/** * Creates a server connector. * * If an HTTPS key store is configured, returns a SSL connector for HTTPS. * * Otherwise, returns a normal HTTP connector by default. * * @param server The server. * @return The server connector. */ @SuppressWarnings("squid:S2095") private ServerConnector createConnector(final Server server) { final String keyStorePath = (String) configuration.get(MinijaxProperties.SSL_KEY_STORE_PATH); if (keyStorePath == null || keyStorePath.isEmpty()) { // Normal HTTP return new ServerConnector(server); } final String keyStorePassword = (String) configuration.get(MinijaxProperties.SSL_KEY_STORE_PASSWORD); final String keyManagerPassword = (String) configuration.get(MinijaxProperties.SSL_KEY_MANAGER_PASSWORD); final HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(Minijax.class.getClassLoader().getResource(keyStorePath).toExternalForm()); sslContextFactory.setKeyStorePassword(keyStorePassword); sslContextFactory.setKeyManagerPassword(keyManagerPassword); return new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); }
private void setupSSL(Server server,HttpConfiguration http_config) { SslContextFactory sslContextFactory = new SslContextFactory(); if (sslKeyStoreFile!=null) sslContextFactory.setKeyStorePath(sslKeyStoreFile); else if (sslKeyStore!=null) sslContextFactory.setKeyStore(sslKeyStore); else { log.log(Level.SEVERE,"Error while configuring SSL connection. Missing KeyStore!"); return; } sslContextFactory.setKeyStorePassword(new String(sslKeyStorePassword)); sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); sslConnector.setPort(daemonPortSecure); server.addConnector(sslConnector); }
public void start() throws Exception { URL keystoreUrl = IntegrationTestServer.class.getClassLoader().getResource("keystore.jks"); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystoreUrl.getPath()); sslContextFactory.setKeyStorePassword("keystore"); SecureRequestCustomizer src = new SecureRequestCustomizer(); HttpConfiguration httpsConfiguration = new HttpConfiguration(); httpsConfiguration.setSecureScheme("https"); httpsConfiguration.addCustomizer(src); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfiguration)); https.setPort(this.httpsPort); this.server.setConnectors(new Connector[] { https }); ResourceConfig resourceConfig = new ResourceConfig(this.resourceClass); ServletContainer servletContainer = new ServletContainer(resourceConfig); ServletHolder servletHolder = new ServletHolder(servletContainer); ServletContextHandler servletContextHandler = new ServletContextHandler(server, "/*"); servletContextHandler.addServlet(servletHolder, "/*"); this.server.start(); }
@Override public void customize(Server server) { // HTTPS Configuration HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setSecureScheme("https"); httpsConfig.setSecurePort(8443); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Context Factory for HTTPS and HTTP/2 SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStoreResource(newClassPathResource("keystore")); sslContextFactory.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"); sslContextFactory.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g"); sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR); // SSL Connection Factory SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, "h2"); // HTTP/2 Connector ServerConnector http2Connector = new ServerConnector(server, ssl, new HTTP2ServerConnectionFactory(httpsConfig)); http2Connector.setPort(8443); server.addConnector(http2Connector); }
public static void addHttpsConnector(Server server, int port) throws IOException, URISyntaxException { String keyStoreFile = resourceAsFile("ssltest-keystore.jks").getAbsolutePath(); SslContextFactory sslContextFactory = new SslContextFactory(keyStoreFile); sslContextFactory.setKeyStorePassword("changeit"); String trustStoreFile = resourceAsFile("ssltest-cacerts.jks").getAbsolutePath(); sslContextFactory.setTrustStorePath(trustStoreFile); sslContextFactory.setTrustStorePassword("changeit"); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.setSecureScheme("https"); httpsConfig.setSecurePort(port); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector connector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); connector.setPort(port); server.addConnector(connector); }
@BeforeClass public static void startHttpsServer() throws Exception { skipIfHeadlessEnvironment(); server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(ErrorCases.class.getResource("keystore").getPath()); sslContextFactory.setKeyStorePassword("activeeon"); HttpConfiguration httpConfig = new HttpConfiguration(); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new ConnectionFactory[] { new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig) }); server.addConnector(sslConnector); server.start(); serverUrl = "https://localhost:" + sslConnector.getLocalPort() + "/rest"; }
