mirror of https://github.com/apache/activemq.git
https://issues.apache.org/jira/browse/AMQ-3880 - wss transport - first some refactoring for https transport so we can reuse stuff
git-svn-id: https://svn.apache.org/repos/asf/activemq/trunk@1357201 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
a3836b562d
commit
39da37d853
|
@ -0,0 +1,181 @@
|
|||
/**
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.activemq.transport;
|
||||
|
||||
import org.apache.activemq.spring.SpringSslContext;
|
||||
import org.apache.activemq.transport.https.Krb5AndCertsSslSocketConnector;
|
||||
import org.apache.activemq.util.IntrospectionSupport;
|
||||
import org.eclipse.jetty.server.Connector;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
|
||||
import org.apache.activemq.broker.SslContext;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import java.util.Map;
|
||||
|
||||
public class SecureSocketConnectorFactory extends SocketConnectorFactory {
|
||||
|
||||
private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
|
||||
private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
|
||||
private String keyStore = System.getProperty("javax.net.ssl.keyStore");
|
||||
private String keyStoreType;
|
||||
private String secureRandomCertficateAlgorithm;
|
||||
private String trustCertificateAlgorithm;
|
||||
private String keyCertificateAlgorithm;
|
||||
private String protocol;
|
||||
private String auth;
|
||||
|
||||
private SslContext context;
|
||||
|
||||
public SecureSocketConnectorFactory(SslContext context) {
|
||||
this.context = context;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Connector createConnector() throws Exception {
|
||||
Krb5AndCertsSslSocketConnector sslConnector = new Krb5AndCertsSslSocketConnector();
|
||||
|
||||
SSLContext sslContext = context == null ? null : context.getSSLContext();
|
||||
|
||||
// Get a reference to the current ssl context factory...
|
||||
SslContextFactory factory = sslConnector.getSslContextFactory();
|
||||
|
||||
if (context != null) {
|
||||
|
||||
// Should not be using this method since it does not use all of the values
|
||||
// from the passed SslContext instance.....
|
||||
factory.setSslContext(sslContext);
|
||||
|
||||
} else {
|
||||
IntrospectionSupport.setProperties(this, getTransportOptions());
|
||||
|
||||
if (auth != null) {
|
||||
sslConnector.setMode(auth);
|
||||
}
|
||||
|
||||
if (keyStore != null) {
|
||||
factory.setKeyStorePath(keyStore);
|
||||
}
|
||||
if (keyStorePassword != null) {
|
||||
factory.setKeyStorePassword(keyStorePassword);
|
||||
}
|
||||
// if the keyPassword hasn't been set, default it to the
|
||||
// key store password
|
||||
if (keyPassword == null && keyStorePassword != null) {
|
||||
factory.setKeyStorePassword(keyStorePassword);
|
||||
}
|
||||
if (keyStoreType != null) {
|
||||
factory.setKeyStoreType(keyStoreType);
|
||||
}
|
||||
if (secureRandomCertficateAlgorithm != null) {
|
||||
factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
|
||||
}
|
||||
if (keyCertificateAlgorithm != null) {
|
||||
factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
|
||||
}
|
||||
if (trustCertificateAlgorithm != null) {
|
||||
factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
|
||||
}
|
||||
if (protocol != null) {
|
||||
factory.setProtocol(protocol);
|
||||
}
|
||||
}
|
||||
|
||||
return sslConnector;
|
||||
}
|
||||
|
||||
// Properties
|
||||
// --------------------------------------------------------------------------------
|
||||
|
||||
public String getKeyStore() {
|
||||
return keyStore;
|
||||
}
|
||||
|
||||
public void setKeyStore(String keyStore) {
|
||||
this.keyStore = keyStore;
|
||||
}
|
||||
|
