org.apache.geronimo.jetty6.connector
Class HTTPSSelectChannelConnector

java.lang.Object
  extended by org.apache.geronimo.jetty6.connector.JettyConnector
      extended by org.apache.geronimo.jetty6.connector.HTTPSSelectChannelConnector
All Implemented Interfaces:
GBeanLifecycle, JettySecureConnector, JettyWebConnector, NetworkConnector, SecureConnector, WebConnector

public class HTTPSSelectChannelConnector
extends JettyConnector
implements JettySecureConnector

Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE).


Field Summary
static GBeanInfo GBEAN_INFO
           
 
Fields inherited from class org.apache.geronimo.jetty6.connector.JettyConnector
CONNECTOR_CONTAINER_REFERENCE, listener
 
Fields inherited from interface org.apache.geronimo.management.geronimo.SecureConnector
ALGORITHM_TYPE_IBM, ALGORITHM_TYPE_SUN, KEYSTORE_TYPE_JKS, KEYSTORE_TYPE_PKCS12, SECURE_PROTOCOL_TYPE_SSL, SECURE_PROTOCOL_TYPE_TLS
 
Constructor Summary
HTTPSSelectChannelConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager)
           
 
Method Summary
 String getAlgorithm()
          Gets the certificate algorithm used to access the keystore.
 int getDefaultPort()
           
static GBeanInfo getGBeanInfo()
           
 String getKeyAlias()
           
 String getKeyStore()
           
 String getKeystoreFileName()
          Gets the name of the keystore file that holds the server certificate (and by default, the trusted CA certificates used for client certificate authentication).
 String getKeystoreType()
          Gets the format of the entries in the keystore.
 String getProtocol()
          Gets the network protocol that this connector handles.
 String getSecureProtocol()
          Gets the protocol used for secure communication.
 String getTrustStore()
           
 boolean isClientAuthRequested()
           
 boolean isClientAuthRequired()
          Checks whether clients are required to authenticate using client certificates in order to connect using this connector.
 void setAlgorithm(String algorithm)
          Algorithm to use.
 void setClientAuthRequested(boolean wantClientAuth)
           
 void setClientAuthRequired(boolean needClientAuth)
          Checks whether clients are required to authenticate using client certificates in order to connect using this connector.
 void setKeyAlias(String keyAlias)
           
 void setKeyStore(String keyStore)
           
 void setKeystoreFileName(String name)
          Sets the name of the keystore file that holds the server certificate (and by default, the trusted CA certificates used for client certificate authentication).
 void setKeystorePassword(String password)
          Sets the password used to access the keystore, and by default, used to access the server private key inside the keystore.
 void setKeystoreType(String type)
          Sets the format of the entries in the keystore.
 void setRedirectPort(int port)
          Gets the network port to which traffic will be redirected if this connector handles insecure traffic and the request requires a secure connection.
 void setSecureProtocol(String protocol)
          Gets the protocol used for secure communication.
 void setTrustStore(String trustStore)
           
 
Methods inherited from class org.apache.geronimo.jetty6.connector.JettyConnector
doFail, doStart, doStop, getAcceptQueueSize, getBufferSizeBytes, getConnectUrl, getDefaultScheme, getHost, getLingerMillis, getListenAddress, getMaxIdleTimeMs, getMaxThreads, getPort, getRedirectPort, isTcpNoDelay, setAcceptQueueSize, setBufferSizeBytes, setHost, setLingerMillis, setMaxIdleTimeMs, setMaxThreads, setPort, setTcpNoDelay
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 
Methods inherited from interface org.apache.geronimo.management.geronimo.WebConnector
getAcceptQueueSize, getBufferSizeBytes, getConnectUrl, getLingerMillis, getMaxThreads, getRedirectPort, isTcpNoDelay, setAcceptQueueSize, setBufferSizeBytes, setLingerMillis, setMaxThreads, setTcpNoDelay
 
Methods inherited from interface org.apache.geronimo.management.geronimo.NetworkConnector
getHost, getListenAddress, getPort, setHost, setPort
 

Field Detail

GBEAN_INFO

public static final GBeanInfo GBEAN_INFO
Constructor Detail

HTTPSSelectChannelConnector

public HTTPSSelectChannelConnector(JettyContainer container,
                                   ThreadPool threadPool,
                                   KeystoreManager keystoreManager)
Method Detail

getDefaultPort

public int getDefaultPort()
Specified by:
getDefaultPort in class JettyConnector

getProtocol

public String getProtocol()
Description copied from interface: NetworkConnector
Gets the network protocol that this connector handles.

Specified by:
getProtocol in interface NetworkConnector
Specified by:
getProtocol in class JettyConnector

getAlgorithm

public String getAlgorithm()
Description copied from interface: SecureConnector
Gets the certificate algorithm used to access the keystore. This may be different for different JVM vendors, but should not usually be changed otherwise.

