https://issues.apache.org/jira/browse/AMQ-3880 - wss transport - first some refactoring for https transport so we can reuse stuff

git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1357201 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Bosanac Dejan 2012-07-04 09:56:41 +00:00
parent a3836b562d
commit 39da37d853
5 changed files with 239 additions and 162 deletions

View File

@ -0,0 +1,181 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.transport;
import org.apache.activemq.spring.SpringSslContext;
import org.apache.activemq.transport.https.Krb5AndCertsSslSocketConnector;
import org.apache.activemq.util.IntrospectionSupport;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.apache.activemq.broker.SslContext;
import javax.net.ssl.SSLContext;
import java.util.Map;
public class SecureSocketConnectorFactory extends SocketConnectorFactory {
private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
private String keyStore = System.getProperty("javax.net.ssl.keyStore");
private String keyStoreType;
private String secureRandomCertficateAlgorithm;
private String trustCertificateAlgorithm;
private String keyCertificateAlgorithm;
private String protocol;
private String auth;
private SslContext context;
public SecureSocketConnectorFactory(SslContext context) {
this.context = context;
}
@Override
public Connector createConnector() throws Exception {
Krb5AndCertsSslSocketConnector sslConnector = new Krb5AndCertsSslSocketConnector();
SSLContext sslContext = context == null ? null : context.getSSLContext();
// Get a reference to the current ssl context factory...
SslContextFactory factory = sslConnector.getSslContextFactory();
if (context != null) {
// Should not be using this method since it does not use all of the values
// from the passed SslContext instance.....
factory.setSslContext(sslContext);
} else {
IntrospectionSupport.setProperties(this, getTransportOptions());
if (auth != null) {
sslConnector.setMode(auth);
}
if (keyStore != null) {
factory.setKeyStorePath(keyStore);
}
if (keyStorePassword != null) {
factory.setKeyStorePassword(keyStorePassword);
}
// if the keyPassword hasn't been set, default it to the
// key store password
if (keyPassword == null && keyStorePassword != null) {
factory.setKeyStorePassword(keyStorePassword);
}
if (keyStoreType != null) {
factory.setKeyStoreType(keyStoreType);
}
if (secureRandomCertficateAlgorithm != null) {
factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
}
if (keyCertificateAlgorithm != null) {
factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
}
if (trustCertificateAlgorithm != null) {
factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
}
if (protocol != null) {
factory.setProtocol(protocol);
}
}
return sslConnector;
}
// Properties
// --------------------------------------------------------------------------------
public String getKeyStore() {
return keyStore;
}
public void setKeyStore(String keyStore) {
this.keyStore = keyStore;
}
public String getKeyPassword() {
return keyPassword;
}
public void setKeyPassword(String keyPassword) {
this.keyPassword = keyPassword;
}
public String getKeyStoreType() {
return keyStoreType;
}
public void setKeyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
}
public String getKeyStorePassword() {
return keyStorePassword;
}
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public String getSecureRandomCertficateAlgorithm() {
return secureRandomCertficateAlgorithm;
}
public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
}
public String getKeyCertificateAlgorithm() {
return keyCertificateAlgorithm;
}
public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
this.keyCertificateAlgorithm = keyCertificateAlgorithm;
}
public String getTrustCertificateAlgorithm() {
return trustCertificateAlgorithm;
}
public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
this.trustCertificateAlgorithm = trustCertificateAlgorithm;
}
/**
* @return the auth
*/
public String getAuth() {
return auth;
}
/**
* @param auth the auth to set
*/
public void setAuth(String auth) {
this.auth = auth;
}
}

View File

@ -0,0 +1,40 @@
/**
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.transport;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import java.util.Map;
public class SocketConnectorFactory {
private Map<String, Object> transportOptions;
public Connector createConnector() throws Exception {
return new SelectChannelConnector();
}
public Map<String, Object> getTransportOptions() {
return transportOptions;
}
public void setTransportOptions(Map<String, Object> transportOptions) {
this.transportOptions = transportOptions;
}
}

View File

@ -17,6 +17,7 @@
package org.apache.activemq.transport.http;
import org.apache.activemq.command.BrokerInfo;
import org.apache.activemq.transport.SocketConnectorFactory;
import org.apache.activemq.transport.TransportServerSupport;
import org.apache.activemq.transport.util.TextWireFormat;
import org.apache.activemq.transport.xstream.XStreamWireFormat;
@ -24,12 +25,12 @@ import org.apache.activemq.util.ServiceStopper;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.GzipHandler;
import org.eclipse.jetty.server.nio.SelectChannelConnector;
import org.eclipse.jetty.servlet.ServletContextHandler;
import org.eclipse.jetty.servlet.ServletHolder;
import java.net.InetSocketAddress;
import java.net.URI;
import java.util.Map;
public class HttpTransportServer extends TransportServerSupport {
@ -38,11 +39,13 @@ public class HttpTransportServer extends TransportServerSupport {
private Server server;
private Connector connector;
private HttpTransportFactory transportFactory;
protected SocketConnectorFactory socketConnectorFactory;
public HttpTransportServer(URI uri, HttpTransportFactory factory) {
super(uri);
this.bindAddress = uri;
this.transportFactory = factory;
socketConnectorFactory = new SocketConnectorFactory();
}
public void setBrokerInfo(BrokerInfo brokerInfo) {
@ -74,7 +77,7 @@ public class HttpTransportServer extends TransportServerSupport {
protected void doStart() throws Exception {
server = new Server();
if (connector == null) {
connector = new SelectChannelConnector();
connector = socketConnectorFactory.createConnector();
}
connector.setHost(bindAddress.getHost());
connector.setPort(bindAddress.getPort());
@ -110,4 +113,10 @@ public class HttpTransportServer extends TransportServerSupport {
public InetSocketAddress getSocketAddress() {
return null;
}
@Override
public void setTransportOption(Map<String, Object> transportOptions) {
socketConnectorFactory.setTransportOptions(transportOptions);
super.setTransportOption(transportOptions);
}
}