/** * Create ssl connector if https is used * @return */ private ServerConnector sslConnector() { HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(this.getPort()); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(this.getCertKeyStorePath()); sslContextFactory.setKeyStorePassword(this.getCertKeyStorePassword()); //exclude weak ciphers sslContextFactory.setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$"); //only support tlsv1.2 sslContextFactory.addExcludeProtocols("SSL", "SSLv2", "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1"); ServerConnector connector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config)); connector.setPort(this.getPort()); connector.setIdleTimeout(50000); return connector; }
public void setupSslServer(int port, SslContextFactory sslContextFactory) { if (_server != null && port > 0) { try { HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector( _server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https)); sslConnector.setPort(port); _server.addConnector(sslConnector); LOG.info("Helix SSL rest server is ready to start."); } catch (Exception ex) { LOG.error("Failed to setup Helix SSL rest server, " + ex); } } }
@Override public void startSSL(String keyStoreLocation, String keyStorePassword) throws Exception { Server server = new Server(); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keyStoreLocation); sslContextFactory.setKeyStorePassword(keyStorePassword); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); https.setHost(host); https.setPort(port); server.setConnectors(new Connector[]{https}); configureContextHandler(server); startServer(server); }
private ServerConnector createSSLConnector() { SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(m_keystore); sslContextFactory.setKeyStorePassword(m_keystorepassword); sslContextFactory.setTrustStorePath(m_truststore); sslContextFactory.setTrustStorePassword(m_truststorepassword); sslContextFactory.setNeedClientAuth(m_clientauthentication); sslContextFactory.setIncludeCipherSuites(m_tls_cipher_suites); HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); SslConnectionFactory sslConnFactory = new SslConnectionFactory(sslContextFactory, "http/1.1"); HttpConnectionFactory httpConnFactory = new HttpConnectionFactory(https_config); ServerConnector sslConnector = new ServerConnector(m_jettyServer, sslConnFactory, httpConnFactory); return sslConnector; }
private ServerConnector httpsConnector(HttpConfiguration httpConfig) { // === jetty-https.xml === // SSL Context Factory SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(CONFIG.getJetty().getKeyStorePath()); sslContextFactory.setKeyStorePassword(CONFIG.getJetty().getKeyStorePassword()); sslContextFactory.setKeyManagerPassword(CONFIG.getJetty().getKeyStorePassword()); sslContextFactory.setExcludeCipherSuites( "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); // SSL HTTP Configuration HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Connector ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setHost(CONFIG.getJetty().getServerHost()); https.setPort(CONFIG.getJetty().getHttpsPort()); https.setIdleTimeout(IDLE_TIMEOUT); return https; }
@Override public ServerConnector getConnector(Server server, SslContextFactory sslContextFactory, int port) { HttpConfiguration config = new HttpConfiguration(); config.addCustomizer(new SecureRequestCustomizer()); HttpConnectionFactory connectionFactory = new HttpConnectionFactory(config); SslConnectionFactory sslConnectionFactory = new SslConnectionFactory( sslContextFactory, HttpVersion.HTTP_1_1.asString()); ServerConnector serverConnector = new ServerConnector(server, sslConnectionFactory, connectionFactory); serverConnector.setPort(port); return serverConnector; }
private Server initServerForContextualCallbacks(AuthServerProperties properties) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { ContextualCallbackHandler contextualCallbackHandler = new ContextualCallbackHandler(this); Server serverForContextualCallbacks = new Server(); serverForContextualCallbacks.setHandler(contextualCallbackHandler); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setPersistentConnectionsEnabled(true); httpConfig.setSecureScheme("https"); // time out with out keep alive messages? //httpConfig.setBlockingTimeout(); httpConfig.addCustomizer(new SecureRequestCustomizer()); //new SSL ServerConnector connector = new ServerConnector(serverForContextualCallbacks, new HttpConnectionFactory(httpConfig)); connector.setPort(properties.getTrustedAuthPort()); // Idle time out for keep alive connections // time out with out requests? connector.setIdleTimeout(properties.getTrustedAuthPortIdleTimeout()); serverForContextualCallbacks.setConnectors(new org.eclipse.jetty.server.Connector[]{connector}); return serverForContextualCallbacks; }
