View Javadoc

1   /*
2    * $Id: HttpsConnector.java 22002 2011-05-27 12:37:49Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.transport.http;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.lifecycle.CreateException;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.TlsDirectKeyStore;
17  import org.mule.api.security.TlsDirectTrustStore;
18  import org.mule.api.security.TlsIndirectKeyStore;
19  import org.mule.api.security.TlsProtocolHandler;
20  import org.mule.api.security.provider.SecurityProviderFactory;
21  import org.mule.api.security.tls.TlsConfiguration;
22  import org.mule.transport.ssl.SslServerSocketFactory;
23  import org.mule.transport.ssl.SslSocketFactory;
24  
25  import java.io.IOException;
26  import java.net.ServerSocket;
27  import java.net.URI;
28  import java.security.GeneralSecurityException;
29  import java.security.Provider;
30  
31  import javax.net.ssl.KeyManagerFactory;
32  import javax.net.ssl.SSLServerSocket;
33  import javax.net.ssl.SSLSocketFactory;
34  import javax.net.ssl.TrustManagerFactory;
35  
36  /**
37   * <code>HttpsConnector</code> provides Secure http connectivity on top of what is
38   * already provided with the Mule {@link org.mule.transport.http.HttpConnector}.
39   */
40  public class HttpsConnector extends HttpConnector implements TlsDirectKeyStore,
41      TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
42  {
43  
44      public static final String HTTPS = "https";
45      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
46      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
47  
48      // null initial keystore - see below
49      private TlsConfiguration tls = new TlsConfiguration(null);
50  
51      /**
52       * Timeout for establishing the SSL connection with the client.
53       */
54      private long sslHandshakeTimeout = 30000;
55  
56      public HttpsConnector(MuleContext context)
57      {
58          super(context);
59          setSocketFactory(new SslSocketFactory(tls));
60          setServerSocketFactory(new SslServerSocketFactory(tls));
61          // setting this true causes problems as socket closes before handshake finishes
62          setValidateConnections(false);
63      }
64  
65      @Override
66      protected ServerSocket getServerSocket(URI uri) throws IOException
67      {
68          SSLServerSocket serverSocket = (SSLServerSocket) super.getServerSocket(uri);
69          serverSocket.setNeedClientAuth(isRequireClientAuthentication());
70          return serverSocket;
71      }
72  
73      @Override
74      protected void doInitialise() throws InitialisationException
75      {
76          // if a keystore is not provided, the connector will only be used for
77          // client connections, and can work in anon mode.
78          try
79          {
80              tls.initialise(null == getKeyStore(), TlsConfiguration.JSSE_NAMESPACE);
81          }
82          catch (CreateException e)
83          {
84              throw new InitialisationException(e, this);
85          }
86          super.doInitialise();
87      }
88  
89      @Override
90      public String getProtocol()
91      {
92          return HTTPS;
93      }
94  
95      public String getClientKeyStore()
96      {
97          return tls.getClientKeyStore();
98      }
99  
100     public String getClientKeyStorePassword()
101     {
102         return tls.getClientKeyStorePassword();
103     }
104 
105     public String getClientKeyStoreType()
106     {
107         return this.tls.getClientKeyStoreType();
108     }
109 
110     public String getKeyManagerAlgorithm()
111     {
112         return tls.getKeyManagerAlgorithm();
113     }
114 
115     public KeyManagerFactory getKeyManagerFactory()
116     {
117         return tls.getKeyManagerFactory();
118     }
119 
120     public String getKeyPassword()
121     {
122         return tls.getKeyPassword();
123     }
124 
125     public String getKeyAlias()
126     {
127         return tls.getKeyAlias();
128     }
129 
130     public String getKeyStore()
131     {
132         return tls.getKeyStore();
133     }
134 
135     public String getKeyStoreType()
136     {
137         return tls.getKeyStoreType();
138     }
139 
140     public String getProtocolHandler()
141     {
142         return tls.getProtocolHandler();
143     }
144 
145     public Provider getProvider()
146     {
147         return tls.getProvider();
148     }
149 
