001 /*
002 * Licensed to the Apache Software Foundation (ASF) under one
003 * or more contributor license agreements. See the NOTICE file
004 * distributed with this work for additional information
005 * regarding copyright ownership. The ASF licenses this file
006 * to you under the Apache License, Version 2.0 (the
007 * "License"); you may not use this file except in compliance
008 * with the License. You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing,
013 * software distributed under the License is distributed on an
014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015 * KIND, either express or implied. See the License for the
016 * specific language governing permissions and limitations
017 * under the License.
018 */
019
020
021 package org.apache.geronimo.jetty6.connector;
022
023 import javax.net.ssl.KeyManagerFactory;
024
025 import org.apache.geronimo.gbean.GBeanInfo;
026 import org.apache.geronimo.gbean.GBeanInfoBuilder;
027 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
028 import org.apache.geronimo.jetty6.JettyContainer;
029 import org.apache.geronimo.jetty6.JettySecureConnector;
030 import org.apache.geronimo.management.geronimo.KeystoreManager;
031 import org.apache.geronimo.management.geronimo.WebManager;
032 import org.apache.geronimo.system.threads.ThreadPool;
033 import org.mortbay.jetty.nio.SelectChannelConnector;
034
035 /**
036 * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE).
037 *
038 * @version $Rev: 706640 $ $Date: 2008-10-21 14:44:05 +0000 (Tue, 21 Oct 2008) $
039 */
040 public class HTTPSSelectChannelConnector extends JettyConnector implements JettySecureConnector {
041 private final GeronimoSelectChannelSSLListener https;
042 private String algorithm;
043
044 public HTTPSSelectChannelConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager) {
045 super(container, new GeronimoSelectChannelSSLListener(keystoreManager), threadPool, "HTTPSSelectChannelConnector");
046 https = (GeronimoSelectChannelSSLListener) listener;
047 }
048
049 public int getDefaultPort() {
050 return 443;
051 }
052
053 public String getProtocol() {
054 return WebManager.PROTOCOL_HTTPS;
055 }
056
057 public String getAlgorithm() {
058 return algorithm;
059 }
060
061 /**
062 * Algorithm to use.
063 * As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default".
064 *
065 * @param algorithm the algorithm to use, or "Default" to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()}
066 */
067 public void setAlgorithm(String algorithm) {
068 // cache the value so the null
069 this.algorithm = algorithm;
070 if ("default".equalsIgnoreCase(algorithm)) {
071 algorithm = KeyManagerFactory.getDefaultAlgorithm();
072 }
073 https.setSslKeyManagerFactoryAlgorithm(algorithm);
074 }
075
076 public String getSecureProtocol() {
077 return https.getProtocol();
078 }
079
080 public void setSecureProtocol(String protocol) {
081 https.setProtocol(protocol);
082 }
083
084 public void setClientAuthRequired(boolean needClientAuth) {
085 https.setNeedClientAuth(needClientAuth);
086 }
087
088 public boolean isClientAuthRequired() {
089 return https.getNeedClientAuth();
090 }
091
092 public void setClientAuthRequested(boolean wantClientAuth) {
093 https.setWantClientAuth(wantClientAuth);
094 }
095
096 public boolean isClientAuthRequested() {
097 return https.getWantClientAuth();
098 }
099
100 public void setKeyStore(String keyStore) {
101 https.setKeyStore(keyStore);
102 }
103
104 public String getKeyStore() {
105 return https.getKeyStore();
106 }
107
108 public void setTrustStore(String trustStore) {
109 https.setTrustStore(trustStore);
110 }
111
112 public String getTrustStore() {
113 return https.getTrustStore();
114 }
115
116 public void setKeyAlias(String keyAlias) {
117 https.setKeyAlias(keyAlias);
118 }
119
120 public String getKeyAlias() {
121 return https.getKeyAlias();
122 }
123
124 //TODO does this make sense???
125 public void setRedirectPort(int port) {
126 SelectChannelConnector socketListener = (SelectChannelConnector) listener;
127 socketListener.setConfidentialPort(port);
128 socketListener.setIntegralPort(port);
129 socketListener.setIntegralScheme("https");
130 socketListener.setConfidentialScheme("https");
131 }
132
133 public static final GBeanInfo GBEAN_INFO;
134
135 static {
136 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("Jetty SelectChannel Connector HTTPS", HTTPSSelectChannelConnector.class, JettyConnector.GBEAN_INFO);
137 infoFactory.addAttribute("algorithm", String.class, true, true);
138 infoFactory.addAttribute("secureProtocol", String.class, true, true);
139 infoFactory.addAttribute("keyStore", String.class, true, true);
140 infoFactory.addAttribute("keyAlias", String.class, true, true);
141 infoFactory.addAttribute("trustStore", String.class, true, true);
142 infoFactory.addAttribute("clientAuthRequired", boolean.class, true, true);
143 infoFactory.addAttribute("clientAuthRequested", boolean.class, true, true);
144 infoFactory.addReference("KeystoreManager", KeystoreManager.class, NameFactory.GERONIMO_SERVICE);
145 infoFactory.addInterface(JettySecureConnector.class);
146 infoFactory.setConstructor(new String[]{"JettyContainer", "ThreadPool", "KeystoreManager"});
147 GBEAN_INFO = infoFactory.getBeanInfo();
148 }
149
150 public static GBeanInfo getGBeanInfo() {
151 return GBEAN_INFO;
152 }
153
154 // ================= NO LONGER USED!!! =====================
155 // todo: remove these from the SSL interface
156
157 public String getKeystoreFileName() {
158 return null;
159 }
160
161 public void setKeystoreFileName(String name) {
162 }
163
164 public void setKeystorePassword(String password) {
165 }
166
167 public String getKeystoreType() {
168 return null;
169 }
170
171 public void setKeystoreType(String type) {
172 }
173 }