Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@geronimo.apache.org
Message-ID: <20050429185104.91161.qmail@minotaur.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: svn commit: r165331 - in /geronimo/trunk/modules:
 assembly/src/plan/j2ee-server-plan.xml assembly/src/var/security/keystore
 jetty/src/java/org/apache/geronimo/jetty/connector/HTTPSConnector.java
Date: Fri, 29 Apr 2005 18:51:03 -0000
To: scm@geronimo.apache.org
From: jboynes@apache.org

Author: jboynes
Date: Fri Apr 29 11:51:02 2005
New Revision: 165331

URL: http://svn.apache.org/viewcvs?rev=3D165331&view=3Drev
Log:
switch to Jetty SslConnector and start an https listener by default

Added:
    geronimo/trunk/modules/assembly/src/var/security/keystore   (with props)
Modified:
    geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
    geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connect=
or/HTTPSConnector.java

Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan=
/j2ee-server-plan.xml?rev=3D165331&r1=3D165330&r2=3D165331&view=3Ddiff
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml Fri Apr 2=
9 11:51:02 2005
@@ -230,6 +230,18 @@
         <!--        <attribute name=3D"MaxIdleTime">10</attribute>-->
     </gbean>
=20
+    <gbean name=3D"JettySSLConnector" class=3D"org.apache.geronimo.jetty.c=
onnector.HTTPSConnector">
+        <attribute name=3D"port">8443</attribute>
+        <attribute name=3D"keystore">var/security/keystore</attribute>
+        <attribute name=3D"keystoreType">JKS</attribute>
+        <attribute name=3D"password">secret</attribute>
+        <attribute name=3D"keyPassword">secret</attribute>
+        <attribute name=3D"needClientAuth">false</attribute>
+        <attribute name=3D"protocol">TLS</attribute>
+        <reference name=3D"JettyContainer"><name>JettyWebContainer</name><=
/reference>
+        <reference name=3D"ServerInfo"><module>org/apache/geronimo/System<=
/module><name>ServerInfo</name></reference>
+    </gbean>
+
     <!-- EJB Protocol -->
     <gbean gbeanName=3D"openejb:type=3DNetworkService,name=3DEJB" class=3D=
"org.openejb.server.StandardServiceStackGBean">
         <attribute name=3D"name">EJB</attribute>

Added: geronimo/trunk/modules/assembly/src/var/security/keystore
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/var/=
security/keystore?rev=3D165331&view=3Dauto
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
Binary file - no diff available.

Propchange: geronimo/trunk/modules/assembly/src/var/security/keystore
---------------------------------------------------------------------------=
---
    svn:mime-type =3D application/octet-stream

Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/c=
onnector/HTTPSConnector.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/or=
g/apache/geronimo/jetty/connector/HTTPSConnector.java?rev=3D165331&r1=3D165=
330&r2=3D165331&view=3Ddiff
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connect=
or/HTTPSConnector.java (original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/connect=
or/HTTPSConnector.java Fri Apr 29 11:51:02 2005
@@ -17,77 +17,89 @@
=20
 package org.apache.geronimo.jetty.connector;
=20
+import javax.net.ssl.KeyManagerFactory;
+
+import org.mortbay.http.SslListener;
+
 import org.apache.geronimo.gbean.GBeanInfo;
 import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
 import org.apache.geronimo.jetty.JettyContainer;
 import org.apache.geronimo.system.serverinfo.ServerInfo;
-import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
-import org.mortbay.http.SunJsseListener;
=20
 /**
+ * Implementation of a HTTPS connector based on Jetty's SslConnector (whic=
h uses pure JSSE).
+ *
  * @version $Rev$ $Date$
  */
 public class HTTPSConnector extends JettyConnector {
-    private final SunJsseListener https;
+    private final SslListener https;
     private final ServerInfo serverInfo;
     private String keystore;
+    private String algorithm;
=20
     public HTTPSConnector(JettyContainer container, ServerInfo serverInfo)=
 {
-        super(container, new SunJsseListener());
+        super(container, new SslListener());
         this.serverInfo =3D serverInfo;
-        https =3D (SunJsseListener)listener;
+        https =3D (SslListener) listener;
     }
=20
     public String getKeystore() {
+        // this does not delegate to https as it needs to be resolved agai=
nst ServerInfo
         return keystore;
     }
=20
     public void setKeystore(String keystore) {
+        // this does not delegate to https as it needs to be resolved agai=
nst ServerInfo
         this.keystore =3D keystore;
     }
=20
-    public void setKeyPassword(String password) {
-        https.setKeyPassword(password);
+    public String getAlgorithm() {
+        return algorithm;
     }
=20
-    public void setKeystoreProviderClass(String cls) {
-        https.setKeystoreProviderClass(cls);
+    /**
+     * Algorithm to use.
+     * As different JVMs have different implementations available, the def=
ault
+     * algorithm can be used by supplying a null value.
+     *
+     * @param algorithm the algorithm to use, or null to use the default f=
rom {@link javax.net.ssl.KeyManagerFactory#getDefaultAlgorithm()}
+     */
+    public void setAlgorithm(String algorithm) {
+        // cache the value so the null=20
+        this.algorithm =3D algorithm;
+        if (algorithm =3D=3D null) {
+            algorithm =3D KeyManagerFactory.getDefaultAlgorithm();
+        }
+        https.setAlgorithm(algorithm);
     }
=20
-    public String getKeystoreProviderClass() {
-        return https.getKeystoreProviderClass();
+    public void setPassword(String password) {
+        https.setPassword(password);
     }
=20
-    public void setKeystoreProviderName(String cls) {
-        https.setKeystoreProviderName(cls);
+    public void setKeyPassword(String password) {
+        https.setKeyPassword(password);
     }
=20
-    public String getKeystoreProviderName() {
-        return https.getKeystoreProviderName();
+    public String getProtocol() {
+        return https.getProtocol();
     }
=20
-    public void setKeystoreType(String cls) {
-        https.setKeystoreType(cls);
+    public void setProtocol(String protocol) {
+        https.setProtocol(protocol);
     }
=20
     public String getKeystoreType() {
         return https.getKeystoreType();
     }
=20
-    public void setPassword(String password) {
-        https.setPassword(password);
-    }
-
-    public void setUseDefaultTrustStore(boolean use) {
-        https.setUseDefaultTrustStore(use);
+    public void setKeystoreType(String keystoreType) {
+        https.setKeystoreType(keystoreType);
     }
=20
-    public boolean getUseDefaultTrustStore() {
-        return https.getUseDefaultTrustStore();
-    }
-
-    public void setNeedClientAuth(boolean auth) {
-        https.setNeedClientAuth(auth);
+    public void setNeedClientAuth(boolean needClientAuth) {
+        https.setNeedClientAuth(needClientAuth);
     }
=20
     public boolean getNeedClientAuth() {
@@ -104,13 +116,12 @@
     static {
         GBeanInfoBuilder infoFactory =3D new GBeanInfoBuilder("Jetty HTTPS=
 Connector", HTTPSConnector.class, JettyConnector.GBEAN_INFO);
         infoFactory.addAttribute("keystore", String.class, true);
+        infoFactory.addAttribute("algorithm", String.class, true);
         infoFactory.addAttribute("keyPassword", String.class, true);
-        infoFactory.addAttribute("keystoreProviderClass", String.class, tr=
ue);
-        infoFactory.addAttribute("keystoreProviderName", String.class, tru=
e);
         infoFactory.addAttribute("keystoreType", String.class, true);
-        infoFactory.addAttribute("password", String.class, true);
-        infoFactory.addAttribute("useDefaultTrustStore", boolean.class, tr=
ue);
         infoFactory.addAttribute("needClientAuth", boolean.class, true);
+        infoFactory.addAttribute("password", String.class, true);
+        infoFactory.addAttribute("protocol", String.class, true);
         infoFactory.addReference("ServerInfo", ServerInfo.class, NameFacto=
ry.GERONIMO_SERVICE);
         infoFactory.setConstructor(new String[]{"JettyContainer", "ServerI=
nfo"});
         GBEAN_INFO =3D infoFactory.getBeanInfo();