430823 - jetty-start / make NeedClientAuth (ssl) configurable via property

+ Added 'jetty.ssl.needClientAuth' for required client certificate auth
+ Added 'jetty.ssl.wantClientAuth' for desried client certificate auth
This commit is contained in:
Joakim Erdfelt 2014-03-20 14:41:53 -07:00
parent 18fb0c8877
commit 267542b315
2 changed files with 8 additions and 0 deletions

View File

@ -13,6 +13,8 @@
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/keystore"/></Set> <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.truststore" default="etc/keystore"/></Set>
<Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set> <Set name="TrustStorePassword"><Property name="jetty.truststore.password" default="OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4"/></Set>
<Set name="EndpointIdentificationAlgorithm"></Set> <Set name="EndpointIdentificationAlgorithm"></Set>
<Set name="NeedClientAuth"><Property name="jetty.ssl.needClientAuth" default="false"/></Set>
<Set name="WantClientAuth"><Property name="jetty.ssl.wantClientAuth" default="false"/></Set>
<Set name="ExcludeCipherSuites"> <Set name="ExcludeCipherSuites">
<Array type="String"> <Array type="String">
<Item>SSL_RSA_WITH_DES_CBC_SHA</Item> <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>

View File

@ -27,3 +27,9 @@ jetty.keystore.password=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
jetty.keymanager.password=OBF:1u2u1wml1z7s1z7a1wnl1u2g jetty.keymanager.password=OBF:1u2u1wml1z7s1z7a1wnl1u2g
jetty.truststore.password=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 jetty.truststore.password=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
# Set the client auth behavior
# Set to true if client certificate authentication is required
# jetty.ssl.needClientAuth=true
# Set to true if client certificate authentication is desired
# jetty.ssl.wantClientAuth=true