001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 */ 019 020 021 package org.apache.geronimo.jetty6.connector; 022 023 import javax.net.ssl.KeyManagerFactory; 024 025 import org.apache.geronimo.gbean.GBeanInfo; 026 import org.apache.geronimo.gbean.GBeanInfoBuilder; 027 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory; 028 import org.apache.geronimo.jetty6.JettyContainer; 029 import org.apache.geronimo.jetty6.JettySecureConnector; 030 import org.apache.geronimo.management.geronimo.KeystoreManager; 031 import org.apache.geronimo.management.geronimo.WebManager; 032 import org.apache.geronimo.system.threads.ThreadPool; 033 import org.mortbay.jetty.nio.SelectChannelConnector; 034 035 /** 036 * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE). 037 * 038 * @version $Rev: 562301 $ $Date: 2007-08-02 20:28:32 -0400 (Thu, 02 Aug 2007) $ 039 */ 040 public class HTTPSSelectChannelConnector extends JettyConnector implements JettySecureConnector { 041 private final GeronimoSelectChannelSSLListener https; 042 private String algorithm; 043 044 public HTTPSSelectChannelConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager) { 045 super(container, new GeronimoSelectChannelSSLListener(keystoreManager), threadPool, "HTTPSSelectChannelConnector"); 046 https = (GeronimoSelectChannelSSLListener) listener; 047 } 048 049 public int getDefaultPort() { 050 return 443; 051 } 052 053 public String getProtocol() { 054 return WebManager.PROTOCOL_HTTPS; 055 } 056 057 public String getAlgorithm() { 058 return algorithm; 059 } 060 061 /** 062 * Algorithm to use. 063 * As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default". 064 * 065 * @param algorithm the algorithm to use, or "Default" to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()} 066 */ 067 public void setAlgorithm(String algorithm) { 068 // cache the value so the null 069 this.algorithm = algorithm; 070 if ("default".equalsIgnoreCase(algorithm)) { 071 algorithm = KeyManagerFactory.getDefaultAlgorithm(); 072 } 073 https.setSslKeyManagerFactoryAlgorithm(algorithm); 074 } 075 076 public String getSecureProtocol() { 077 return https.getProtocol(); 078 } 079 080 public void setSecureProtocol(String protocol) { 081 https.setProtocol(protocol); 082 } 083 084 public void setClientAuthRequired(boolean needClientAuth) { 085 https.setNeedClientAuth(needClientAuth); 086 } 087 088 public boolean isClientAuthRequired() { 089 return https.getNeedClientAuth(); 090 } 091 092 public void setClientAuthRequested(boolean wantClientAuth) { 093 https.setWantClientAuth(wantClientAuth); 094 } 095 096 public boolean isClientAuthRequested() { 097 return https.getWantClientAuth(); 098 } 099 100 public void setKeyStore(String keyStore) { 101 https.setKeyStore(keyStore); 102 } 103 104 public String getKeyStore() { 105 return https.getKeyStore(); 106 } 107 108 public void setTrustStore(String trustStore) { 109 https.setTrustStore(trustStore); 110 } 111 112 public String getTrustStore() { 113 return https.getTrustStore(); 114 } 115 116 public void setKeyAlias(String keyAlias) { 117 https.setKeyAlias(keyAlias); 118 } 119 120 public String getKeyAlias() { 121 return https.getKeyAlias(); 122 } 123 124 //TODO does this make sense??? 125 public void setRedirectPort(int port) { 126 SelectChannelConnector socketListener = (SelectChannelConnector) listener; 127 socketListener.setConfidentialPort(port); 128 socketListener.setIntegralPort(port); 129 socketListener.setIntegralScheme("https"); 130 socketListener.setConfidentialScheme("https"); 131 } 132 133 public static final GBeanInfo GBEAN_INFO; 134 135 static { 136 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("Jetty Select Channel Connector HTTPS", HTTPSSelectChannelConnector.class, JettyConnector.GBEAN_INFO); 137 infoFactory.addAttribute("algorithm", String.class, true, true); 138 infoFactory.addAttribute("secureProtocol", String.class, true, true); 139 infoFactory.addAttribute("keyStore", String.class, true, true); 140 infoFactory.addAttribute("keyAlias", String.class, true, true); 141 infoFactory.addAttribute("trustStore", String.class, true, true); 142 infoFactory.addAttribute("clientAuthRequired", boolean.class, true, true); 143 infoFactory.addAttribute("clientAuthRequested", boolean.class, true, true); 144 infoFactory.addReference("KeystoreManager", KeystoreManager.class, NameFactory.GERONIMO_SERVICE); 145 infoFactory.addInterface(JettySecureConnector.class); 146 infoFactory.setConstructor(new String[]{"JettyContainer", "ThreadPool", "KeystoreManager"}); 147 GBEAN_INFO = infoFactory.getBeanInfo(); 148 } 149 150 public static GBeanInfo getGBeanInfo() { 151 return GBEAN_INFO; 152 } 153 154 // ================= NO LONGER USED!!! ===================== 155 // todo: remove these from the SSL interface 156 157 public String getKeystoreFileName() { 158 return null; 159 } 160 161 public void setKeystoreFileName(String name) { 162 } 163 164 public void setKeystorePassword(String password) { 165 } 166 167 public String getKeystoreType() { 168 return null; 169 } 170 171 public void setKeystoreType(String type) { 172 } 173 }