Java 类io.vertx.core.http.ClientAuth 实例源码

项目:incubator-servicecomb-java-chassis    文件:TestVertxTLSBuilder.java   
@Test
public void testbuildHttpServerOptionsRequest() {
  SSLOption option = SSLOption.buildFromYaml("rest.provider");
  SSLCustom custom = SSLCustom.createSSLCustom(option.getSslCustomClass());
  HttpServerOptions serverOptions = new HttpServerOptions();

  new MockUp<SSLOption>() {

    @Mock
    public boolean isAuthPeer() {
      return false;
    }
  };
  VertxTLSBuilder.buildNetServerOptions(option, custom, serverOptions);
  Assert.assertEquals(serverOptions.getEnabledSecureTransportProtocols().toArray().length, 1);
  Assert.assertEquals(serverOptions.getClientAuth(), ClientAuth.REQUEST);
}
项目:etagate    文件:OutServerVerticle.java   
private HttpServerOptions configSSL(JsonObject conf) {
    String ssl_keystore= conf.getString("ssl.keystore");
    String keystore_pass = conf.getString("ssl.keystore.pass");

    String ssl_client_keystore= conf.getString("ssl.client.keystore");
    String client_keystore_pass = conf.getString("ssl.client.keystore.pass");       

    HttpServerOptions options = new HttpServerOptions();
    options.setCompressionSupported(true);

    if(S.isNotBlank(ssl_keystore) && S.isNotBlank(keystore_pass)){
        options.setSsl(true).setKeyStoreOptions(
                new JksOptions().setPath(ssl_keystore).setPassword(keystore_pass));

        if(S.isNotBlank(ssl_client_keystore) && S.isNotBlank(client_keystore_pass))
            options.setClientAuth(ClientAuth.REQUIRED).setTrustStoreOptions(
                new JksOptions().setPath(ssl_client_keystore).setPassword(client_keystore_pass));
    }
    return options;
}
项目:DAVe    文件:ApiVerticle.java   
private void setSsl(HttpServerOptions httpServerOptions) {
    ApiConfig.SslConfig sslConfig = config.getSsl();
    if (!sslConfig.isEnable()) {
        return;
    }
    httpServerOptions.setSsl(true);
    PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions()
            .setKeyValue(Buffer.buffer(sslConfig.getSslKey()))
            .setCertValue(Buffer.buffer(sslConfig.getSslCert()));
    httpServerOptions.setPemKeyCertOptions(pemKeyCertOptions);

    PemTrustOptions pemTrustOptions = new PemTrustOptions();
    Arrays.stream(sslConfig.getSslTrustCerts())
            .map(Object::toString)
            .forEach(trustKey -> pemTrustOptions.addCertValue(Buffer.buffer(trustKey)));
    if (!pemTrustOptions.getCertValues().isEmpty()) {
        httpServerOptions.setPemTrustOptions(pemTrustOptions);
        ClientAuth clientAuth = sslConfig.isSslRequireClientAuth() ?
                ClientAuth.REQUIRED : ClientAuth.REQUEST;
        httpServerOptions.setClientAuth(clientAuth);
    }
}
项目:ipf-oht-atna    文件:TCPSyslogServer.java   
public TCPSyslogServer(int port, String clientAuth,
                       String trustStorePath, String trustStorePassword,
                       String keyStorePath, String keyStorePassword,
                       Async async){
    this.port = port;
    this.async = async;
    nsOptions = new NetServerOptions()
            .setReuseAddress(true)
            .setHost("localhost")
            .setClientAuth(ClientAuth.valueOf(clientAuth))
            .setTrustStoreOptions(trustStorePath != null? new JksOptions().
                    setPath(trustStorePath).
                    setPassword(trustStorePassword): null)
            .setKeyStoreOptions(keyStorePath != null? new JksOptions().
                    setPath(keyStorePath).
                    setPassword(keyStorePassword): null)
            .setSsl(true);
}
项目:incubator-servicecomb-java-chassis    文件:VertxTLSBuilder.java   
public static NetServerOptions buildNetServerOptions(SSLOption sslOption, SSLCustom sslCustom,
    NetServerOptions netServerOptions) {
  buildTCPSSLOptions(sslOption, sslCustom, netServerOptions);
  if (sslOption.isAuthPeer()) {
    netServerOptions.setClientAuth(ClientAuth.REQUIRED);
  } else {
    netServerOptions.setClientAuth(ClientAuth.REQUEST);
  }
  return netServerOptions;
}
项目:incubator-servicecomb-java-chassis    文件:TestVertxTLSBuilder.java   
@Test
public void testbuildHttpServerOptions() {
  SSLOption option = SSLOption.buildFromYaml("rest.provider");
  SSLCustom custom = SSLCustom.createSSLCustom(option.getSslCustomClass());
  HttpServerOptions serverOptions = new HttpServerOptions();
  VertxTLSBuilder.buildNetServerOptions(option, custom, serverOptions);
  Assert.assertEquals(serverOptions.getEnabledSecureTransportProtocols().toArray().length, 1);
  Assert.assertEquals(serverOptions.getClientAuth(), ClientAuth.REQUEST);
}
项目:hono    文件:AbstractServiceBase.java   
/**
 * Copies TLS trust store configuration to a given set of server options.
 * <p>
 * The trust store configuration is taken from <em>config</em> and will
 * be added only if the <em>ssl</em> flag is set on the given server options.
 * 
 * @param serverOptions The options to add configuration to.
 */
protected final void addTlsTrustOptions(final NetServerOptions serverOptions) {

