Server server = new Server(); handlers.setHandlers(new Handler[]{staticResourceHandler, servletContextHandler}); server.setHandler(handlers); HttpConfiguration http_config = new HttpConfiguration(); http_config.setSecureScheme("https"); http_config.setSecurePort(Integer.parseInt(globalProps.getProperty("serverPort"))); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keystoreFile.getAbsolutePath()); sslContextFactory.setKeyStorePassword(globalProps.getProperty("keystorePwd")); sslContextFactory.setKeyManagerPassword(globalProps.getProperty("keystoreManagerPwd")); HttpConfiguration https_config = new HttpConfiguration(http_config); https_config.addCustomizer(new SecureRequestCustomizer()); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config)); https.setPort(Integer.parseInt(globalProps.getProperty("serverPort"))); server.setConnectors(new Connector[]{https}); } else { if(globalProps.getProperty("X-Forwarded-For").equals("true")) { http_config.addCustomizer(new org.eclipse.jetty.server.ForwardedRequestCustomizer()); ServerConnector http = new ServerConnector(server, new HttpConnectionFactory(http_config)); http.setPort(Integer.parseInt(globalProps.getProperty("serverPort"))); server.setConnectors(new Connector[]{http});
this.httpServer = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setCertAlias(sslConfig.getAlias()); sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth()); sslContextFactory.setExcludeCipherSuites(); sslContextFactory.setIncludeCipherSuites(SSLUtil.readArray(sslConfig.getCiphers())); sslContextFactory.setProtocol(protocol); } else { logger.warn("SSL Protocol could not be determined. SSL settings might not work correctly"); sslContextFactory.setKeyStorePath(sslConfig.getKeystore()); sslContextFactory.setKeyStoreType(sslConfig.getKeystoreType()); sslContextFactory.setKeyStorePassword(sslConfig.getKeystorePassword()); sslContextFactory.setTrustStorePath(sslConfig.getTruststore()); sslContextFactory.setTrustStorePassword(sslConfig.getTruststorePassword()); sslContextFactory.setTrustStoreType(sslConfig.getTruststoreType()); logger.debug(sslContextFactory.dump());
public static SslContextFactory createSslContextFactory(boolean tlsAllowInsecureConnection, String tlsTrustCertsFilePath, String tlsCertificateFilePath, String tlsKeyFilePath, boolean tlsRequireTrustedClientCertOnConnect) throws GeneralSecurityException { SslContextFactory sslCtxFactory = new SslContextFactory(); SSLContext sslCtx = createSslContext(tlsAllowInsecureConnection, tlsTrustCertsFilePath, tlsCertificateFilePath, tlsKeyFilePath); sslCtxFactory.setSslContext(sslCtx); if (tlsRequireTrustedClientCertOnConnect) { sslCtxFactory.setNeedClientAuth(true); } else { sslCtxFactory.setWantClientAuth(true); } sslCtxFactory.setTrustAll(true); return sslCtxFactory; } }
Boolean needClientAuth, Boolean wantClientAuth, Integer headerBufferSize) { SslContextFactory factory = new SslContextFactory(); factory.setExcludeCipherSuites("SSL_RSA_WITH_RC4_128_MD5", "SSL_RSA_WITH_RC4_128_SHA"); factory.setExcludeProtocols("SSLv3"); factory.setRenegotiationAllowed(false); factory.setKeyStorePath(ksPath); factory.setKeyStoreType(ksType); factory.setKeyStorePassword(ksPassword); factory.setKeyManagerPassword(keyPassword); factory.setTrustStorePath(tsPath); factory.setTrustStoreType(tsType); factory.setTrustStorePassword(tsPassword); factory.setNeedClientAuth(true); } else if (wantClientAuth != null && wantClientAuth) { factory.setWantClientAuth(true); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); if (null != headerBufferSize) { httpsConfig.setRequestHeaderSize(headerBufferSize);
private SslContextFactory createSslContextFactory() { SslContextFactory factory = new SslContextFactory(); if (keyStorePath != null) { factory.setKeyStorePath(keyStorePath); factory.setKeyStoreType(keyStoreType); if (keyStorePassword != null) { factory.setKeyStorePassword(keyStorePassword); factory.setKeyStoreProvider(keyStoreProvider); factory.setTrustStorePath(trustStorePath); factory.setTrustStorePassword(trustStorePassword); factory.setTrustStoreType(trustStoreType); if (trustStoreProvider != null) { factory.setTrustStoreProvider(trustStoreProvider); factory.setValidateCerts(validateCerts); factory.setValidatePeerCerts(validatePeers); if (supportedProtocols != null) { factory.setIncludeProtocols(supportedProtocols.toArray(new String[0])); factory.setExcludeProtocols(excludedProtocols.toArray(new String[0])); factory.setIncludeCipherSuites(supportedCipherSuites.toArray(new String[0])); factory.setExcludeCipherSuites(excludedCipherSuites.toArray(new String[0]));