private Server createServer(URI endpointURI, boolean needClientAuth) { if ("ws".equals(endpointURI.getScheme())) { return new Server(endpointURI.getPort()); } else if ("wss".equals(endpointURI.getScheme())) { // see http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/ManyConnectors.java // http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/examples/embedded/src/main/java/org/eclipse/jetty/embedded/LikeJettyXml.java Server server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(getStorePath("serverKeyStore.jks")); sslContextFactory.setKeyStorePassword("passw0rd"); sslContextFactory.setKeyManagerPassword("passw0rd"); sslContextFactory.setCertAlias("default"); sslContextFactory.setNeedClientAuth(needClientAuth); sslContextFactory.setTrustStorePath(getStorePath("serverTrustStore.jks")); sslContextFactory.setTrustStorePassword("passw0rd"); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector https= new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); https.setPort(endpointURI.getPort()); server.addConnector(https); return server; } else throw new IllegalArgumentException("unrecognized uri: "+endpointURI); }
private HttpConnectionFactory newHttpConnectionFactory() { HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSendDateHeader(true); httpConfig.setSendServerVersion(false); httpConfig.setSendXPoweredBy(false); httpConfig.setHeaderCacheSize(connectorConfig.headerCacheSize()); httpConfig.setOutputBufferSize(connectorConfig.outputBufferSize()); httpConfig.setRequestHeaderSize(connectorConfig.requestHeaderSize()); httpConfig.setResponseHeaderSize(connectorConfig.responseHeaderSize()); if (connectorConfig.ssl().enabled()) { httpConfig.addCustomizer(new SecureRequestCustomizer()); } return new HttpConnectionFactory(httpConfig); }
private void setupConnectors() { Configuration conf = Configuration.getInstance(); HttpConfiguration http = new HttpConfiguration(); http.addCustomizer(new SecureRequestCustomizer()); http.setSecureScheme("https"); ServerConnector connector = new ServerConnector(server); connector.addConnectionFactory(new HttpConnectionFactory(http)); connector.setPort(port); if(conf.getPropertyAsBoolean("ui.ssl.enabled", false)) { int httpsPort = conf.getPropertyAsInteger("ui.ssl.port", 443); http.setSecurePort(httpsPort); HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(conf.getProperty("ui.ssl.keystore.path")); sslContextFactory.setKeyStorePassword(conf.getProperty("ui.ssl.keystore.password")); sslContextFactory.setKeyManagerPassword(conf.getProperty("ui.ssl.keymanager.password")); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); sslConnector.setPort(httpsPort); server.addConnector(sslConnector); } server.addConnector(connector); }
public void run() { try { QueuedThreadPool threadPool = new QueuedThreadPool(); threadPool.setMaxThreads(16); Server server = new Server(threadPool); ServletContextHandler handler = new ServletContextHandler(); handler.setContextPath(""); ResourceConfig config = new ResourceConfig(InstanceProviderResources.class).register(new Binder()); handler.addServlet(new ServletHolder(new ServletContainer(config)), "/*"); server.setHandler(handler); // SSL Context Factory SslContextFactory sslContextFactory = createSSLContextObject(); // SSL HTTP Configuration HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(10043); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Connector ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(10043); server.addConnector(sslConnector); server.start(); server.join(); } catch (Exception e) { System.err.println("*** " + e); } }
private static HttpConfiguration createHttpConfiguration() { HttpConfiguration config = new HttpConfiguration(); config.setSecureScheme("https"); config.setSecurePort(SSL_PORT); config.setSendXPoweredBy(false); config.setSendServerVersion(false); config.addCustomizer(new SecureRequestCustomizer()); return config; }
@Override protected HttpConfiguration specializeHttp( HttpConfiguration httpConfig ) { HttpConfiguration httpsConfig = new HttpConfiguration( httpConfig ); httpsConfig.addCustomizer( new SecureRequestCustomizer() ); return httpsConfig; }
private Connector makeSslConnector(String keyStoreAlias, String keyStorePassword, String keyStorePath, int port) { HttpConfiguration httpConfig = buildHttpConfiguration(port); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setCertAlias(keyStoreAlias); if (keyStorePath != null) { sslContextFactory.setKeyStorePath(keyStorePath); } if (keyStorePassword != null) { sslContextFactory.setKeyStorePassword(keyStorePassword); } sslContextFactory.setExcludeCipherSuites("SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", "SSL_RSA_EXPORT_WITH_RC4_40_MD5", "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); // SSL HTTP Configuration HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // SSL Connector ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(port); sslConnector.setIdleTimeout(30000); // Config return sslConnector; }
Connector createHttpsConnector(int port, SslContext context) { SslContextFactory sslContextFactory = new SslContextFactory(); { sslContextFactory.setKeyStorePath(context.getKeystore()); sslContextFactory.setKeyStorePassword(context.getObfKeypass()); sslContextFactory.setTrustStorePath(context.getTruststore()); sslContextFactory.setTrustStorePassword(context.getObfTrustpass()); sslContextFactory.setKeyManagerPassword(context.getObfMgrpass()); sslContextFactory.setNeedClientAuth(false); } HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); { httpsConfig.setSecureScheme("https"); httpsConfig.setSecurePort(port); httpsConfig.addCustomizer(new SecureRequestCustomizer()); } ConnectionFactory[] factories = new ConnectionFactory[] { // new SslConnectionFactory(sslContextFactory, "http/1.1"),// new HttpConnectionFactory(httpsConfig) // }; return connectionWith(new ServerConnector(this.server, factories), port); }
