0 | if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm()); |
300 | 0 | return cnn; |
301 | |
} |
302 | |
} |