150     public SecurityProviderFactory getSecurityProviderFactory()
151     {
152         return tls.getSecurityProviderFactory();
153     }
154 
155     public String getSslType()
156     {
157         return tls.getSslType();
158     }
159 
160     public String getKeyStorePassword()
161     {
162         return tls.getKeyStorePassword();
163     }
164 
165     public String getTrustManagerAlgorithm()
166     {
167         return tls.getTrustManagerAlgorithm();
168     }
169 
170     public TrustManagerFactory getTrustManagerFactory()
171     {
172         return tls.getTrustManagerFactory();
173     }
174 
175     public String getTrustStore()
176     {
177         return tls.getTrustStore();
178     }
179 
180     public String getTrustStorePassword()
181     {
182         return tls.getTrustStorePassword();
183     }
184 
185     public String getTrustStoreType()
186     {
187         return tls.getTrustStoreType();
188     }
189 
190     public boolean isExplicitTrustStoreOnly()
191     {
192         return tls.isExplicitTrustStoreOnly();
193     }
194 
195     public boolean isRequireClientAuthentication()
196     {
197         return tls.isRequireClientAuthentication();
198     }
199 
200     public void setClientKeyStore(String clientKeyStore) throws IOException
201     {
202         tls.setClientKeyStore(clientKeyStore);
203     }
204 
205     public void setClientKeyStorePassword(String clientKeyStorePassword)
206     {
207         tls.setClientKeyStorePassword(clientKeyStorePassword);
208     }
209 
210     public void setClientKeyStoreType(String clientKeyStoreType)
211     {
212         this.tls.setClientKeyStoreType(clientKeyStoreType);
213     }
214 
215     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
216     {
217         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
218     }
219 
220     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
221     {
222         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
223     }
224 
225     public void setKeyPassword(String keyPassword)
226     {
227         tls.setKeyPassword(keyPassword);
228     }
229 
230     public void setKeyAlias(String keyAlias)
231     {
232         tls.setKeyAlias(keyAlias);
233     }
234 
235     public void setKeyStore(String keyStore) throws IOException
236     {
237         tls.setKeyStore(keyStore);
238     }
239 
240     public void setKeyStoreType(String keystoreType)
241     {
242         tls.setKeyStoreType(keystoreType);
243     }
244 
245     public void setProtocolHandler(String protocolHandler)
246     {
247         tls.setProtocolHandler(protocolHandler);
248     }
249 
250     public void setProvider(Provider provider)
251     {
252         tls.setProvider(provider);
253     }
254 
255     public void setRequireClientAuthentication(boolean requireClientAuthentication)
256     {
257         tls.setRequireClientAuthentication(requireClientAuthentication);
258     }
259 
260     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
261     {
262         tls.setSecurityProviderFactory(spFactory);
263     }
264 
265     public void setSslType(String sslType)
266     {
267         tls.setSslType(sslType);
268     }
269 
270     public void setKeyStorePassword(String storePassword)
271     {
272         tls.setKeyStorePassword(storePassword);
273     }
274 
275     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
276     {
277         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
278     }
279 
280     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
281     {
282         tls.setTrustManagerFactory(trustManagerFactory);
283     }
284 
285     public void setTrustStore(String trustStore) throws IOException
286     {
287         tls.setTrustStore(trustStore);
288     }
289 
290     public void setTrustStorePassword(String trustStorePassword)
291     {
292         tls.setTrustStorePassword(trustStorePassword);
293     }
294 
295     public void setTrustStoreType(String trustStoreType)
296     {
297         tls.setTrustStoreType(trustStoreType);
298     }
299 
300     public long getSslHandshakeTimeout()
301     {
302         return sslHandshakeTimeout;
303     }
304 
305     public void setSslHandshakeTimeout(long sslHandshakeTimeout)
306     {
307         this.sslHandshakeTimeout = sslHandshakeTimeout;
308     }
309 
310     public SSLSocketFactory getSslSocketFactory() throws GeneralSecurityException
311     {
312         return tls.getSocketFactory();
313     }
314 
315 }