1
2
3
4
5
6
7
8
9
10
11 package org.mule.transport.servlet.jetty;
12
13 import org.mule.api.MuleContext;
14 import org.mule.api.lifecycle.CreateException;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.security.TlsDirectKeyStore;
17 import org.mule.api.security.TlsDirectTrustStore;
18 import org.mule.api.security.TlsIndirectKeyStore;
19 import org.mule.api.security.TlsProtocolHandler;
20 import org.mule.api.security.provider.SecurityProviderFactory;
21 import org.mule.api.security.tls.TlsConfiguration;
22 import org.mule.util.SystemUtils;
23
24 import java.io.IOException;
25 import java.security.Provider;
26
27 import javax.net.ssl.KeyManagerFactory;
28 import javax.net.ssl.TrustManagerFactory;
29
30 import org.mortbay.jetty.AbstractConnector;
31 import org.mortbay.jetty.security.SslSocketConnector;
32
33
34
35
36
37
38 public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
39 {
40
41 public static final String JETTY_SSL = "jetty-ssl";
42 public static final String HTTPS = "https";
43 public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
44 public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
45
46 private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE);
47
48 public JettyHttpsConnector(MuleContext context)
49 {
50 super(context);
51 registerSupportedProtocol("https");
52 registerSupportedProtocol("jetty-ssl");
53 }
54
55 @Override
56 protected void doInitialise() throws InitialisationException
57 {
58 validateSslConfig();
59 super.doInitialise();
60 }
61
62 protected void validateSslConfig() throws InitialisationException
63 {
64 try
65 {
66 tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE);
67 }
68 catch (CreateException e)
69 {
70 throw new InitialisationException(e, this);
71 }
72 }
73
74 @Override
75 public String getProtocol()
76 {
77 return JETTY_SSL;
78 }
79
80 public String getClientKeyStore()
81 {
82 return tls.getClientKeyStore();
83 }
84
85 public String getClientKeyStorePassword()
86 {
87 return tls.getClientKeyStorePassword();
88 }
89
90 public String getClientKeyStoreType()
91 {
92 return this.tls.getClientKeyStoreType();
93 }
94
95 public String getKeyManagerAlgorithm()
96 {
97 return tls.getKeyManagerAlgorithm();
98 }
99
100 public KeyManagerFactory getKeyManagerFactory()
101 {
102 return tls.getKeyManagerFactory();
103 }
104
105 public String getKeyPassword()
106 {
107 return tls.getKeyPassword();
108 }
109
110 public String getKeyAlias()
111 {
112 return tls.getKeyAlias();
113 }
114
115 public String getKeyStore()
116 {
117 return tls.getKeyStore();
118 }
119
120 public String getKeyStoreType()
121 {
122 return tls.getKeyStoreType();
123 }
124
125 public String getProtocolHandler()
126 {
127 return tls.getProtocolHandler();
128 }
129
130 public Provider getProvider()
131 {
132 return tls.getProvider();
133 }
134
135 public SecurityProviderFactory getSecurityProviderFactory()
136 {
137 return tls.getSecurityProviderFactory();
138 }
139
140 public String getSslType()
141 {
142 return tls.getSslType();
143 }
144
145 public String getKeyStorePassword()
146 {
147 return tls.getKeyStorePassword();
148 }
149
150 public String getTrustManagerAlgorithm()
151 {
152 return tls.getTrustManagerAlgorithm();
153 }
154
155 public TrustManagerFactory getTrustManagerFactory()
156 {
157 return tls.getTrustManagerFactory();
158 }
159
160 public String getTrustStore()
161 {
162 return tls.getTrustStore();
163 }
164
165 public String getTrustStorePassword()
166 {
167 return tls.getTrustStorePassword();
168 }
169
170 public String getTrustStoreType()
171 {
172 return tls.getTrustStoreType();
173 }
174
175 public boolean isExplicitTrustStoreOnly()
176 {
177 return tls.isExplicitTrustStoreOnly();
178 }
179
180 public boolean isRequireClientAuthentication()
181 {
182 return tls.isRequireClientAuthentication();
183 }
184
185 public void setClientKeyStore(String clientKeyStore) throws IOException
186 {
187 tls.setClientKeyStore(clientKeyStore);
188 }
189
190 public void setClientKeyStorePassword(String clientKeyStorePassword)
191 {
192 tls.setClientKeyStorePassword(clientKeyStorePassword);
193 }
194
195 public void setClientKeyStoreType(String clientKeyStoreType)
196 {
197 this.tls.setClientKeyStoreType(clientKeyStoreType);
198 }
199
200 public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
201 {
202 tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
203 }
204
205 public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
206 {
207 tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
208 }
209
210 public void setKeyPassword(String keyPassword)
211 {
212 tls.setKeyPassword(keyPassword);
213 }
214
215 public void setKeyAlias(String alias)
216 {
217 tls.setKeyAlias(alias);
218 }
219
220 public void setKeyStore(String keyStore) throws IOException
221 {
222 tls.setKeyStore(keyStore);
223 }
224
225 public void setKeyStoreType(String keystoreType)
226 {
227 tls.setKeyStoreType(keystoreType);
228 }
229
230 public void setProtocolHandler(String protocolHandler)
231 {
232 tls.setProtocolHandler(protocolHandler);
233 }
234
235 public void setProvider(Provider provider)
236 {
237 tls.setProvider(provider);
238 }
239
240 public void setRequireClientAuthentication(boolean requireClientAuthentication)
241 {
242 tls.setRequireClientAuthentication(requireClientAuthentication);
243 }
244
245 public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
246 {
247 tls.setSecurityProviderFactory(spFactory);
248 }
249
250 public void setSslType(String sslType)
251 {
252 tls.setSslType(sslType);
253 }
254
255 public void setKeyStorePassword(String storePassword)
256 {
257 tls.setKeyStorePassword(storePassword);
258 }
259
260 public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
261 {
262 tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
263 }
264
265 public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
266 {
267 tls.setTrustManagerFactory(trustManagerFactory);
268 }
269
270 public void setTrustStore(String trustStore) throws IOException
271 {
272 tls.setTrustStore(trustStore);
273 }
274
275 public void setTrustStorePassword(String trustStorePassword)
276 {
277 tls.setTrustStorePassword(trustStorePassword);
278 }
279
280 public void setTrustStoreType(String trustStoreType)
281 {
282 tls.setTrustStoreType(trustStoreType);
283 }
284
285 @Override
286 protected AbstractConnector createJettyConnector()
287 {
288 SslSocketConnector cnn = new SslSocketConnector();
289
290 if (SystemUtils.isIbmJDK())
291 {
292 cnn.setProtocol("SSL_TLS");
293 }
294
295 if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore());
296 if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword());
297 if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType());
298 if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm());
299 if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName());
300 if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword());
301 if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore());
302 if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType());
303 if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm());
304 return cnn;
305 }
306 }