/** * Main entry point. Starts a Jetty server. * * @param args * ignored. * @throws Exception * if anything goes wrong. */ public static void main(final String[] args) throws Exception { // Configure logging to output to the console with default level of INFO BasicConfigurator.configure(); // Configure server and its associated servlets Server server = new Server(); SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(); SslContextFactory sslContextFactory = sslConnectionFactory.getSslContextFactory(); sslContextFactory.setKeyStorePath(System.getProperty("javax.net.ssl.keyStore")); sslContextFactory.setKeyStorePassword(System.getProperty("javax.net.ssl.keyStorePassword")); sslContextFactory.setIncludeCipherSuites(Sdk.SUPPORTED_CIPHER_SUITES); HttpConfiguration httpConf = new HttpConfiguration(); httpConf.setSecurePort(PORT); httpConf.setSecureScheme(HTTPS_SCHEME); httpConf.addCustomizer(new SecureRequestCustomizer()); HttpConnectionFactory httpConnectionFactory = new HttpConnectionFactory(httpConf); ServerConnector serverConnector = new ServerConnector(server, sslConnectionFactory, httpConnectionFactory); serverConnector.setPort(PORT); Connector[] connectors = new Connector[1]; connectors[0] = serverConnector; server.setConnectors(connectors); ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS); context.setContextPath("/"); server.setHandler(context); context.addServlet(new ServletHolder(createServlet(new HelloWorldSpeechlet())), "/hello"); context.addServlet(new ServletHolder(createServlet(new MinecraftSpeechlet())), "/minecrafthelper"); context.addServlet(new ServletHolder(createServlet(new DomoticzSpeechlet())), "/domoticz"); context.addServlet(new ServletHolder(createServlet(new SessionSpeechlet())), "/session"); server.start(); server.join(); }
private Server createServer() { port = isSSLEnabled() ? conf.get(HTTPS_PORT_KEY, HTTPS_PORT_DEFAULT) : conf.get(HTTP_PORT_KEY, HTTP_PORT_DEFAULT); String hostname = conf.get(HTTP_BIND_HOST, HTTP_BIND_HOST_DEFAULT); QueuedThreadPool qtp = new QueuedThreadPool(conf.get(HTTP_MAX_THREADS, HTTP_MAX_THREADS_DEFAULT)); qtp.setName(serverName); qtp.setDaemon(true); Server server = new Server(qtp); httpConf = configureForwardRequestCustomizer(httpConf); if (!isSSLEnabled()) { InetSocketAddress addr = new InetSocketAddress(hostname, port); ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(httpConf)); connector.setHost(addr.getHostName()); connector.setPort(addr.getPort()); server.setConnectors(new Connector[]{connector}); } else { //Create a connector for HTTPS httpConf.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = createSslContextFactory(); ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpConf)); httpsConnector.setPort(port); httpsConnector.setHost(hostname); server.setConnectors(new Connector[]{httpsConnector}); } return server; }
private static Server startSSLServer(ContextHandlerCollection contexts, SSLSettings settings, int port) throws IOException, Exception { System.setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, "http://localhost:" + port); logger.info("PORT: {}", System.getProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH)); final Server jettyServer = new Server(); HttpConfiguration https_config = new HttpConfiguration(); https_config.setSecureScheme("https"); https_config.setSecurePort(port); https_config.setOutputBufferSize(32768); https_config.addCustomizer(new SecureRequestCustomizer()); // Configure SSL final SslContextFactory contextFactory = new SslContextFactory(); contextFactory.setKeyStorePath(settings.getKeyStorePath()); contextFactory.setTrustStorePath(settings.getTrustStorePath()); contextFactory.setKeyStorePassword(settings.getKeyStorePassword()); contextFactory.setTrustStorePassword(settings.getKeyStorePassword()); contextFactory.setNeedClientAuth(true); // Create and use an SSL connector ServerConnector connector = new ServerConnector(jettyServer, new SslConnectionFactory(contextFactory, "http/1.1"), new HttpConnectionFactory(https_config)); connector.setPort(port); connector.setAcceptQueueSize(1); jettyServer.setConnectors(new Connector[]{ connector }); String serverUrl = "https://localhost:" + port; System.getProperties().setProperty(MessagingPropertyKeys.PROPERTY_SERVLET_HOST_PATH, serverUrl); jettyServer.setHandler(contexts); jettyServer.start(); return jettyServer; }