||||
public String getKeyPassword() {
|
||||
return keyPassword;
|
||||
}
|
||||
|
||||
public void setKeyPassword(String keyPassword) {
|
||||
this.keyPassword = keyPassword;
|
||||
}
|
||||
|
||||
public String getKeyStoreType() {
|
||||
return keyStoreType;
|
||||
}
|
||||
|
||||
public void setKeyStoreType(String keyStoreType) {
|
||||
this.keyStoreType = keyStoreType;
|
||||
}
|
||||
|
||||
public String getKeyStorePassword() {
|
||||
return keyStorePassword;
|
||||
}
|
||||
|
||||
public void setKeyStorePassword(String keyStorePassword) {
|
||||
this.keyStorePassword = keyStorePassword;
|
||||
}
|
||||
|
||||
public String getProtocol() {
|
||||
return protocol;
|
||||
}
|
||||
|
||||
public void setProtocol(String protocol) {
|
||||
this.protocol = protocol;
|
||||
}
|
||||
|
||||
public String getSecureRandomCertficateAlgorithm() {
|
||||
return secureRandomCertficateAlgorithm;
|
||||
}
|
||||
|
||||
public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
|
||||
this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
|
||||
}
|
||||
|
||||
public String getKeyCertificateAlgorithm() {
|
||||
return keyCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
|
||||
this.keyCertificateAlgorithm = keyCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public String getTrustCertificateAlgorithm() {
|
||||
return trustCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
|
||||
this.trustCertificateAlgorithm = trustCertificateAlgorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the auth
|
||||
*/
|
||||
public String getAuth() {
|
||||
return auth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param auth the auth to set
|
||||
*/
|
||||
public void setAuth(String auth) {
|
||||
this.auth = auth;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,40 @@
|
|||
/**
|
||||
* Licensed to the Apache Software Foundation (ASF) under one or more
|
||||
* contributor license agreements. See the NOTICE file distributed with
|
||||
* this work for additional information regarding copyright ownership.
|
||||
* The ASF licenses this file to You under the Apache License, Version 2.0
|
||||
* (the "License"); you may not use this file except in compliance with
|
||||
* the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.apache.activemq.transport;
|
||||
|
||||
import org.eclipse.jetty.server.Connector;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.server.nio.SelectChannelConnector;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
public class SocketConnectorFactory {
|
||||
|
||||
private Map<String, Object> transportOptions;
|
||||
|
||||
public Connector createConnector() throws Exception {
|
||||
return new SelectChannelConnector();
|
||||
}
|
||||
|
||||
public Map<String, Object> getTransportOptions() {
|
||||
return transportOptions;
|
||||
}
|
||||
|
||||
public void setTransportOptions(Map<String, Object> transportOptions) {
|
||||
this.transportOptions = transportOptions;
|
||||
}
|
||||
}
|
|
@ -17,6 +17,7 @@
|
|||
package org.apache.activemq.transport.http;
|
||||
|
||||
import org.apache.activemq.command.BrokerInfo;
|
||||
import org.apache.activemq.transport.SocketConnectorFactory;
|
||||
import org.apache.activemq.transport.TransportServerSupport;
|
||||
import org.apache.activemq.transport.util.TextWireFormat;
|
||||
import org.apache.activemq.transport.xstream.XStreamWireFormat;
|
||||
|
@ -24,12 +25,12 @@ import org.apache.activemq.util.ServiceStopper;
|
|||
import org.eclipse.jetty.server.Connector;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.server.handler.GzipHandler;
|
||||
import org.eclipse.jetty.server.nio.SelectChannelConnector;
|
||||
import org.eclipse.jetty.servlet.ServletContextHandler;
