001 /** 002 * Licensed to the Apache Software Foundation (ASF) under one or more 003 * contributor license agreements. See the NOTICE file distributed with 004 * this work for additional information regarding copyright ownership. 005 * The ASF licenses this file to You under the Apache License, Version 2.0 006 * (the "License"); you may not use this file except in compliance with 007 * the License. You may obtain a copy of the License at 008 * 009 * http://www.apache.org/licenses/LICENSE-2.0 010 * 011 * Unless required by applicable law or agreed to in writing, software 012 * distributed under the License is distributed on an "AS IS" BASIS, 013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 014 * See the License for the specific language governing permissions and 015 * limitations under the License. 016 */ 017 018 package org.apache.geronimo.jetty6.connector; 019 020 import javax.net.ssl.KeyManagerFactory; 021 import org.apache.geronimo.gbean.GBeanInfo; 022 import org.apache.geronimo.gbean.GBeanInfoBuilder; 023 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory; 024 import org.apache.geronimo.jetty6.JettyContainer; 025 import org.apache.geronimo.jetty6.JettySecureConnector; 026 import org.apache.geronimo.management.geronimo.KeystoreManager; 027 import org.apache.geronimo.management.geronimo.WebManager; 028 import org.apache.geronimo.system.threads.ThreadPool; 029 import org.mortbay.jetty.bio.SocketConnector; 030 031 /** 032 * Implementation of a HTTPS connector based on Jetty's SslConnector (which uses pure JSSE). 033 * 034 * @version $Rev: 543715 $ $Date: 2007-06-02 04:10:16 -0400 (Sat, 02 Jun 2007) $ 035 */ 036 public class HTTPSSocketConnector extends JettyConnector implements JettySecureConnector { 037 private final GeronimoSocketSSLListener https; 038 private String algorithm; 039 040 public HTTPSSocketConnector(JettyContainer container, ThreadPool threadPool, KeystoreManager keystoreManager) { 041 super(container, new GeronimoSocketSSLListener(keystoreManager), threadPool, "HTTPSSocketConnector"); 042 https = (GeronimoSocketSSLListener) listener; 043 } 044 045 public int getDefaultPort() { 046 return 443; 047 } 048 049 public String getProtocol() { 050 return WebManager.PROTOCOL_HTTPS; 051 } 052 053 public String getAlgorithm() { 054 return algorithm; 055 } 056 057 /** 058 * Algorithm to use. 059 * As different JVMs have different implementations available, the default algorithm can be used by supplying the value "Default". 060 * 061 * @param algorithm the algorithm to use, or "Default" to use the default from {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()} 062 */ 063 public void setAlgorithm(String algorithm) { 064 // cache the value so the null 065 this.algorithm = algorithm; 066 if ("default".equalsIgnoreCase(algorithm)) { 067 algorithm = KeyManagerFactory.getDefaultAlgorithm(); 068 } 069 https.setSslKeyManagerFactoryAlgorithm(algorithm); 070 } 071 072 public String getSecureProtocol() { 073 return https.getProtocol(); 074 } 075 076 public void setSecureProtocol(String protocol) { 077 https.setProtocol(protocol); 078 } 079 080 public void setClientAuthRequired(boolean needClientAuth) { 081 https.setNeedClientAuth(needClientAuth); 082 } 083 084 public boolean isClientAuthRequired() { 085 return https.getNeedClientAuth(); 086 } 087 088 public void setClientAuthRequested(boolean wantClientAuth) { 089 https.setWantClientAuth(wantClientAuth); 090 } 091 092 public boolean isClientAuthRequested() { 093 return https.getWantClientAuth(); 094 } 095 096 public void setKeyStore(String keyStore) { 097 https.setKeyStore(keyStore); 098 } 099 100 public String getKeyStore() { 101 return https.getKeyStore(); 102 } 103 104 public void setTrustStore(String trustStore) { 105 https.setTrustStore(trustStore); 106 } 107 108 public String getTrustStore() { 109 return https.getTrustStore(); 110 } 111 112 public void setKeyAlias(String keyAlias) { 113 https.setKeyAlias(keyAlias); 114 } 115 116 public String getKeyAlias() { 117 return https.getKeyAlias(); 118 } 119 120 //TODO does this make sense??? 121 public void setRedirectPort(int port) { 122 SocketConnector socketListener = (SocketConnector) listener; 123 socketListener.setConfidentialPort(port); 124 socketListener.setIntegralPort(port); 125 socketListener.setIntegralScheme("https"); 126 socketListener.setConfidentialScheme("https"); 127 } 128 129 public static final GBeanInfo GBEAN_INFO; 130 131 static { 132 GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic("Jetty Connector HTTPS", HTTPSSocketConnector.class, JettyConnector.GBEAN_INFO); 133 infoFactory.addAttribute("algorithm", String.class, true, true); 134 infoFactory.addAttribute("secureProtocol", String.class, true, true); 135 infoFactory.addAttribute("keyStore", String.class, true, true); 136 infoFactory.addAttribute("keyAlias", String.class, true, true); 137 infoFactory.addAttribute("trustStore", String.class, true, true); 138 infoFactory.addAttribute("clientAuthRequired", boolean.class, true, true); 139 infoFactory.addAttribute("clientAuthRequested", boolean.class, true, true); 140 infoFactory.addReference("KeystoreManager", KeystoreManager.class, NameFactory.GERONIMO_SERVICE); 141 infoFactory.addInterface(JettySecureConnector.class); 142 infoFactory.setConstructor(new String[]{"JettyContainer", "ThreadPool", "KeystoreManager"}); 143 GBEAN_INFO = infoFactory.getBeanInfo(); 144 } 145 146 public static GBeanInfo getGBeanInfo() { 147 return GBEAN_INFO; 148 } 149 150 // ================= NO LONGER USED!!! ===================== 151 // todo: remove these from the SSL interface 152 153 public String getKeystoreFileName() { 154 return null; 155 } 156 157 public void setKeystoreFileName(String name) { 158 } 159 160 public void setKeystorePassword(String password) { 161 } 162 163 public String getKeystoreType() { 164 return null; 165 } 166 167 public void setKeystoreType(String type) { 168 } 169 }