    if (serverOptions.isSsl() && serverOptions.getTrustOptions() == null) {

        TrustOptions trustOptions = getConfig().getTrustOptions();
        if (trustOptions != null) {
            serverOptions.setTrustOptions(trustOptions).setClientAuth(ClientAuth.REQUEST);
            LOG.info("enabling TLS for client authentication");
        }
    }
}
项目:enmasse    文件:Main.java   
private static ProtonServerOptions createOptionsForTls(final String certDir) {
    ProtonServerOptions options = new ProtonServerOptions();
    PemKeyCertOptions pemKeyCertOptions = new PemKeyCertOptions();
    pemKeyCertOptions.setCertPath(certDir + File.separator + "tls.crt");
    pemKeyCertOptions.setKeyPath(certDir + File.separator + "tls.key");
    options.setPemKeyCertOptions(pemKeyCertOptions);
    options.setClientAuth(ClientAuth.REQUIRED);
    options.setSsl(true);
    PemTrustOptions pemTrustOptions = new PemTrustOptions();
    pemTrustOptions.addCertPath(certDir + File.separator + "ca.crt");
    options.setPemTrustOptions(pemTrustOptions);
    return options;
}
项目:gravitee-gateway    文件:VertxHttpServerFactory.java   
@Override
public HttpServer getObject() throws Exception {
    HttpServerOptions options = new HttpServerOptions();

    // Binding port
    options.setPort(httpServerConfiguration.getPort());
    options.setHost(httpServerConfiguration.getHost());

    // Netty pool buffers must be enabled by default
    options.setUsePooledBuffers(true);

    if (httpServerConfiguration.isSecured()) {
        options.setSsl(httpServerConfiguration.isSecured());
        options.setUseAlpn(httpServerConfiguration.isAlpn());

        if (httpServerConfiguration.isClientAuth()) {
            options.setClientAuth(ClientAuth.REQUIRED);
        }

        if (httpServerConfiguration.getTrustStorePath() != null) {
            options.setTrustStoreOptions(new JksOptions()
                    .setPath(httpServerConfiguration.getTrustStorePath())
                    .setPassword(httpServerConfiguration.getTrustStorePassword()));
        }

        if (httpServerConfiguration.getKeyStorePath() != null) {
            options.setKeyStoreOptions(new JksOptions()
                    .setPath(httpServerConfiguration.getKeyStorePath())
                    .setPassword(httpServerConfiguration.getKeyStorePassword()));
        }
    }