|
||||
import org.eclipse.jetty.servlet.ServletHolder;
|
||||
|
||||
import java.net.InetSocketAddress;
|
||||
import java.net.URI;
|
||||
import java.util.Map;
|
||||
|
||||
public class HttpTransportServer extends TransportServerSupport {
|
||||
|
||||
|
@ -38,11 +39,13 @@ public class HttpTransportServer extends TransportServerSupport {
|
|||
private Server server;
|
||||
private Connector connector;
|
||||
private HttpTransportFactory transportFactory;
|
||||
protected SocketConnectorFactory socketConnectorFactory;
|
||||
|
||||
public HttpTransportServer(URI uri, HttpTransportFactory factory) {
|
||||
super(uri);
|
||||
this.bindAddress = uri;
|
||||
this.transportFactory = factory;
|
||||
socketConnectorFactory = new SocketConnectorFactory();
|
||||
}
|
||||
|
||||
public void setBrokerInfo(BrokerInfo brokerInfo) {
|
||||
|
@ -74,7 +77,7 @@ public class HttpTransportServer extends TransportServerSupport {
|
|||
protected void doStart() throws Exception {
|
||||
server = new Server();
|
||||
if (connector == null) {
|
||||
connector = new SelectChannelConnector();
|
||||
connector = socketConnectorFactory.createConnector();
|
||||
}
|
||||
connector.setHost(bindAddress.getHost());
|
||||
connector.setPort(bindAddress.getPort());
|
||||
|
@ -110,4 +113,10 @@ public class HttpTransportServer extends TransportServerSupport {
|
|||
public InetSocketAddress getSocketAddress() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setTransportOption(Map<String, Object> transportOptions) {
|
||||
socketConnectorFactory.setTransportOptions(transportOptions);
|
||||
super.setTransportOption(transportOptions);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,164 +16,28 @@
|
|||
*/
|
||||
package org.apache.activemq.transport.https;
|
||||
|
||||
import org.apache.activemq.broker.SslContext;
|
||||
import org.apache.activemq.transport.SecureSocketConnectorFactory;
|
||||
import org.apache.activemq.transport.http.HttpTransportServer;
|
||||
import org.eclipse.jetty.server.Connector;
|
||||
|
||||
import java.net.URI;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
|
||||
import org.apache.activemq.broker.SslContext;
|
||||
import org.apache.activemq.transport.http.HttpTransportServer;
|
||||
import org.eclipse.jetty.util.ssl.SslContextFactory;
|
||||
|
||||
public class HttpsTransportServer extends HttpTransportServer {
|
||||
|
||||
private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
|
||||
private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
|
||||
private String keyStore = System.getProperty("javax.net.ssl.keyStore");
|
||||
private String keyStoreType;
|
||||
private String secureRandomCertficateAlgorithm;
|
||||
private String trustCertificateAlgorithm;
|
||||
private String keyCertificateAlgorithm;
|
||||
private String protocol;
|
||||
private String auth;
|
||||
private SslContext context;
|
||||
|
||||
public HttpsTransportServer(URI uri, HttpsTransportFactory factory, SslContext context) {
|
||||
super(uri, factory);
|
||||
this.context = context;
|
||||
this.socketConnectorFactory = new SecureSocketConnectorFactory(context);
|
||||
}
|
||||
|
||||
public void doStart() throws Exception {
|
||||
Krb5AndCertsSslSocketConnector sslConnector = new Krb5AndCertsSslSocketConnector();
|
||||
|
||||
SSLContext sslContext = context == null ? null : context.getSSLContext();
|
||||
|
||||
// Get a reference to the current ssl context factory...
|
||||
SslContextFactory factory = sslConnector.getSslContextFactory();
|
||||
|
||||
if (context != null) {
|
||||
|
||||
// Should not be using this method since it does not use all of the values
|
||||
// from the passed SslContext instance.....