public static void main(final String... args) throws Exception { final Server server = new Server(); final ServerConnector serverConnector = new ServerConnector(server); serverConnector.setHost(HOST); serverConnector.setPort(PORT); server.addConnector(serverConnector); final HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setSslContext(SslConfig.SERVER.context); sslContextFactory.setNeedClientAuth(true); final ServerConnector sslServerConnector = new ServerConnector( server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.toString()), new HttpConnectionFactory(https) ); sslServerConnector.setHost(HOST); sslServerConnector.setPort(PORT + 1); server.addConnector(sslServerConnector); final ServletContextHandler contextHandler = new ServletContextHandler(ServletContextHandler.NO_SESSIONS); contextHandler.setContextPath("/"); contextHandler.addServlet(new ServletHolder(new XhrServlet()), XHR_PATH); final ResourceHandler resourceHandler = new ResourceHandler(); resourceHandler.setDirectoriesListed(true); resourceHandler.setResourceBase(WEB_PATH); final HandlerList handlers = new HandlerList(); handlers.setHandlers(new Handler[] {resourceHandler, contextHandler}); server.setHandler(handlers); WebSocketServerContainerInitializer.configureContext(contextHandler).addEndpoint(ENDPOINT_CONFIG); server.start(); System.out.println("started"); }
/** * Configure the http2 server. * * @param server the server * @return the server */ @VisibleForTesting Server configureServerForHttp2(Server server) { // HTTP Configuration HttpConfiguration http11Config = new HttpConfiguration(); http11Config.setSecureScheme("https"); http11Config.setSecurePort(httpsPort); // SSL Context Factory for HTTPS and HTTP/2 SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStoreResource(newClassPathResource("sample.jks")); sslContextFactory.setKeyStorePassword("secret"); sslContextFactory.setKeyManagerPassword("secret"); sslContextFactory.setCipherComparator(HTTP2Cipher.COMPARATOR); sslContextFactory.setUseCipherSuitesOrder(true); // HTTPS Configuration HttpConfiguration httpsConfig = new HttpConfiguration(http11Config); httpsConfig.addCustomizer(new SecureRequestCustomizer()); // HTTP/2 Connection Factory HTTP2ServerConnectionFactory h2 = new HTTP2ServerConnectionFactory(httpsConfig); NegotiatingServerConnectionFactory.checkProtocolNegotiationAvailable(); ALPNServerConnectionFactory alpnServerConnectionFactory = new ALPNServerConnectionFactory(); alpnServerConnectionFactory.setDefaultProtocol("h2"); alpnServerConnectionFactory.getALPNProcessor(); // SSL Connection Factory SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, alpnServerConnectionFactory.getProtocol()); // HTTP/2 Connector ServerConnector http2Connector = new ServerConnector(server, sslConnectionFactory, alpnServerConnectionFactory, h2, new HttpConnectionFactory(httpsConfig)); http2Connector.setPort(httpPort); server.addConnector(http2Connector); return server; }
private Connector[] getAllConnectors(){ List<ServerConnector> availableConnectors = new ArrayList<>(); ServerConnector httpConnector = new ServerConnector(s); httpConnector.setPort(settings.getPort()); HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); availableConnectors.add(httpConnector); if(settings.getSecurePortEnabled()){ SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(settings.getSslRoot()); // The keys used (just from my simple example), TODO: Remove hardcoding of the pw. This is disgusting Paul! sslContextFactory.setKeyStorePassword("123456"); sslContextFactory.setKeyManagerPassword("123456"); ServerConnector httpsConnector = new ServerConnector(s, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); httpsConnector.setPort(settings.getSecurePort()); availableConnectors.add(httpsConnector); } return availableConnectors.toArray(new Connector[availableConnectors.size()]); }
public static void main(String[] args) throws Exception { C2Properties properties = C2Properties.getInstance(); final HandlerCollection handlers = new HandlerCollection(); for (Path path : Files.list(Paths.get(C2_SERVER_HOME, "webapps")).collect(Collectors.toList())) { handlers.addHandler(loadWar(path.toFile(), "/c2", JettyServer.class.getClassLoader())); } Server server; int port = Integer.parseInt(properties.getProperty("minifi.c2.server.port", "10080")); if (properties.isSecure()) { SslContextFactory sslContextFactory = properties.getSslContextFactory(); HttpConfiguration config = new HttpConfiguration(); config.setSecureScheme("https"); config.setSecurePort(port); config.addCustomizer(new SecureRequestCustomizer()); server = new Server(); ServerConnector serverConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(config)); serverConnector.setPort(port); server.addConnector(serverConnector); } else { server = new Server(port); } server.setHandler(handlers); server.start(); // ensure everything started successfully for (Handler handler : server.getChildHandlers()) { // see if the handler is a web app if (handler instanceof WebAppContext) { WebAppContext context = (WebAppContext) handler; // see if this webapp had any exceptions that would // cause it to be unavailable if (context.getUnavailableException() != null) { System.err.println("Failed to start web server: " + context.getUnavailableException().getMessage()); System.err.println("Shutting down..."); logger.warn("Failed to start web server... shutting down.", context.getUnavailableException()); server.stop(); System.exit(1); } } } server.dumpStdErr(); server.join(); }
