View Javadoc

1   /*
2    * $Id: JettyHttpsConnector.java 22503 2011-07-21 14:46:28Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.transport.servlet.jetty;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.lifecycle.CreateException;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.TlsDirectKeyStore;
17  import org.mule.api.security.TlsDirectTrustStore;
18  import org.mule.api.security.TlsIndirectKeyStore;
19  import org.mule.api.security.TlsProtocolHandler;
20  import org.mule.api.security.provider.SecurityProviderFactory;
21  import org.mule.api.security.tls.TlsConfiguration;
22  import org.mule.util.SystemUtils;
23  
24  import java.io.IOException;
25  import java.security.Provider;
26  
27  import javax.net.ssl.KeyManagerFactory;
28  import javax.net.ssl.TrustManagerFactory;
29  
30  import org.mortbay.jetty.AbstractConnector;
31  import org.mortbay.jetty.security.SslSocketConnector;
32  
33  /**
34   * The <code>JettyHttpsConnector</code> can be using to embed a Jetty server to receive requests on an http inbound endpoint.
35   * One server is created for each connector declared, many Jetty endpoints can share the same connector.
36   */
37  
38  public class JettyHttpsConnector extends JettyHttpConnector implements TlsDirectKeyStore, TlsIndirectKeyStore, TlsDirectTrustStore, TlsProtocolHandler
39  {
40  
41      public static final String JETTY_SSL = "jetty-ssl";
42      public static final String HTTPS = "https";
43      public static final String PEER_CERTIFICATES = "PEER_CERTIFICATES";
44      public static final String LOCAL_CERTIFICATES = "LOCAL_CERTIFICATES";
45  
46      private TlsConfiguration tls = new TlsConfiguration(TlsConfiguration.DEFAULT_KEYSTORE);
47  
48      public JettyHttpsConnector(MuleContext context)
49      {
50          super(context);
51          registerSupportedProtocol("https");
52          registerSupportedProtocol("jetty-ssl");
53      }
54  
55      @Override
56      protected void doInitialise() throws InitialisationException
57      {
58          validateSslConfig();
59          super.doInitialise();
60      }
61  
62      protected void validateSslConfig() throws InitialisationException
63      {
64          try
65          {
66              tls.initialise(false, TlsConfiguration.JSSE_NAMESPACE);
67          }
68          catch (CreateException e)
69          {
70              throw new InitialisationException(e, this);
71          }
72      }
73  
74      @Override
75      public String getProtocol()
76      {
77          return JETTY_SSL;
78      }
79  
80      public String getClientKeyStore()
81      {
82          return tls.getClientKeyStore();
83      }
84  
85      public String getClientKeyStorePassword()
86      {
87          return tls.getClientKeyStorePassword();
88      }
89  
90      public String getClientKeyStoreType()
91      {
92          return this.tls.getClientKeyStoreType();
93      }
94  
95      public String getKeyManagerAlgorithm()
96      {
97          return tls.getKeyManagerAlgorithm();
98      }
99  
100     public KeyManagerFactory getKeyManagerFactory()
101     {
102         return tls.getKeyManagerFactory();
103     }
104 
105     public String getKeyPassword()
106     {
107         return tls.getKeyPassword();
108     }
109 
110     public String getKeyAlias()
111     {
112         return tls.getKeyAlias();
113     }
114 
115     public String getKeyStore()
116     {
117         return tls.getKeyStore();
118     }
119 
120     public String getKeyStoreType()
121     {
122         return tls.getKeyStoreType();
123     }
124 
125     public String getProtocolHandler()
126     {
127         return tls.getProtocolHandler();
128     }
129 
130     public Provider getProvider()
131     {
132         return tls.getProvider();
133     }
134 
135     public SecurityProviderFactory getSecurityProviderFactory()
136     {
137         return tls.getSecurityProviderFactory();
138     }
139 
140     public String getSslType()
141     {
142         return tls.getSslType();
143     }
144 
145     public String getKeyStorePassword()
146     {
147         return tls.getKeyStorePassword();
148     }
149 
150     public String getTrustManagerAlgorithm()
151     {
152         return tls.getTrustManagerAlgorithm();
153     }
154 
155     public TrustManagerFactory getTrustManagerFactory()
156     {
157         return tls.getTrustManagerFactory();
158     }
159 
160     public String getTrustStore()
161     {
162         return tls.getTrustStore();
163     }
164 
165     public String getTrustStorePassword()