|
||||
factory.setSslContext(sslContext);
|
||||
|
||||
} else {
|
||||
|
||||
if (auth != null) {
|
||||
sslConnector.setMode(auth);
|
||||
}
|
||||
|
||||
if (keyStore != null) {
|
||||
factory.setKeyStorePath(keyStore);
|
||||
}
|
||||
if (keyStorePassword != null) {
|
||||
factory.setKeyStorePassword(keyStorePassword);
|
||||
}
|
||||
// if the keyPassword hasn't been set, default it to the
|
||||
// key store password
|
||||
if (keyPassword == null && keyStorePassword != null) {
|
||||
factory.setKeyStorePassword(keyStorePassword);
|
||||
}
|
||||
if (keyStoreType != null) {
|
||||
factory.setKeyStoreType(keyStoreType);
|
||||
}
|
||||
if (secureRandomCertficateAlgorithm != null) {
|
||||
factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
|
||||
}
|
||||
if (keyCertificateAlgorithm != null) {
|
||||
factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
|
||||
}
|
||||
if (trustCertificateAlgorithm != null) {
|
||||
factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
|
||||
}
|
||||
if (protocol != null) {
|
||||
factory.setProtocol(protocol);
|
||||
}
|
||||
}
|
||||
Connector sslConnector = socketConnectorFactory.createConnector();
|
||||
|
||||
setConnector(sslConnector);
|
||||
|
||||
super.doStart();
|
||||
}
|
||||
|
||||
// Properties
|
||||
// --------------------------------------------------------------------------------
|
||||
|
||||
public String getKeyStore() {
|
||||
return keyStore;
|
||||
}
|
||||
|
||||
public void setKeyStore(String keyStore) {
|
||||
this.keyStore = keyStore;
|
||||
}
|
||||
|
||||
public String getKeyPassword() {
|
||||
return keyPassword;
|
||||
}
|
||||
|
||||
public void setKeyPassword(String keyPassword) {
|
||||
this.keyPassword = keyPassword;
|
||||
}
|
||||
|
||||
public String getKeyStoreType() {
|
||||
return keyStoreType;
|
||||
}
|
||||
|
||||
public void setKeyStoreType(String keyStoreType) {
|
||||
this.keyStoreType = keyStoreType;
|
||||
}
|
||||
|
||||
public String getKeyStorePassword() {
|
||||
return keyStorePassword;
|
||||
}
|
||||
|
||||
public void setKeyStorePassword(String keyStorePassword) {
|
||||
this.keyStorePassword = keyStorePassword;
|
||||
}
|
||||
|
||||
public String getProtocol() {
|
||||
return protocol;
|
||||
}
|
||||
|
||||
public void setProtocol(String protocol) {
|
||||
this.protocol = protocol;
|
||||
}
|
||||
|
||||
public String getSecureRandomCertficateAlgorithm() {
|
||||
return secureRandomCertficateAlgorithm;
|
||||
}
|
||||
|
||||
public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
|
||||
this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
|
||||
}
|
||||
|
||||
public String getKeyCertificateAlgorithm() {
|
||||
return keyCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
|
||||
this.keyCertificateAlgorithm = keyCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public String getTrustCertificateAlgorithm() {
|
||||
return trustCertificateAlgorithm;
|
||||
}
|
||||
|
||||
public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
|
||||
this.trustCertificateAlgorithm = trustCertificateAlgorithm;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the auth
|
||||
*/
|
||||
public String getAuth() {
|
||||
return auth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param auth the auth to set
|
||||
*/
|
||||
public void setAuth(String auth) {
|
||||
this.auth = auth;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -86,20 +86,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
|
|||
}
|
||||
}
|
||||
|
||||
// @Override
|
||||
// protected SSLServerSocketFactory createFactory() throws Exception {
|
||||
// if(useCerts)
|
||||
// return super.createFactory();
|
||||
//
|
||||
// SSLContext context = super.getProvider()==null
|
||||
// ? SSLContext.getInstance(super.getProtocol())
|
||||
// :SSLContext.getInstance(super.getProtocol(), super.getProvider());
|
||||
// context.init(null, null, null);
|
||||
//
|
||||
// System.err.println("Creating socket factory");
|
||||
// return context.getServerSocketFactory();
|
||||
// }
|
||||
|
||||
@Override
|
||||
public SslContextFactory getSslContextFactory() {
|
||||
final SslContextFactory factory = super.getSslContextFactory();
|
||||
|
@ -130,7 +116,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
|
|||
*/
|
||||
@Override
|
||||
protected ServerSocket newServerSocket(String host, int port, int backlog) throws IOException {
|
||||
System.err.println("Creating new KrbServerSocket for: " + host);
|
||||
logIfDebug("Creating new KrbServerSocket for: " + host);
|
||||
SSLServerSocket ss = null;
|
||||
|
||||
|
@ -160,7 +145,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
|
|||
|
||||
ss.setEnabledCipherSuites(combined);
|
||||
}
|
||||
System.err.println("New socket created");
|
||||
return ss;
|
||||
};
|
||||
|
||||
|
@ -186,7 +170,6 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector {
|
|||
|
||||
if (useCerts)
|
||||
super.customize(endpoint, request);
|
||||
System.err.println();
|
||||
}
|
||||
|
||||
private void logIfDebug(String s) {
|
||||
|
|
Loading…
Reference in New Issue