View File

@ -16,164 +16,28 @@
*/
package org.apache.activemq.transport.https;
import org.apache.activemq.broker.SslContext;
import org.apache.activemq.transport.SecureSocketConnectorFactory;
import org.apache.activemq.transport.http.HttpTransportServer;
import org.eclipse.jetty.server.Connector;
import java.net.URI;
import javax.net.ssl.SSLContext;
import org.apache.activemq.broker.SslContext;
import org.apache.activemq.transport.http.HttpTransportServer;
import org.eclipse.jetty.util.ssl.SslContextFactory;
public class HttpsTransportServer extends HttpTransportServer {
private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
private String keyStore = System.getProperty("javax.net.ssl.keyStore");
private String keyStoreType;
private String secureRandomCertficateAlgorithm;
private String trustCertificateAlgorithm;
private String keyCertificateAlgorithm;
private String protocol;
private String auth;
private SslContext context;
public HttpsTransportServer(URI uri, HttpsTransportFactory factory, SslContext context) {
super(uri, factory);
this.context = context;
this.socketConnectorFactory = new SecureSocketConnectorFactory(context);
}
public void doStart() throws Exception {
Krb5AndCertsSslSocketConnector sslConnector = new Krb5AndCertsSslSocketConnector();
SSLContext sslContext = context == null ? null : context.getSSLContext();
// Get a reference to the current ssl context factory...
SslContextFactory factory = sslConnector.getSslContextFactory();
if (context != null) {
// Should not be using this method since it does not use all of the values
// from the passed SslContext instance.....
factory.setSslContext(sslContext);
} else {
if (auth != null) {
sslConnector.setMode(auth);
}
if (keyStore != null) {
factory.setKeyStorePath(keyStore);
}
if (keyStorePassword != null) {
factory.setKeyStorePassword(keyStorePassword);
}
// if the keyPassword hasn't been set, default it to the
// key store password
if (keyPassword == null && keyStorePassword != null) {
factory.setKeyStorePassword(keyStorePassword);
}
if (keyStoreType != null) {
factory.setKeyStoreType(keyStoreType);
}
if (secureRandomCertficateAlgorithm != null) {
factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
}
if (keyCertificateAlgorithm != null) {
factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
}
if (trustCertificateAlgorithm != null) {
factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
}
if (protocol != null) {
factory.setProtocol(protocol);
}
}
Connector sslConnector = socketConnectorFactory.createConnector();
setConnector(sslConnector);
super.doStart();
}
// Properties
// --------------------------------------------------------------------------------
public String getKeyStore() {
return keyStore;
}
public void setKeyStore(String keyStore) {
this.keyStore = keyStore;
}
public String getKeyPassword() {
return keyPassword;
}
public void setKeyPassword(String keyPassword) {
this.keyPassword = keyPassword;
}
public String getKeyStoreType() {
return keyStoreType;
}
public void setKeyStoreType(String keyStoreType) {
this.keyStoreType = keyStoreType;
}
public String getKeyStorePassword() {
return keyStorePassword;
}
public void setKeyStorePassword(String keyStorePassword) {
this.keyStorePassword = keyStorePassword;
}
public String getProtocol() {
return protocol;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public String getSecureRandomCertficateAlgorithm() {
return secureRandomCertficateAlgorithm;
}
public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
}
public String getKeyCertificateAlgorithm() {
return keyCertificateAlgorithm;
}
public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
this.keyCertificateAlgorithm = keyCertificateAlgorithm;
}
public String getTrustCertificateAlgorithm() {
return trustCertificateAlgorithm;
}
public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
this.trustCertificateAlgorithm = trustCertificateAlgorithm;
}
/**
* @return the auth
*/
public String getAuth() {
return auth;
}
/**
* @param auth the auth to set
*/
public void setAuth(String auth) {
this.auth = auth;
}
}

View File

@ -86,20 +86,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
}
}
// @Override
// protected SSLServerSocketFactory createFactory() throws Exception {
// if(useCerts)
// return super.createFactory();
//
// SSLContext context = super.getProvider()==null
// ? SSLContext.getInstance(super.getProtocol())
// :SSLContext.getInstance(super.getProtocol(), super.getProvider());
// context.init(null, null, null);
//
// System.err.println("Creating socket factory");
// return context.getServerSocketFactory();
// }
@Override
public SslContextFactory getSslContextFactory() {
final SslContextFactory factory = super.getSslContextFactory();
@ -130,7 +116,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
*/
@Override
protected ServerSocket newServerSocket(String host, int port, int backlog) throws IOException {
System.err.println("Creating new KrbServerSocket for: " + host);
logIfDebug("Creating new KrbServerSocket for: " + host);
SSLServerSocket ss = null;
@ -160,7 +145,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
ss.setEnabledCipherSuites(combined);
}
System.err.println("New socket created");
return ss;
};
@ -186,7 +170,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
if (useCerts)
super.customize(endpoint, request);
System.err.println();
}
private void logIfDebug(String s) {