    // Customizable configuration
    options.setCompressionSupported(httpServerConfiguration.isCompressionSupported());
    options.setIdleTimeout(httpServerConfiguration.getIdleTimeout());
    options.setTcpKeepAlive(httpServerConfiguration.isTcpKeepAlive());

    return vertx.createHttpServer(options);
}
项目:vertx-proton    文件:ProtonClientSslTest.java   
private void doClientCertificateTestImpl(TestContext context, boolean supplyClientCert) throws InterruptedException,
                                                                                        ExecutionException {
  Async async = context.async();

  // Create a server that accept a connection and expects a client connection+session+receiver
  ProtonServerOptions serverOptions = new ProtonServerOptions();
  serverOptions.setSsl(true);
  serverOptions.setClientAuth(ClientAuth.REQUIRED);
  PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD);
  serverOptions.setPfxKeyCertOptions(serverPfxOptions);

  PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD);
  serverOptions.setPfxTrustOptions(pfxOptions);

  protonServer = createServer(serverOptions, this::handleClientConnectionSessionReceiverOpen);

  // Try to connect the client
  ProtonClientOptions clientOptions = new ProtonClientOptions();
  clientOptions.setSsl(true);
  clientOptions.setPfxTrustOptions(pfxOptions);

  if (supplyClientCert) {
    PfxOptions clientKeyPfxOptions = new PfxOptions().setPath(KEYSTORE_CLIENT).setPassword(PASSWORD);
    clientOptions.setPfxKeyCertOptions(clientKeyPfxOptions);
  }

  ProtonClient client = ProtonClient.create(vertx);
  client.connect(clientOptions, "localhost", protonServer.actualPort(), res -> {
    if (supplyClientCert) {
      // Expect connect to succeed
      context.assertTrue(res.succeeded());
    } else {
      // Expect connect to fail
      context.assertFalse(res.succeeded());
    }
    async.complete();
  });

  async.awaitSuccess();
}
项目:enmasse    文件:QueueScheduler.java   
@Override
public void start() {
    ProtonServerOptions options = new ProtonServerOptions();
    if (certDir != null) {
        options.setSsl(true)
            .setClientAuth(ClientAuth.REQUIRED)
            .setPemKeyCertOptions(new PemKeyCertOptions()
                    .setKeyPath(new File(certDir, "tls.key").getAbsolutePath())
                    .setCertPath(new File(certDir, "tls.crt").getAbsolutePath()))
            .setPemTrustOptions(new PemTrustOptions()
                    .addCertPath(new File(certDir, "ca.crt").getAbsolutePath()));
    }

    server = ProtonServer.create(vertx, options);
    server.saslAuthenticatorFactory(saslAuthenticatorFactory);
    server.connectHandler(connection -> {
        connection.setContainer("queue-scheduler");
        connection.openHandler(result -> {
            connection.open();
            connectionOpened(connection);
        }).closeHandler(conn -> {
            log.info("Broker connection " + connection.getRemoteContainer() + " closed");
            executeBlocking(() -> schedulerState.brokerRemoved(getGroupId(connection), connection.getRemoteContainer()),
                    "Error removing broker");
            connection.close();
            connection.disconnect();
        }).disconnectHandler(protonConnection -> {
            log.info("Broker connection " + connection.getRemoteContainer() + " disconnected");
            executeBlocking(() -> schedulerState.brokerRemoved(getGroupId(connection), connection.getRemoteContainer()),
                    "Error removing broker");
            connection.disconnect();
        });
    });

    server.listen(port, event -> {
        if (event.succeeded()) {
            log.info("QueueScheduler is up and running");
        } else {
            log.error("Error starting queue scheduler", event.cause());
        }
    });
}
项目:vertx-shell    文件:HttpTermOptions.java   
@Override
public HttpTermOptions setClientAuth(ClientAuth clientAuth) {
  return (HttpTermOptions) super.setClientAuth(clientAuth);
}
项目:vertx-amqp-bridge    文件:AmqpBridgeSslTest.java   
private void doClientCertificateTestImpl(TestContext context, boolean supplyClientCert) throws InterruptedException,
                                                                                        ExecutionException {
  Async async = context.async();

  ProtonServerOptions serverOptions = new ProtonServerOptions();
  serverOptions.setSsl(true);
  serverOptions.setClientAuth(ClientAuth.REQUIRED);
  PfxOptions serverPfxOptions = new PfxOptions().setPath(KEYSTORE).setPassword(PASSWORD);
  serverOptions.setPfxKeyCertOptions(serverPfxOptions);