@Override public void startSSL(String keyStoreLocation, String keyStorePassword) throws Exception { Server server = new Server(); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keyStoreLocation); sslContextFactory.setKeyStorePassword(keyStorePassword); ServerConnector https = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpsConfig)); https.setHost(host); https.setPort(port); server.setConnectors(new Connector[]{https}); configureContextHandler(server); startServer(server); }
new QueuedThreadPool(maxThreads, minThreads, idleTimeout); Server server = new Server(threadPool); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); String keystore = conf.get(REST_SSL_KEYSTORE_STORE); String password = HBaseConfiguration.getPassword(conf, String keyPassword = HBaseConfiguration.getPassword(conf, REST_SSL_KEYSTORE_KEYPASSWORD, password); sslCtxFactory.setKeyStorePath(keystore); sslCtxFactory.setKeyStorePassword(password); sslCtxFactory.setKeyManagerPassword(keyPassword); sslCtxFactory.setExcludeCipherSuites(excludeCiphers); sslCtxFactory.setIncludeCipherSuites(includeCiphers); REST_SSL_EXCLUDE_PROTOCOLS, ArrayUtils.EMPTY_STRING_ARRAY); if (excludeProtocols.length != 0) { sslCtxFactory.setExcludeProtocols(excludeProtocols); sslCtxFactory.setIncludeProtocols(includeProtocols); serverConnector.setAcceptQueueSize(acceptQueueSize);
m_server = new Server(m_pool); else m_server = new Server(); m_server.addBean(errorHandler); ServerConnector http = new ServerConnector(m_server); http.setHost(m_address.getHostName()); http.setPort(m_port); m_server.addConnector(http); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(m_sslPort); httpConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(m_keyStorePath); sslContextFactory.setKeyStorePassword(m_keyStorePassword); sslContextFactory.setIncludeCipherSuites(m_cipherSuites); sslContextFactory.setIncludeProtocols(m_protocols); ServerConnector https = new ServerConnector(m_server, new SslConnectionFactory(sslContextFactory,"http/1.1"), new HttpConnectionFactory(httpConfig)); https.setPort(m_sslPort);
FlumeBeanConfigurator.setConfigurationFields(threadPool, sourceContext); srv = new Server(threadPool); srv.addEventListener(mbContainer); srv.addBean(mbContainer); HttpConfiguration httpConfiguration = new HttpConfiguration(); httpConfiguration.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); sslCtxFactory.setSslContext(sslContext); sslCtxFactory.setExcludeProtocols(getExcludeProtocols().toArray(new String[]{})); sslCtxFactory.setIncludeProtocols(getIncludeProtocols().toArray(new String[]{})); sslCtxFactory.setExcludeCipherSuites(getExcludeCipherSuites().toArray(new String[]{})); sslCtxFactory.setIncludeCipherSuites(getIncludeCipherSuites().toArray(new String[]{})); httpConfiguration.setSecurePort(port); httpConfiguration.setSecureScheme("https"); connector.setPort(port); connector.setHost(host); connector.setReuseAddress(true);
public void start() { if (useHttps) { server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyStorePassword("password"); sslContextFactory.setKeyManagerPassword("password"); HttpConfiguration https = new HttpConfiguration(); ServerConnector sslConnector = new ServerConnector( server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https)); sslConnector.setPort(httpPort); server.setConnectors(new Connector[] {sslConnector}); } else { server = new Server(httpPort); ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(new HttpConfiguration())); connector.setPort(httpPort); server.setConnectors(new Connector[] {connector});
Server server = new Server(); HttpConfiguration https = new HttpConfiguration(); https.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStorePath(keyStorePath); sslContextFactory.setKeyStorePassword("abc123"); sslContextFactory.setKeyManagerPassword("abc123"); ServerConnector sslConnector = new ServerConnector( server, new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(https) ); sslConnector.setPort(0); server.setConnectors(new Connector[]{sslConnector}); server.start(); new Request( HttpMethod.GET, new URL(StringUtils.format("https://localhost:%d/", sslConnector.getLocalPort())) ), new StatusResponseHandler(StandardCharsets.UTF_8)