@Bean public EmbeddedServletContainerFactory servletContainer(SslProperties properties) { JettyEmbeddedServletContainerFactory jetty = new JettyEmbeddedServletContainerFactory() { @Override protected void postProcessWebAppContext(WebAppContext webAppContext) { // 所有请求都必须为 Https 协议 ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler(); ConstraintMapping mapping = new ConstraintMapping(); Constraint constraint = new Constraint(); constraint.setDataConstraint(Constraint.DC_CONFIDENTIAL); mapping.setConstraint(constraint); mapping.setPathSpec("/*"); securityHandler.addConstraintMapping(mapping); webAppContext.setSecurityHandler(securityHandler); } }; jetty.addServerCustomizers(new JettyServerCustomizer() { @Override public void customize(Server server) { // 移除Spring Boot 生成的 Connector int httpPort = 80; Connector[] connectors = server.getConnectors(); for (Connector connector : connectors) { if (connector instanceof ServerConnector) { httpPort = ((ServerConnector) connector).getPort(); } server.removeConnector(connector); } // 配置 Http 协议的 Connector HttpConfiguration httpConfig = new HttpConfiguration(); // 重定向 httpConfig.setSecureScheme(properties.getScheme()); httpConfig.setSecurePort(properties.getPort()); httpConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector httpConnector = new ServerConnector(server, new HttpConnectionFactory(httpConfig)); httpConnector.setPort(httpPort); server.addConnector(httpConnector); // 配置 Https 协议的 Connector HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); HttpConnectionFactory connectionFactory = new HttpConnectionFactory(httpsConfig); SslContextFactory sslContextFactory = new SslContextFactory(); File keystoreFile = new File(properties.getKeystore()); if (keystoreFile.exists()) { sslContextFactory.setKeyStorePath(properties.getKeystore()); sslContextFactory.setKeyStorePassword(properties.getKeystorePassword()); } SslConnectionFactory sslConnectionFactory = new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()); ServerConnector serverConnector = new ServerConnector(server, sslConnectionFactory, connectionFactory); serverConnector.setPort(properties.getPort()); server.addConnector(serverConnector); } }); return jetty; }
/** * Main function, starts the jetty server. * * @param args */ public static void main(String[] args) { System.setProperty("wicket.configuration", "development"); Server server = new Server(); HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(8443); http_config.setOutputBufferSize(32768); ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config)); http.setPort(8080); http.setIdleTimeout(1000 * 60 * 60); server.addConnector(http); Resource keystore = Resource.newClassPathResource("/keystore"); if (keystore != null && keystore.exists()) { // if a keystore for a SSL certificate is available, start a SSL // connector on port 8443. // By default, the quickstart comes with a Apache Wicket Quickstart // Certificate that expires about half way september 2021. Do not // use this certificate anywhere important as the passwords are // available in the source. SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStoreResource(keystore); sslContextFactory.setKeyStorePassword("wicket"); sslContextFactory.setKeyManagerPassword("wicket"); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); ServerConnector https = new ServerConnector(server, new SslConnectionFactory( sslContextFactory, "http/1.1"), new HttpConnectionFactory(https_config)); https.setPort(8443); https.setIdleTimeout(500000); server.addConnector(https); System.out.println("SSL access to the examples has been enabled on port 8443"); System.out .println("You can access the application using SSL on https://localhost:8443"); System.out.println(); } WebAppContext bb = new WebAppContext(); bb.setServer(server); bb.setContextPath("/"); bb.setWar("src/main/webapp"); // uncomment next line if you want to test with JSESSIONID encoded in the urls // ((AbstractSessionManager) // bb.getSessionHandler().getSessionManager()).setUsingCookies(false); server.setHandler(bb); MBeanServer mBeanServer = ManagementFactory.getPlatformMBeanServer(); MBeanContainer mBeanContainer = new MBeanContainer(mBeanServer); server.addEventListener(mBeanContainer); server.addBean(mBeanContainer); try { server.start(); server.join(); } catch (Exception e) { e.printStackTrace(); System.exit(100); } }
