.ifPresent(auth->sslConf.setWantClientAuth(true)); sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true));
new SSLEngineConfigurator(sslConfig) .setClientMode(false) .setNeedClientAuth(false) );
/** * Start SSL-secured HTTP test server. * * @throws IOException in case there is an error while reading server key store or trust store. * @return an instance of the started SSL-secured HTTP test server. */ public static Server start() throws IOException { // Grizzly ssl configuration SSLContextConfigurator sslContext = new SSLContextConfigurator(); // set up security context sslContext.setKeyStoreFile(KEYSTORE_SERVER_FILE); // contains server keypair sslContext.setKeyStorePass(KEYSTORE_SERVER_PWD); sslContext.setTrustStoreFile(TRUSTORE_SERVER_FILE); // contains client certificate sslContext.setTrustStorePass(TRUSTORE_SERVER_PWD); ResourceConfig rc = new ResourceConfig(); rc.registerClasses(RootResource.class, SecurityFilter.class, AuthenticationExceptionMapper.class); final HttpServer grizzlyServer = GrizzlyHttpServerFactory.createHttpServer( getBaseURI(), rc, true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true) ); // start Grizzly embedded server // LOGGER.info("Jersey app started. Try out " + BASE_URI + "\nHit CTRL + C to stop it..."); grizzlyServer.start(); return new Server(grizzlyServer); }
public void startServer() throws TelegramApiRequestException { ResourceConfig rc = new ResourceConfig(); rc.register(restApi); rc.register(JacksonFeature.class); final HttpServer grizzlyServer; if (keystoreServerFile != null && keystoreServerPwd != null) { SSLContextConfigurator sslContext = new SSLContextConfigurator(); // set up security context sslContext.setKeyStoreFile(keystoreServerFile); // contains server keypair sslContext.setKeyStorePass(keystoreServerPwd); grizzlyServer = GrizzlyHttpServerFactory.createHttpServer(getBaseURI(), rc, true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(false)); } else { grizzlyServer = GrizzlyHttpServerFactory.createHttpServer(getBaseURI(), rc); } try { grizzlyServer.start(); } catch (IOException e) { throw new TelegramApiRequestException("Error starting webhook server", e); } }
sslConf.setNeedClientAuth(false); return sslConf;
true, new SSLEngineConfigurator(sslCon).setClientMode(false).setNeedClientAuth(false));
new ResourceConfig(), true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true), false );
new ResourceConfig(), true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(true), false );
@Override public void enableTLS(final SSLContext sslContext, final String[] protocols, final String[] suites, final boolean wantClientAuth, final boolean needClientAuth) { Validator.ensureNotNull(sslContext); synchronized (this) { if (isTLSEnabled()) { throw new IllegalStateException("TLS already enabled"); } final SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext, false, false, false); sslEngineConfigurator.setEnabledCipherSuites(suites); sslEngineConfigurator.setEnabledProtocols(protocols); sslEngineConfigurator.setWantClientAuth(wantClientAuth); sslEngineConfigurator.setNeedClientAuth(needClientAuth); installFilter(new SSLFilter(sslEngineConfigurator, DUMMY_SSL_ENGINE_CONFIGURATOR)); } }
.ifPresent(auth->sslConf.setWantClientAuth(true)); sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true));
.ifPresent(auth->sslConf.setWantClientAuth(true)); sslProperties.getClientAuth().filter(auth-> auth.toLowerCase().equals("need")) .ifPresent(auth->sslConf.setNeedClientAuth(true)); Maybe.fromOptional(sslProperties.getCiphers()).peek(ciphers->sslConf.setEnabledCipherSuites(ciphers.split(","))) .forEach(c-> sslConf.setCipherConfigured(true));
sslContext.setSecurityProtocol("TLSv1.2"); SSLEngineConfigurator sslEngineConfigurator = new SSLEngineConfigurator(sslContext); sslEngineConfigurator.setNeedClientAuth(true); sslEngineConfigurator.setWantClientAuth(true); sslEngineConfigurator.setEnabledCipherSuites(new String[]{"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA"});
public void startServer() throws TelegramApiRequestException { ResourceConfig rc = new ResourceConfig(); rc.register(restApi); rc.register(JacksonFeature.class); final HttpServer grizzlyServer; if (keystoreServerFile != null && keystoreServerPwd != null) { SSLContextConfigurator sslContext = new SSLContextConfigurator(); // set up security context sslContext.setKeyStoreFile(keystoreServerFile); // contains server keypair sslContext.setKeyStorePass(keystoreServerPwd); grizzlyServer = GrizzlyHttpServerFactory.createHttpServer(getBaseURI(), rc, true, new SSLEngineConfigurator(sslContext).setClientMode(false).setNeedClientAuth(false)); } else { grizzlyServer = GrizzlyHttpServerFactory.createHttpServer(getBaseURI(), rc); } try { grizzlyServer.start(); } catch (IOException e) { throw new TelegramApiRequestException("Error starting webhook server", e); } }