final SslContextFactory contextFactory = new SslContextFactory(); contextFactory.setNeedClientAuth(needClientAuth); contextFactory.setTrustStorePath(sslContextService.getTrustStoreFile()); contextFactory.setTrustStoreType(sslContextService.getTrustStoreType()); contextFactory.setTrustStorePassword(sslContextService.getTrustStorePassword()); final String keyStoreType = sslContextService.getKeyStoreType(); contextFactory.setKeyStorePath(keystorePath); contextFactory.setKeyManagerPassword(keystorePassword); contextFactory.setKeyStorePassword(keystorePassword); contextFactory.setKeyStoreType(keyStoreType); contextFactory.setProtocol(sslContextService.getSslAlgorithm()); final Server server = new Server(threadPool); final HttpConfiguration httpConfiguration = new HttpConfiguration(); if (keystorePath == null) { connector = new ServerConnector(server, new SslConnectionFactory(contextFactory, "http/1.1"), new HttpConnectionFactory(httpConfiguration)); connector.setPort(port); server.setConnectors(new Connector[] {connector});
private static Server createServer(Handler handler, int port, KeyStore keyStore, String keyPassword) throws Exception { Server server = new Server(); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setIncludeProtocols("TLSv1.2"); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyManagerPassword(keyPassword); HttpConfiguration httpsConfig = new HttpConfiguration(); httpsConfig.addCustomizer(new SecureRequestCustomizer()); ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfig)); sslConnector.setPort(port); server.addConnector(sslConnector); server.setHandler(handler); return server; }
private void start() throws Exception { server = new Server(); ServerConnector connector = new ServerConnector(server); server.addConnector(connector); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setCertAlias("cruise"); sslContextFactory.setKeyStoreResource(Resource.newClassPathResource("testdata/fake-server-keystore")); sslContextFactory.setKeyStorePassword("serverKeystorepa55w0rd"); ServerConnector secureConnnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(new HttpConfiguration()) ); server.addConnector(secureConnnector); server.start(); port = connector.getLocalPort(); securePort = secureConnnector.getLocalPort();
QueuedThreadPool threadPool = new QueuedThreadPool(maxThreads); threadPool.setMinThreads(minThreads); httpServer = new Server(threadPool); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslCtxFactory = new SslContextFactory(); String keystore = conf.get(THRIFT_SSL_KEYSTORE_STORE_KEY); String password = HBaseConfiguration.getPassword(conf, String keyPassword = HBaseConfiguration.getPassword(conf, THRIFT_SSL_KEYSTORE_KEYPASSWORD_KEY, password); sslCtxFactory.setKeyStorePath(keystore); sslCtxFactory.setKeyStorePassword(password); sslCtxFactory.setKeyManagerPassword(keyPassword); sslCtxFactory.setExcludeCipherSuites(excludeCiphers); sslCtxFactory.setIncludeCipherSuites(includeCiphers); THRIFT_SSL_EXCLUDE_PROTOCOLS_KEY, "SSLv3"); if (excludeProtocols.length != 0) { sslCtxFactory.setExcludeProtocols(excludeProtocols); sslCtxFactory.setIncludeProtocols(includeProtocols);
sslContextFactory.setKeyStorePath(tlsServerConfig.getKeyStorePath()); sslContextFactory.setKeyStoreType(tlsServerConfig.getKeyStoreType()); sslContextFactory.setKeyStorePassword(tlsServerConfig.getKeyStorePasswordProvider().getPassword()); sslContextFactory.setCertAlias(tlsServerConfig.getCertAlias()); sslContextFactory.setKeyManagerFactoryAlgorithm(tlsServerConfig.getKeyManagerFactoryAlgorithm() == null ? KeyManagerFactory.getDefaultAlgorithm() : tlsServerConfig.getKeyManagerFactoryAlgorithm()); sslContextFactory.setKeyManagerPassword(tlsServerConfig.getKeyManagerPasswordProvider() == null ? null : tlsServerConfig.getKeyManagerPasswordProvider().getPassword()); if (tlsServerConfig.getIncludeCipherSuites() != null) { sslContextFactory.setIncludeCipherSuites( tlsServerConfig.getIncludeCipherSuites().toArray(new String[0])); sslContextFactory.setExcludeCipherSuites( tlsServerConfig.getExcludeCipherSuites().toArray(new String[0])); sslContextFactory.setIncludeProtocols( tlsServerConfig.getIncludeProtocols().toArray(new String[0])); sslContextFactory.setExcludeProtocols( tlsServerConfig.getExcludeProtocols().toArray(new String[0])); sslContextFactory.setNeedClientAuth(tlsServerConfig.isRequireClientCertificate()); if (tlsServerConfig.isRequireClientCertificate()) { if (tlsServerConfig.getCrlPath() != null) { sslContextFactory.setValidatePeerCerts(true); sslContextFactory.setCrlPath(tlsServerConfig.getCrlPath());
