diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/SecureSocketConnectorFactory.java b/activemq-optional/src/main/java/org/apache/activemq/transport/SecureSocketConnectorFactory.java index 97fc3bba80..b418670669 100644 --- a/activemq-optional/src/main/java/org/apache/activemq/transport/SecureSocketConnectorFactory.java +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/SecureSocketConnectorFactory.java @@ -20,6 +20,8 @@ import org.apache.activemq.spring.SpringSslContext; import org.apache.activemq.transport.https.Krb5AndCertsSslSocketConnector; import org.apache.activemq.util.IntrospectionSupport; import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.ssl.SslConnector; +import org.eclipse.jetty.server.ssl.SslSelectChannelConnector; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.apache.activemq.broker.SslContext; @@ -47,7 +49,14 @@ public class SecureSocketConnectorFactory extends SocketConnectorFactory { @Override public Connector createConnector() throws Exception { - Krb5AndCertsSslSocketConnector sslConnector = new Krb5AndCertsSslSocketConnector(); + IntrospectionSupport.setProperties(this, getTransportOptions()); + SslConnector sslConnector; + if (Krb5AndCertsSslSocketConnector.isKrb(auth)) { + sslConnector = new Krb5AndCertsSslSocketConnector(); + ((Krb5AndCertsSslSocketConnector)sslConnector).setMode(auth); + } else { + sslConnector = new SslSelectChannelConnector(); + } SSLContext sslContext = context == null ? null : context.getSSLContext(); @@ -61,11 +70,6 @@ public class SecureSocketConnectorFactory extends SocketConnectorFactory { factory.setSslContext(sslContext); } else { - IntrospectionSupport.setProperties(this, getTransportOptions()); - - if (auth != null) { - sslConnector.setMode(auth); - } if (keyStore != null) { factory.setKeyStorePath(keyStore); diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/https/Krb5AndCertsSslSocketConnector.java b/activemq-optional/src/main/java/org/apache/activemq/transport/https/Krb5AndCertsSslSocketConnector.java index e8426abb0e..4fe572db94 100644 --- a/activemq-optional/src/main/java/org/apache/activemq/transport/https/Krb5AndCertsSslSocketConnector.java +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/https/Krb5AndCertsSslSocketConnector.java @@ -70,6 +70,10 @@ public class Krb5AndCertsSslSocketConnector extends SslSocketConnector { setPasswords(); } + public static boolean isKrb(String mode) { + return mode == MODE.KRB.toString() || mode == MODE.BOTH.toString(); + } + public void setMode(String mode) { useKrb = mode == MODE.KRB.toString() || mode == MODE.BOTH.toString(); useCerts = mode == MODE.CERTS.toString() || mode == MODE.BOTH.toString(); diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportFactory.java b/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportFactory.java index 906fbd6dcf..2c1d4c157d 100644 --- a/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportFactory.java +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportFactory.java @@ -19,9 +19,15 @@ package org.apache.activemq.transport.ws; import java.io.IOException; import java.net.URI; +import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.Map; import org.apache.activemq.transport.TransportFactory; import org.apache.activemq.transport.TransportServer; +import org.apache.activemq.util.IOExceptionSupport; +import org.apache.activemq.util.IntrospectionSupport; +import org.apache.activemq.util.URISupport; /** * @@ -31,7 +37,15 @@ import org.apache.activemq.transport.TransportServer; public class WSTransportFactory extends TransportFactory { public TransportServer doBind(URI location) throws IOException { - return new WSTransportServer(location); + try { + Map options = new HashMap(URISupport.parseParameters(location)); + WSTransportServer result = new WSTransportServer(location); + Map transportOptions = IntrospectionSupport.extractProperties(options, "transport."); + result.setTransportOption(transportOptions); + return result; + } catch (URISyntaxException e) { + throw IOExceptionSupport.create(e); + } } } diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportServer.java b/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportServer.java index d55355322e..cbab9b1980 100644 --- a/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportServer.java +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/ws/WSTransportServer.java @@ -18,6 +18,7 @@ package org.apache.activemq.transport.ws; import org.apache.activemq.command.BrokerInfo; +import org.apache.activemq.transport.SocketConnectorFactory; import org.apache.activemq.transport.TransportServerSupport; import org.apache.activemq.util.ServiceStopper; import org.eclipse.jetty.server.Connector; @@ -28,6 +29,7 @@ import org.eclipse.jetty.servlet.ServletHolder; import java.net.InetSocketAddress; import java.net.URI; +import java.util.Map; /** * Creates a web server and registers web socket server @@ -38,16 +40,18 @@ public class WSTransportServer extends TransportServerSupport { private URI bindAddress; private Server server; private Connector connector; + protected SocketConnectorFactory socketConnectorFactory; public WSTransportServer(URI location) { super(location); this.bindAddress = location; + socketConnectorFactory = new SocketConnectorFactory(); } protected void doStart() throws Exception { server = new Server(); if (connector == null) { - connector = new SelectChannelConnector(); + connector = socketConnectorFactory.createConnector(); } connector.setHost(bindAddress.getHost()); connector.setPort(bindAddress.getPort()); @@ -81,4 +85,14 @@ public class WSTransportServer extends TransportServerSupport { public void setBrokerInfo(BrokerInfo brokerInfo) { } + protected void setConnector(Connector connector) { + this.connector = connector; + } + + @Override + public void setTransportOption(Map transportOptions) { + socketConnectorFactory.setTransportOptions(transportOptions); + super.setTransportOption(transportOptions); + } + } diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportFactory.java b/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportFactory.java new file mode 100644 index 0000000000..5dc32d037e --- /dev/null +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportFactory.java @@ -0,0 +1,52 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.activemq.transport.wss; + +import org.apache.activemq.broker.SslContext; +import org.apache.activemq.transport.TransportFactory; +import org.apache.activemq.transport.TransportServer; +import org.apache.activemq.transport.ws.WSTransportServer; +import org.apache.activemq.util.IOExceptionSupport; +import org.apache.activemq.util.IntrospectionSupport; +import org.apache.activemq.util.URISupport; + +import java.io.IOException; +import java.net.URI; +import java.net.URISyntaxException; +import java.util.HashMap; +import java.util.Map; + +/** + * + * Factory for Secure WebSocket (wss) transport + * + */ +public class WSSTransportFactory extends TransportFactory { + + public TransportServer doBind(URI location) throws IOException { + try { + Map options = new HashMap(URISupport.parseParameters(location)); + WSSTransportServer result = new WSSTransportServer(location, SslContext.getCurrentSslContext()); + Map transportOptions = IntrospectionSupport.extractProperties(options, "transport."); + result.setTransportOption(transportOptions); + return result; + } catch (URISyntaxException e) { + throw IOExceptionSupport.create(e); + } + } + +} diff --git a/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportServer.java b/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportServer.java new file mode 100644 index 0000000000..0cb3f98fcc --- /dev/null +++ b/activemq-optional/src/main/java/org/apache/activemq/transport/wss/WSSTransportServer.java @@ -0,0 +1,47 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.activemq.transport.wss; + +import org.apache.activemq.broker.SslContext; +import org.apache.activemq.transport.SecureSocketConnectorFactory; +import org.apache.activemq.transport.https.Krb5AndCertsSslSocketConnector; +import org.apache.activemq.transport.ws.WSTransportServer; +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.util.ssl.SslContextFactory; + +import javax.net.ssl.SSLContext; +import java.net.URI; + +public class WSSTransportServer extends WSTransportServer { + private SslContext context; + + public WSSTransportServer(URI location, SslContext context) { + super(location); + this.context = context; + this.socketConnectorFactory = new SecureSocketConnectorFactory(context); + } + + @Override + protected void doStart() throws Exception { + + Connector sslConnector = socketConnectorFactory.createConnector(); + + setConnector(sslConnector); + + super.doStart(); + } +} diff --git a/activemq-optional/src/main/resources/META-INF/services/org/apache/activemq/transport/wss b/activemq-optional/src/main/resources/META-INF/services/org/apache/activemq/transport/wss new file mode 100644 index 0000000000..792384e709 --- /dev/null +++ b/activemq-optional/src/main/resources/META-INF/services/org/apache/activemq/transport/wss @@ -0,0 +1,17 @@ +## --------------------------------------------------------------------------- +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## --------------------------------------------------------------------------- +class=org.apache.activemq.transport.wss.WSSTransportFactory \ No newline at end of file