001 /**
002 * Licensed to the Apache Software Foundation (ASF) under one or more
003 * contributor license agreements. See the NOTICE file distributed with
004 * this work for additional information regarding copyright ownership.
005 * The ASF licenses this file to You under the Apache License, Version 2.0
006 * (the "License"); you may not use this file except in compliance with
007 * the License. You may obtain a copy of the License at
008 *
009 * http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017
018 package org.apache.geronimo.jetty6.connector;
019
020 import javax.net.ssl.KeyManagerFactory;
021 import org.apache.geronimo.gbean.GBeanInfo;
022 import org.apache.geronimo.gbean.GBeanInfoBuilder;
023 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
024 import org.apache.geronimo.jetty6.JettyContainer;
025 import org.apache.geronimo.jetty6.JettySecureConnector;
026 import org.apache.geronimo.management.geronimo.KeystoreManager;
027 import org.apache.geronimo.management.geronimo.WebManager;
028 import org.apache.geronimo.system.threads.ThreadPool;
029 import org.mortbay.jetty.bio.SocketConnector;
030
031 /**
032 * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE).
033 *
034 * @version $Rev: 543715 $ $Date: 2007-06-02 04:10:16 -0400 (Sat, 02 Jun 2007) $
035 */
036 public class HTTPSSocketConnector extends JettyConnector implements JettySecureConnector {
037 private final GeronimoSocketSSLListener https;
038 private String algorithm;
039
040 public HTTPSSocketConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager) {
041 super(container, new GeronimoSocketSSLListener(keystoreManager), threadPool, "HTTPSSocketConnector");
042 https = (GeronimoSocketSSLListener) listener;
043 }
044
045 public int getDefaultPort() {
046 return 443;
047 }
048
049 public String getProtocol() {
050 return WebManager.PROTOCOL_HTTPS;
051 }
052
053 public String getAlgorithm() {
054 return algorithm;
055 }
056
057 /**
058 * Algorithm to use.
059 * As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default".
060 *
061 * @param algorithm the algorithm to use, or "Default" to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()}
062 */
063 public void setAlgorithm(String algorithm) {
064 // cache the value so the null
065 this.algorithm = algorithm;
066 if ("default".equalsIgnoreCase(algorithm)) {
067 algorithm = KeyManagerFactory.getDefaultAlgorithm();
068 }
069 https.setSslKeyManagerFactoryAlgorithm(algorithm);
070 }
071
072 public String getSecureProtocol() {
073 return https.getProtocol();
074 }
075
076 public void setSecureProtocol(String protocol) {
077 https.setProtocol(protocol);
078 }
079
080 public void setClientAuthRequired(boolean needClientAuth) {
081 https.setNeedClientAuth(needClientAuth);
082 }
083
084 public boolean isClientAuthRequired() {
085 return https.getNeedClientAuth();
086 }
087
088 public void setClientAuthRequested(boolean wantClientAuth) {
089 https.setWantClientAuth(wantClientAuth);
090 }
091
092 public boolean isClientAuthRequested() {
093 return https.getWantClientAuth();
094 }
095
096 public void setKeyStore(String keyStore) {
097 https.setKeyStore(keyStore);
098 }
099
100 public String getKeyStore() {
101 return https.getKeyStore();
102 }
103
104 public void setTrustStore(String trustStore) {
105 https.setTrustStore(trustStore);
106 }
107
108 public String getTrustStore() {
109 return https.getTrustStore();
110 }
111
112 public void setKeyAlias(String keyAlias) {
113 https.setKeyAlias(keyAlias);
114 }
115
116 public String getKeyAlias() {
117 return https.getKeyAlias();
118 }
119
120 //TODO does this make sense???
121 public void setRedirectPort(int port) {
122 SocketConnector socketListener = (SocketConnector) listener;
123 socketListener.setConfidentialPort(port);
124 socketListener.setIntegralPort(port);
125 socketListener.setIntegralScheme("https");
126 socketListener.setConfidentialScheme("https");
127 }
128
129 public static final GBeanInfo GBEAN_INFO;
130
131 static {
132 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("Jetty Connector HTTPS", HTTPSSocketConnector.class, JettyConnector.GBEAN_INFO);
133 infoFactory.addAttribute("algorithm", String.class, true, true);
134 infoFactory.addAttribute("secureProtocol", String.class, true, true);
135 infoFactory.addAttribute("keyStore", String.class, true, true);
136 infoFactory.addAttribute("keyAlias", String.class, true, true);
137 infoFactory.addAttribute("trustStore", String.class, true, true);
138 infoFactory.addAttribute("clientAuthRequired", boolean.class, true, true);
139 infoFactory.addAttribute("clientAuthRequested", boolean.class, true, true);
140 infoFactory.addReference("KeystoreManager", KeystoreManager.class, NameFactory.GERONIMO_SERVICE);
141 infoFactory.addInterface(JettySecureConnector.class);
142 infoFactory.setConstructor(new String[]{"JettyContainer", "ThreadPool", "KeystoreManager"});
143 GBEAN_INFO = infoFactory.getBeanInfo();
144 }
145
146 public static GBeanInfo getGBeanInfo() {
147 return GBEAN_INFO;
148 }
149
150 // ================= NO LONGER USED!!! =====================
151 // todo: remove these from the SSL interface
152
153 public String getKeystoreFileName() {
154 return null;
155 }
156
157 public void setKeystoreFileName(String name) {
158 }
159
160 public void setKeystorePassword(String password) {
161 }
162
163 public String getKeystoreType() {
164 return null;
165 }
166
167 public void setKeystoreType(String type) {
168 }
169 }