/** * Initialize HTTPS server to which trusted Auths connect * @param properties Auth server's properties to get paths for key stores and certificates * @param authKeyStorePassword Password for Auth's key store that is used for communication with trusted Auths * @return HTTPS server object * @throws CertificateException When there is a problem with certificate. * @throws NoSuchAlgorithmException If the specified algorithm cannot be found. * @throws KeyStoreException When there is a problem with accessing key store. * @throws IOException If there is a problem in IO. */ private Server initServerForTrustedAuths(AuthServerProperties properties, String authKeyStorePassword) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException { TrustedAuthConnectionHandler trustedAuthConnectionHandler = new TrustedAuthConnectionHandler(this); Server serverForTrustedAuths = new Server(); serverForTrustedAuths.setHandler(trustedAuthConnectionHandler); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setTrustAll(false); sslContextFactory.setKeyStore(AuthCrypto.loadKeyStore(properties.getInternetKeyStorePath(), authKeyStorePassword)); sslContextFactory.setKeyStorePassword(authKeyStorePassword); KeyStore serverTrustStore = KeyStore.getInstance(KeyStore.getDefaultType()); serverTrustStore.load(null, authKeyStorePassword.toCharArray()); String[] trustedCACertPaths = properties.getTrustedCACertPaths(); for (int i = 0; i < trustedCACertPaths.length; i++) { serverTrustStore.setCertificateEntry("" + i, AuthCrypto.loadCertificateFromFile(trustedCACertPaths[i])); } sslContextFactory.setTrustStore(serverTrustStore); sslContextFactory.setNeedClientAuth(true); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setPersistentConnectionsEnabled(true); httpConfig.setSecureScheme("https"); // time out with out keep alive messages? //httpConfig.setBlockingTimeout(); httpConfig.addCustomizer(new SecureRequestCustomizer()); //new SSL ServerConnector connector = new ServerConnector(serverForTrustedAuths, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpConfig)); connector.setPort(properties.getTrustedAuthPort()); // Idle time out for keep alive connections // time out with out requests? connector.setIdleTimeout(properties.getTrustedAuthPortIdleTimeout()); serverForTrustedAuths.setConnectors(new org.eclipse.jetty.server.Connector[]{connector}); return serverForTrustedAuths; }
/** * This method is used to setup a secure connector, it requires valid * keystore information in the config.properties file. Things to note: The * securePort parameter is the port that this server will bind to, the * purpose of this port is to allow the application to be started by a * normal user without the need to bind to one of the first 1024 port * numbers, which are privileged and need the application to be started as * root. So this parameter will be an unprivileged port number (high * number). * * The actualSecurePort parameter will follow the standard port 443, so that * your services can be reached using the standard ssl port. * * This implies that there has to be some kind of an external tool * (NFTables/iptables/firewall/proxy server ...) that will route requests * arriving at actualSecurePort to securePort for this application to * handle. * * Depending on the use_ssl setting found in active.properties file, this * method might be used or ignored. If ignored, your application will not * need a keystore, and you will be using unencrypted http ... not good for * you. * * * @param securePort * @param actualSecurePort * @param keystorePath * @param ketStorePass * @return */ private static ServerConnector setupHttpsConnectors(int securePort, int actualSecurePort, String keystorePath, String ketStorePass) { /*CONNECTORS BUSINESS*/ HttpConfiguration httpsConf = new HttpConfiguration(); httpsConf.setSecurePort(actualSecurePort); httpsConf.setSecureScheme("https"); httpsConf.addCustomizer(new SecureRequestCustomizer()); //Set up SSL keystore SslContextFactory sslContextFactory = new SslContextFactory(keystorePath); sslContextFactory.setKeyStorePassword(ketStorePass); ServerConnector sslConnector = new ServerConnector(embed_server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConf)); sslConnector.setPort(securePort); sslConnector.setName("secured"); return sslConnector; }
@Override protected HttpConfiguration buildHttpConfiguration() { HttpConfiguration config = super.buildHttpConfiguration(); config.addCustomizer(new SecureRequestCustomizer()); return config; }
private static void configureServer() throws Exception { ServerStaticComponents.server = new Server(); int plainPort = -1, sslPort = -1; String keystorePath = null, keystorePassword = null; ServerConnector connector = null, sslConnector = null; if (ServerStaticComponents.properties.getProperty("server.plain.port") != null) { plainPort = new Integer(ServerStaticComponents.properties.getProperty("server.plain.port")); } if (ServerStaticComponents.properties.getProperty("server.ssl.port") != null) { sslPort = new Integer(ServerStaticComponents.properties.getProperty("server.ssl.port")); keystorePath = ServerStaticComponents.properties.getProperty("server.ssl.keystore.path"); keystorePassword = ServerStaticComponents.properties.getProperty("server.ssl.keystore.password"); } if (plainPort != -1) { connector = new ServerConnector(ServerStaticComponents.server); connector.setPort(plainPort); } if (sslPort != -1) { HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystorePath); sslContextFactory.setKeyStorePassword(keystorePassword); sslContextFactory.setKeyManagerPassword(keystorePassword); sslConnector = new