  PfxOptions pfxOptions = new PfxOptions().setPath(TRUSTSTORE).setPassword(PASSWORD);
  serverOptions.setPfxTrustOptions(pfxOptions);

  mockServer = new MockServer(vertx, conn -> {
    handleBridgeStartupProcess(conn, context);
  }, serverOptions);

  // Try to start the bridge
  AmqpBridgeOptions bridgeOptions = new AmqpBridgeOptions();
  bridgeOptions.setSsl(true);
  bridgeOptions.setPfxTrustOptions(pfxOptions);

  if (supplyClientCert) {
    PfxOptions clientKeyPfxOptions = new PfxOptions().setPath(KEYSTORE_CLIENT).setPassword(PASSWORD);
    bridgeOptions.setPfxKeyCertOptions(clientKeyPfxOptions);
  }

  AmqpBridge bridge = AmqpBridge.create(vertx, bridgeOptions);
  bridge.start("localhost", mockServer.actualPort(), res -> {
    if (supplyClientCert) {
      // Expect start to succeed
      context.assertTrue(res.succeeded(), "expected start to suceed due to supplying client certs");
    } else {
      // Expect start to fail
      context.assertFalse(res.succeeded(), "expected start to fail due to withholding client cert");
    }
    async.complete();
  });

  async.awaitSuccess();
}
项目:vertx-proton    文件:ProtonServerOptions.java   
@Override
public ProtonServerOptions setClientAuth(ClientAuth clientAuth) {
  super.setClientAuth(clientAuth);
  return this;
}
项目:vertx-mqtt-broker    文件:EventBusBridgeServerVerticle.java   
@Override
public void start() throws Exception {
    address = MQTTSession.ADDRESS;

    JsonObject conf = config();

    localBridgePort = conf.getInteger("local_bridge_port", 7007);
    idleTimeout = conf.getInteger("socket_idle_timeout", 120);
    ssl_cert_key = conf.getString("ssl_cert_key");
    ssl_cert = conf.getString("ssl_cert");
    ssl_trust = conf.getString("ssl_trust");


    // [TCP -> BUS] listen TCP publish to BUS
    NetServerOptions opt = new NetServerOptions()
            .setTcpKeepAlive(true)
            .setIdleTimeout(idleTimeout)
            .setPort(localBridgePort)
    ;

    if(ssl_cert_key != null && ssl_cert != null && ssl_trust != null) {
        opt.setSsl(true).setClientAuth(ClientAuth.REQUIRED)
            .setPemKeyCertOptions(new PemKeyCertOptions()
                .setKeyPath(ssl_cert_key)
                .setCertPath(ssl_cert)
            )
            .setPemTrustOptions(new PemTrustOptions()
                .addCertPath(ssl_trust)
            )
        ;
    }

    netServer = vertx.createNetServer(opt);
    netServer.connectHandler(sock -> {
        final EventBusNetBridge ebnb = new EventBusNetBridge(sock, vertx.eventBus(), address);
        sock.closeHandler(aVoid -> {
            logger.info("Bridge Server - closed connection from client ip: " + sock.remoteAddress());
            ebnb.stop();
        });
        sock.exceptionHandler(throwable -> {
            logger.error("Bridge Server - Exception: " + throwable.getMessage(), throwable);
            ebnb.stop();
        });

        logger.info("Bridge Server - new connection from client ip: " + sock.remoteAddress());

        RecordParser parser = ebnb.initialHandhakeProtocolParser();
        sock.handler(parser::handle);

    }).listen();
}
项目:vertx-mqtt-broker    文件:EventBusBridgeWebsocketServerVerticle.java   
@Override
public void start() throws Exception {
    address = MQTTSession.ADDRESS;

    JsonObject conf = config();

    localBridgePort = conf.getInteger("local_bridge_port", 7007);
    idleTimeout = conf.getInteger("socket_idle_timeout", 120);
    ssl_cert_key = conf.getString("ssl_cert_key");
    ssl_cert = conf.getString("ssl_cert");
    ssl_trust = conf.getString("ssl_trust");


