001    /*
002     * Licensed to the Apache Software Foundation (ASF) under one
003     * or more contributor license agreements.  See the NOTICE file
004     * distributed with this work for additional information
005     * regarding copyright ownership.  The ASF licenses this file
006     * to you under the Apache License, Version 2.0 (the
007     * "License"); you may not use this file except in compliance
008     * with the License.  You may obtain a copy of the License at
009     *
010     *  http://www.apache.org/licenses/LICENSE-2.0
011     *
012     * Unless required by applicable law or agreed to in writing,
013     * software distributed under the License is distributed on an
014     * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
015     * KIND, either express or implied.  See the License for the
016     * specific language governing permissions and limitations
017     * under the License.
018     */
019    
020    
021    package org.apache.geronimo.jetty6.connector;
022    
023    import javax.net.ssl.KeyManagerFactory;
024    
025    import org.apache.geronimo.gbean.GBeanInfo;
026    import org.apache.geronimo.gbean.GBeanInfoBuilder;
027    import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
028    import org.apache.geronimo.jetty6.JettyContainer;
029    import org.apache.geronimo.jetty6.JettySecureConnector;
030    import org.apache.geronimo.management.geronimo.KeystoreManager;
031    import org.apache.geronimo.management.geronimo.WebManager;
032    import org.apache.geronimo.system.threads.ThreadPool;
033    import org.mortbay.jetty.nio.SelectChannelConnector;
034    
035    /**
036     * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE).
037     *
038     * @version $Rev: 562301 $ $Date: 2007-08-02 20:28:32 -0400 (Thu, 02 Aug 2007) $
039     */
040    public class HTTPSSelectChannelConnector extends JettyConnector implements JettySecureConnector {
041        private final GeronimoSelectChannelSSLListener https;
042        private String algorithm;
043    
044        public HTTPSSelectChannelConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager) {
045            super(container, new GeronimoSelectChannelSSLListener(keystoreManager), threadPool, "HTTPSSelectChannelConnector");
046            https = (GeronimoSelectChannelSSLListener) listener;
047        }
048    
049        public int getDefaultPort() {
050            return 443;
051        }
052    
053        public String getProtocol() {
054            return WebManager.PROTOCOL_HTTPS;
055        }
056    
057        public String getAlgorithm() {
058            return algorithm;
059        }
060    
061        /**
062         * Algorithm to use.
063         * As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default".
064         *
065         * @param algorithm the algorithm to use, or "Default" to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()}
066         */
067        public void setAlgorithm(String algorithm) {
068            // cache the value so the null
069            this.algorithm = algorithm;
070            if ("default".equalsIgnoreCase(algorithm)) {
071                algorithm = KeyManagerFactory.getDefaultAlgorithm();
072            }
073            https.setSslKeyManagerFactoryAlgorithm(algorithm);
074        }
075    
076        public String getSecureProtocol() {
077            return https.getProtocol();
078        }
079    
080        public void setSecureProtocol(String protocol) {
081            https.setProtocol(protocol);
082        }
083    
084        public void setClientAuthRequired(boolean needClientAuth) {
085            https.setNeedClientAuth(needClientAuth);
086        }
087    
088        public boolean isClientAuthRequired() {
089            return https.getNeedClientAuth();
090        }
091    
092        public void setClientAuthRequested(boolean wantClientAuth) {
093            https.setWantClientAuth(wantClientAuth);
094        }
095    
096        public boolean isClientAuthRequested() {
097            return https.getWantClientAuth();
098        }
099    
100        public void setKeyStore(String keyStore) {
101            https.setKeyStore(keyStore);
102        }
103    
104        public String getKeyStore() {
105            return https.getKeyStore();
106        }
107    
108        public void setTrustStore(String trustStore) {
109            https.setTrustStore(trustStore);
110        }
111    
112        public String getTrustStore() {
113            return https.getTrustStore();
114        }
115    
116        public void setKeyAlias(String keyAlias) {
117            https.setKeyAlias(keyAlias);
118        }
119    
120        public String getKeyAlias() {
121            return https.getKeyAlias();
122        }
123    
124        //TODO does this make sense???
125        public void setRedirectPort(int port) {
126            SelectChannelConnector socketListener = (SelectChannelConnector) listener;
127            socketListener.setConfidentialPort(port);
128            socketListener.setIntegralPort(port);
129            socketListener.setIntegralScheme("https");
130            socketListener.setConfidentialScheme("https");
131        }
132    
133        public static final GBeanInfo GBEAN_INFO;
134    
135        static {
136            GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("Jetty Select Channel Connector HTTPS", HTTPSSelectChannelConnector.class, JettyConnector.GBEAN_INFO);
137            infoFactory.addAttribute("algorithm", String.class, true, true);
138            infoFactory.addAttribute("secureProtocol", String.class, true, true);
139            infoFactory.addAttribute("keyStore", String.class, true, true);
140            infoFactory.addAttribute("keyAlias", String.class, true, true);
141            infoFactory.addAttribute("trustStore", String.class, true, true);
142            infoFactory.addAttribute("clientAuthRequired", boolean.class, true, true);
143            infoFactory.addAttribute("clientAuthRequested", boolean.class, true, true);
144            infoFactory.addReference("KeystoreManager", KeystoreManager.class, NameFactory.GERONIMO_SERVICE);
145            infoFactory.addInterface(JettySecureConnector.class);
146            infoFactory.setConstructor(new String[]{"JettyContainer", "ThreadPool", "KeystoreManager"});
147            GBEAN_INFO = infoFactory.getBeanInfo();
148        }
149    
150        public static GBeanInfo getGBeanInfo() {
151            return GBEAN_INFO;
152        }
153    
154        // ================= NO LONGER USED!!! =====================
155        // todo: remove these from the SSL interface
156    
157        public String getKeystoreFileName() {
158            return null;
159        }
160    
161        public void setKeystoreFileName(String name) {
162        }
163    
164        public void setKeystorePassword(String password) {
165        }
166    
167        public String getKeystoreType() {
168            return null;
169        }
170    
171        public void setKeystoreType(String type) {
172        }
173    }