166     {
167         return tls.getTrustStorePassword();
168     }
169 
170     public String getTrustStoreType()
171     {
172         return tls.getTrustStoreType();
173     }
174 
175     public boolean isExplicitTrustStoreOnly()
176     {
177         return tls.isExplicitTrustStoreOnly();
178     }
179 
180     public boolean isRequireClientAuthentication()
181     {
182         return tls.isRequireClientAuthentication();
183     }
184 
185     public void setClientKeyStore(String clientKeyStore) throws IOException
186     {
187         tls.setClientKeyStore(clientKeyStore);
188     }
189 
190     public void setClientKeyStorePassword(String clientKeyStorePassword)
191     {
192         tls.setClientKeyStorePassword(clientKeyStorePassword);
193     }
194 
195     public void setClientKeyStoreType(String clientKeyStoreType)
196     {
197         this.tls.setClientKeyStoreType(clientKeyStoreType);
198     }
199 
200     public void setExplicitTrustStoreOnly(boolean explicitTrustStoreOnly)
201     {
202         tls.setExplicitTrustStoreOnly(explicitTrustStoreOnly);
203     }
204 
205     public void setKeyManagerAlgorithm(String keyManagerAlgorithm)
206     {
207         tls.setKeyManagerAlgorithm(keyManagerAlgorithm);
208     }
209 
210     public void setKeyPassword(String keyPassword)
211     {
212         tls.setKeyPassword(keyPassword);
213     }
214 
215     public void setKeyAlias(String alias)
216     {
217         tls.setKeyAlias(alias);
218     }
219 
220     public void setKeyStore(String keyStore) throws IOException
221     {
222         tls.setKeyStore(keyStore);
223     }
224 
225     public void setKeyStoreType(String keystoreType)
226     {
227         tls.setKeyStoreType(keystoreType);
228     }
229 
230     public void setProtocolHandler(String protocolHandler)
231     {
232         tls.setProtocolHandler(protocolHandler);
233     }
234 
235     public void setProvider(Provider provider)
236     {
237         tls.setProvider(provider);
238     }
239 
240     public void setRequireClientAuthentication(boolean requireClientAuthentication)
241     {
242         tls.setRequireClientAuthentication(requireClientAuthentication);
243     }
244 
245     public void setSecurityProviderFactory(SecurityProviderFactory spFactory)
246     {
247         tls.setSecurityProviderFactory(spFactory);
248     }
249 
250     public void setSslType(String sslType)
251     {
252         tls.setSslType(sslType);
253     }
254 
255     public void setKeyStorePassword(String storePassword)
256     {
257         tls.setKeyStorePassword(storePassword);
258     }
259 
260     public void setTrustManagerAlgorithm(String trustManagerAlgorithm)
261     {
262         tls.setTrustManagerAlgorithm(trustManagerAlgorithm);
263     }
264 
265     public void setTrustManagerFactory(TrustManagerFactory trustManagerFactory)
266     {
267         tls.setTrustManagerFactory(trustManagerFactory);
268     }
269 
270     public void setTrustStore(String trustStore) throws IOException
271     {
272         tls.setTrustStore(trustStore);
273     }
274 
275     public void setTrustStorePassword(String trustStorePassword)
276     {
277         tls.setTrustStorePassword(trustStorePassword);
278     }
279 
280     public void setTrustStoreType(String trustStoreType)
281     {
282         tls.setTrustStoreType(trustStoreType);
283     }
284 
285     @Override
286     protected AbstractConnector createJettyConnector()
287     {
288         SslSocketConnector cnn = new SslSocketConnector();
289 
290         if (SystemUtils.isIbmJDK())
291         {
292             cnn.setProtocol("SSL_TLS");
293         }
294 
295         if (tls.getKeyStore() != null) cnn.setKeystore(tls.getKeyStore());
296         if (tls.getKeyPassword() != null) cnn.setKeyPassword(tls.getKeyPassword());
297         if (tls.getKeyStoreType() != null) cnn.setKeystoreType(tls.getKeyStoreType());
298         if (tls.getKeyManagerAlgorithm() != null) cnn.setSslKeyManagerFactoryAlgorithm(tls.getKeyManagerAlgorithm());
299         if (tls.getProvider() != null) cnn.setProvider(tls.getProvider().getName());
300         if (tls.getTrustStorePassword() != null) cnn.setTrustPassword(tls.getTrustStorePassword());
301         if (tls.getTrustStore() != null) cnn.setTruststore(tls.getTrustStore());
302         if (tls.getTrustStoreType() != null) cnn.setTruststoreType(tls.getTrustStoreType());
303         if (tls.getTrustManagerAlgorithm() != null) cnn.setSslTrustManagerFactoryAlgorithm(tls.getTrustManagerAlgorithm());
304         return cnn;
305     }
306 }