ServerConnector( ServerStaticComponents.server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); sslConnector.setPort(sslPort); } if (sslConnector != null && connector != null) { ServerStaticComponents.server.setConnectors(new Connector[]{connector, sslConnector}); } else if (connector != null) { ServerStaticComponents.server.setConnectors(new Connector[]{connector}); } else if (sslConnector != null) { ServerStaticComponents.server.setConnectors(new Connector[]{sslConnector}); } else { System.err.println("Please choose one of the plain and SSL connections!"); System.exit(1); } ServletHolder holder = new ServletHolder(ServletContainer.class); holder.setInitParameter("com.sun.jersey.config.property.resourceConfigClass", "com.sun.jersey.api.core.PackagesResourceConfig"); holder.setInitParameter("com.sun.jersey.config.property.packages", "gr.ntua.cslab.asap.daemon.rest;" + "org.codehaus.jackson.jaxrs");//Set the package where the services reside holder.setInitParameter("com.sun.jersey.api.json.POJOMappingFeature", "true"); holder.setInitParameter("com.sun.jersey.config.feature.Formatted", "true"); // holder.setInitOrder(1); // // ServerStaticComponents.server = new Server(); ServletContextHandler context = new ServletContextHandler(ServerStaticComponents.server, "/", ServletContextHandler.SESSIONS); context.addServlet(holder, "/*"); //FastCGIProxyServlet cgi = new FastCGIProxyServlet(); //ServletHolder holder2 = new ServletHolder(cgi); //context.addServlet(holder2, "/*.php"); ResourceHandler resource_handler = new ResourceHandler(); resource_handler.setDirectoriesListed(true); resource_handler.setWelcomeFiles(new String[] { "test.html" }); resource_handler.setResourceBase("www/"); HandlerList handlers = new HandlerList(); handlers.setHandlers(new Handler[] { resource_handler, context }); ServerStaticComponents.server.setHandler(handlers); Logger.getLogger(Main.class.getName()).info("Server configured"); }
protected Connector getConnector(int port) throws IOException { org.apache.commons.configuration.Configuration config = getConfiguration(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(config.getString(KEYSTORE_FILE_KEY, System.getProperty(KEYSTORE_FILE_KEY, DEFAULT_KEYSTORE_FILE_LOCATION))); sslContextFactory.setKeyStorePassword(getPassword(config, KEYSTORE_PASSWORD_KEY)); sslContextFactory.setKeyManagerPassword(getPassword(config, SERVER_CERT_PASSWORD_KEY)); sslContextFactory.setTrustStorePath(config.getString(TRUSTSTORE_FILE_KEY, System.getProperty(TRUSTSTORE_FILE_KEY, DEFATULT_TRUSTORE_FILE_LOCATION))); sslContextFactory.setTrustStorePassword(getPassword(config, TRUSTSTORE_PASSWORD_KEY)); sslContextFactory.setWantClientAuth(config.getBoolean(CLIENT_AUTH_KEY, Boolean.getBoolean(CLIENT_AUTH_KEY))); List<Object> cipherList = config.getList(ATLAS_SSL_EXCLUDE_CIPHER_SUITES, DEFAULT_CIPHER_SUITES); sslContextFactory.setExcludeCipherSuites(cipherList.toArray(new String[cipherList.size()])); sslContextFactory.setRenegotiationAllowed(false); String[] excludedProtocols = config.containsKey(ATLAS_SSL_EXCLUDE_PROTOCOLS) ? config.getStringArray(ATLAS_SSL_EXCLUDE_PROTOCOLS) : DEFAULT_EXCLUDE_PROTOCOLS; if (excludedProtocols != null && excludedProtocols.length > 0) { sslContextFactory.addExcludeProtocols(excludedProtocols); } // SSL HTTP Configuration // HTTP Configuration HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); final int bufferSize = AtlasConfiguration.WEBSERVER_REQUEST_BUFFER_SIZE.getInt(); http_config.setSecurePort(port); http_config.setRequestHeaderSize(bufferSize); http_config.setResponseHeaderSize(bufferSize); http_config.setSendServerVersion(true); http_config.setSendDateHeader(false); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); // SSL Connector ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); sslConnector.setPort(port); server.addConnector(sslConnector); return sslConnector; }
/** * Initializes the Jetty server. */ private void initJettyServer() { logger.log(Level.INFO, "Initialzing Jetty server..."); int port; if (customPort == null) { logger.log(Level.INFO, "Initialzing server in default port: " + PORT_DEFAULT_VALUE); port = PORT_DEFAULT_VALUE; } else { logger.log(Level.INFO, "Initialzing server in custom port: " + customPort.toString()); port = customPort; } jettyServer = new Server(port); ConfigData config = ProvisioningApp.getInstance().getContext().getConfig(); if (config.getUseSSL()) { HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(config.getKeyStorePath()); sslContextFactory.setKeyStorePassword(config.getKeyStorePassword()); sslContextFactory.setKeyManagerPassword(config.getKeyManagerPassword()); ServerConnector sslConnector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, HTTP_VERSION), new HttpConnectionFactory( https)); sslConnector.setPort(port); jettyServer.setConnectors(new Connector[] {sslConnector}); } jettyServer.setHandler(servletContext); try { jettyServer.start(); jettyServer.join(); } catch (Throwable e) { logger.log(Level.SEVERE, "Exception during server initialization", e); jettyServer.destroy(); } }