Specified by:
getAlgorithm in interface SecureConnector

setAlgorithm

public void setAlgorithm(String algorithm)
Algorithm to use. As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default".

Specified by:
setAlgorithm in interface SecureConnector
Parameters:
algorithm - the algorithm to use, or "Default" to use the default from KeyManagerFactory.getDefaultAlgorithm()

getSecureProtocol

public String getSecureProtocol()
Description copied from interface: SecureConnector
Gets the protocol used for secure communication. This should usually be TLS, though some JVM implementations (particularly some of IBM's) may not be compatible with popular browsers unless this is changed to SSL.

Specified by:
getSecureProtocol in interface SecureConnector

setSecureProtocol

public void setSecureProtocol(String protocol)
Description copied from interface: SecureConnector
Gets the protocol used for secure communication. This should usually be TLS, though some JVM implementations (particularly some of IBM's) may not be compatible with popular browsers unless this is changed to SSL. Don't change it if you're not having problems.

Specified by:
setSecureProtocol in interface SecureConnector

setClientAuthRequired

public void setClientAuthRequired(boolean needClientAuth)
Description copied from interface: SecureConnector
Checks whether clients are required to authenticate using client certificates in order to connect using this connector. If enabled, client certificates are validated using the trust store, which defaults to the same keystore file, keystore type, and keystore password as the regular keystore. Some connector implementations may allow you to configure those 3 values separately to use a different trust store. todo: confirm that Jetty defaults to keystore not JVM default trust store

Specified by:
setClientAuthRequired in interface SecureConnector

isClientAuthRequired

public boolean isClientAuthRequired()
Description copied from interface: SecureConnector
Checks whether clients are required to authenticate using client certificates in order to connect using this connector. If enabled, client certificates are validated using the trust store, which defaults to the same keystore file, keystore type, and keystore password as the regular keystore. Some connector implementations may allow you to configure those 3 values separately to use a different trust store. todo: confirm that Jetty defaults to keystore not JVM default trust store

Specified by:
isClientAuthRequired in interface SecureConnector

setClientAuthRequested

public void setClientAuthRequested(boolean wantClientAuth)

isClientAuthRequested

public boolean isClientAuthRequested()

setKeyStore

public void setKeyStore(String keyStore)
Specified by:
setKeyStore in interface JettySecureConnector

getKeyStore

public String getKeyStore()
Specified by:
getKeyStore in interface JettySecureConnector

setTrustStore

public void setTrustStore(String trustStore)
Specified by:
setTrustStore in interface JettySecureConnector

getTrustStore

public String getTrustStore()
Specified by:
getTrustStore in interface JettySecureConnector

setKeyAlias

public void setKeyAlias(String keyAlias)
Specified by:
setKeyAlias in interface JettySecureConnector

getKeyAlias

public String getKeyAlias()
Specified by:
getKeyAlias in interface JettySecureConnector

setRedirectPort

public void setRedirectPort(int port)
Description copied from interface: WebConnector
Gets the network port to which traffic will be redirected if this connector handles insecure traffic and the request requires a secure connection. Needless to say, this should point to another connector configured for SSL. If no SSL connector is available, any port can be used as they all fail equally well. :)

Specified by:
setRedirectPort in interface WebConnector
Overrides:
setRedirectPort in class JettyConnector

getGBeanInfo

public static GBeanInfo getGBeanInfo()

getKeystoreFileName

public String getKeystoreFileName()
Description copied from interface: SecureConnector
Gets the name of the keystore file that holds the server certificate (and by default, the trusted CA certificates used for client certificate authentication). This is relative to the Geronimo home directory.

Specified by:
getKeystoreFileName in interface SecureConnector

setKeystoreFileName

public void setKeystoreFileName(String name)
Description copied from interface: SecureConnector
Sets the name of the keystore file that holds the server certificate (and by default, the trusted CA certificates used for client certificate authentication). This is relative to the Geronimo home directory.

Specified by:
setKeystoreFileName in interface SecureConnector

setKeystorePassword

public void setKeystorePassword(String password)
Description copied from interface: SecureConnector
Sets the password used to access the keystore, and by default, used to access the server private key inside the keystore. Not all connectors support configuring different passwords for those two features; if so, a separate PrivateKeyPassword should be defined in an implementation-specific connector interface.

Specified by:
setKeystorePassword in interface SecureConnector

getKeystoreType

public String getKeystoreType()
Description copied from interface: SecureConnector
Gets the format of the entries in the keystore. The default format for Java keystores is JKS, though some connector implementations support PCKS12 (and possibly other formats).

Specified by:
getKeystoreType in interface SecureConnector

setKeystoreType

public void setKeystoreType(String type)
Description copied from interface: SecureConnector
Sets the format of the entries in the keystore. The default format for Java keystores is JKS, though some connector implementations support PCKS12 (and possibly other formats).

Specified by:
setKeystoreType in interface SecureConnector


Copyright © 2003-2007 Apache Software Foundation. All Rights Reserved.