    // [WebSocket -> BUS] listen WebSocket publish to BUS
    HttpServerOptions opt = new HttpServerOptions()
            .setTcpKeepAlive(true)
            .setIdleTimeout(idleTimeout)
            .setPort(localBridgePort)
    ;

    if(ssl_cert_key != null && ssl_cert != null && ssl_trust != null) {
        opt.setSsl(true).setClientAuth(ClientAuth.REQUIRED)
            .setPemKeyCertOptions(new PemKeyCertOptions()
                .setKeyPath(ssl_cert_key)
                .setCertPath(ssl_cert)
            )
            .setPemTrustOptions(new PemTrustOptions()
                .addCertPath(ssl_trust)
            )
        ;
    }

    netServer = vertx.createHttpServer(opt);
    netServer.websocketHandler(sock -> {
        final EventBusWebsocketBridge ebnb = new EventBusWebsocketBridge(sock, vertx.eventBus(), address);
        sock.closeHandler(aVoid -> {
            logger.info("Bridge Server - closed connection from client ip: " + sock.remoteAddress());
            ebnb.stop();
        });
        sock.exceptionHandler(throwable -> {
            logger.error("Bridge Server - Exception: " + throwable.getMessage(), throwable);
            ebnb.stop();
        });

        logger.info("Bridge Server - new connection from client ip: " + sock.remoteAddress());

        RecordParser parser = ebnb.initialHandhakeProtocolParser();
        sock.handler(parser::handle);

    }).listen();
}
项目:wisdom    文件:Server.java   
private void bind(int p, Handler<AsyncResult<Void>> completion) {
    // Get port number.
    final int thePort = pickAPort(port);
    HttpServerOptions options = new HttpServerOptions();
    if (ssl) {
        options.setSsl(true);
        options.setTrustStoreOptions(SSLServerContext.getTrustStoreOption(accessor));
        options.setKeyStoreOptions(SSLServerContext.getKeyStoreOption(accessor));
        if (authentication) {
            options.setClientAuth(ClientAuth.REQUIRED);
        }
    }

    if (hasCompressionEnabled()) {
        options.setCompressionSupported(true);
    }

    if (configuration.getIntegerWithDefault("vertx.acceptBacklog", -1) != -1) {
        options.setAcceptBacklog(configuration.getInteger("vertx.acceptBacklog"));
    }
    if (configuration.getIntegerWithDefault("vertx.maxWebSocketFrameSize", -1) != -1) {
        options.setMaxWebsocketFrameSize(configuration.getInteger("vertx.maxWebSocketFrameSize"));
    }
    if (configuration.getStringArray("wisdom.websocket.subprotocols").length > 0) {
        options.setWebsocketSubProtocols(configuration.get("wisdom.websocket.subprotocols"));
    }
    if (configuration.getStringArray("vertx.websocket-subprotocols").length > 0) {
        options.setWebsocketSubProtocols(configuration.get("vertx.websocket-subprotocols"));
    }
    if (configuration.getIntegerWithDefault("vertx.receiveBufferSize", -1) != -1) {
        options.setReceiveBufferSize(configuration.getInteger("vertx.receiveBufferSize"));
    }
    if (configuration.getIntegerWithDefault("vertx.sendBufferSize", -1) != -1) {
        options.setSendBufferSize(configuration.getInteger("vertx.sendBufferSize"));
    }

    http = vertx.createHttpServer(options)
            .requestHandler(new HttpHandler(vertx, accessor, this))
            .websocketHandler(new WebSocketHandler(accessor, this));

    http.listen(thePort, host, event -> {
        if (event.succeeded()) {
            logger.info("Wisdom is going to serve HTTP requests on port {}.", thePort);
            port = thePort;
            completion.handle(Future.succeededFuture());
        } else if (port == 0) {
            logger.debug("Cannot bind on port {} (port already used probably)", thePort, event.cause());
            bind(0, completion);
        } else {
            logger.error("Cannot bind on port {} (port already used probably)", thePort, event.cause());
            completion.handle(Future.failedFuture("Cannot bind on port " + thePort));
        }
    });
}