private static void setupHttpServer(int httpPort, int httpsPort) throws Exception{ QueuedThreadPool pool = new QueuedThreadPool(); pool.setMaxThreads(500); LoklakInstallation.server = new Server(pool); LoklakInstallation.server.setStopAtShutdown(true); HttpConfiguration http_config = new HttpConfiguration(); if(httpsMode.equals(HttpsMode.REDIRECT)) { //redirect http_config.addCustomizer(new SecureRequestCustomizer()); http_config.setSecureScheme("https"); http_config.setSecurePort(httpsPort); HttpConfiguration https_config = new HttpConfiguration(); https_config.addCustomizer(new SecureRequestCustomizer()); HttpConnectionFactory http1 = new HttpConnectionFactory(https_config); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(keyStore); sslContextFactory.setKeyManagerPassword(keystoreManagerPass); SslConnectionFactory ssl = new SslConnectionFactory(sslContextFactory, "http/1.1");
server = new Server(threadPool); final HttpConfiguration conf = new HttpConfiguration(); + " Not configured for SSL connection"); SslContextFactory sslContextFactory = new SslContextFactory(); String[] excludedProtocols = hiveConf.getVar(ConfVars.HIVE_SSL_PROTOCOL_BLACKLIST).split(","); LOG.info("HTTP Server SSL: adding excluded protocols: " + Arrays.toString(excludedProtocols)); sslContextFactory.addExcludeProtocols(excludedProtocols); LOG.info("HTTP Server SSL: SslContextFactory.getExcludeProtocols = " + Arrays.toString(sslContextFactory.getExcludeProtocols())); sslContextFactory.setKeyStorePath(keyStorePath); sslContextFactory.setKeyStorePassword(keyStorePassword); connector = new ServerConnector(server, sslContextFactory, http); } else { connector = new ServerConnector(server, http); connector.setPort(portNum); connector.setReuseAddress(true); connector.setAcceptQueueSize(maxWorkerThreads); server.addConnector(connector);
@BeforeEach void setUp() throws Exception { server = new Server(); final SslContextFactory sslContextFactory = new SslContextFactory(getClass().getResource("/keystore").getPath()); sslContextFactory.setKeyStorePassword("password"); sslContextFactory.getSslContext(); final HttpConfiguration httpConfiguration = new HttpConfiguration(); httpConfiguration.setSecureScheme("https"); httpConfiguration.setSecurePort(0); final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); httpsConfiguration.addCustomizer(new SecureRequestCustomizer()); final ServerConnector httpsConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpsConfiguration)); httpsConnector.setPort(0); server.addConnector(httpsConnector); server.setHandler(new AbstractHandler() { @Override public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) { baseRequest.setHandled(true); requestHandled.set(true); } }); server.start(); configuration = SpyConfiguration.createSpyConfig(); reporterConfiguration = configuration.getConfig(ReporterConfiguration.class); when(reporterConfiguration.getServerUrls()).thenReturn(Collections.singletonList(new URL("https://localhost:" + getPort()))); }
jetty = new Server(); ServerConnector http = new ServerConnector(jetty); http.setPort(port); http.setIdleTimeout(idleTimeout); if (host != null) { http.setHost(host); jetty.addConnector(http); HttpConfiguration httpConfig = new HttpConfiguration(); httpConfig.setSecureScheme("https"); httpConfig.setSecurePort(sslPort); httpConfig.setOutputBufferSize(32768); HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig); httpsConfig.addCustomizer(new SecureRequestCustomizer()); SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setKeyStore(StandaloneHelper.loadKeyStore(this.sslKeystoreUri, this.sslKeystorePassword.toCharArray())); sslContextFactory.setKeyManagerPassword(this.sslKeystorePassword); sslContextFactory.setTrustStore(StandaloneHelper.loadKeyStore(this.sslTruststoreUri, this.sslTruststorePassword.toCharArray())); https.setPort(sslPort); https.setIdleTimeout(idleTimeout); jetty.addConnector(https);