tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cos...@locus.apache.org
Subject cvs commit: jakarta-tomcat/src/share/org/apache/tomcat/startup EmbededTomcat.java
Date Wed, 14 Jun 2000 19:07:24 GMT
costin      00/06/14 12:07:24

  Modified:    .        build.xml
               src/etc  server.xml tomcat.policy
               src/share/org/apache/tomcat/net ServerSocketFactory.java
               src/share/org/apache/tomcat/service PoolTcpEndpoint.java
               src/share/org/apache/tomcat/startup EmbededTomcat.java
  Added:       src/share/org/apache/tomcat/net SSLSocketFactory.java
  Removed:     src/etc  server2.xml
  Log:
  - Finally, SSL support for standalone tomcat ( still need to extract the certificates
   and do mutual auth, but basic SSL works )
  
  - conditional compilation - started to add back support for 1.1 compiler
  
  - removed policy config from server.xml. The webapps will have a codebase== docRoot,
  and you can use that in the normal tomcat.policy. It is too much to try to document
  and support a different policy file format.
  
  - comments, clean up server.xml
  
  - build.xml - added back the j2ee target to compile the j2ee integration code.
  
  Revision  Changes    Path
  1.49      +27 -1     jakarta-tomcat/build.xml
  
  Index: build.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/build.xml,v
  retrieving revision 1.48
  retrieving revision 1.49
  diff -u -r1.48 -r1.49
  --- build.xml	2000/05/03 12:28:30	1.48
  +++ build.xml	2000/06/14 19:07:12	1.49
  @@ -8,6 +8,7 @@
       <property name="servlet.jar" value="../jakarta-servletapi/lib/servlet.jar"/>
       <property name="tomcat.build" value="../build/tomcat"/>
       <property name="tomcat.home" value="../dist/tomcat"/>
  +    <property name="j2ee.home" value="../../j2ee/build/unix"/>
     </target>
   
     <!-- ==================== Copy static files ==================== -->
  @@ -54,11 +55,36 @@
   
     <!-- ==================== Build tomcat ==================== -->
     <target name="tomcat" depends="prepare">
  +    <available property="jsse.present" 
  +               classname="com.sun.net.ssl.internal.ssl.Provider" />
  +    <available property="jdk12.present"
  +               classname="java.security.PrivilegedAction" />
  +
       <javac srcdir="src/share" destdir="${tomcat.build}/classes"
  -           classpath="${servlet.jar}" debug="on" excludes="javax/**"/>
  +           classpath="${servlet.jar}" 
  +           debug="on" 
  +           deprecation="off" >
  +           <exclude name="**/Jdk12Interceptor.java" 
  +                    unless="jdk12.present"/>
  +           <exclude name="**/SSLSocketFactory.java"
  +                    unless="jsse.present" />
  +     </javac>
       <copydir src="src/share" dest="${tomcat.build}/classes"
                excludes="javax/**">
         <include name="**/*.properties" />
  +    </copydir>
  +  </target>
  +
  +
  +  <!-- Build J2EE integration code -->
  +  <target name="j2ee" depends="tomcat">
  +      <javac srcdir="src/j2ee" 
  +          destdir="${tomcat.build}/classes"
  +          classpath="${servlet.jar};${j2ee.home}/lib/classes;${j2ee.home}/lib/j2ee.jar"

  +          debug="on" />
  +   <copydir src="src/j2ee" 
  +            dest="${tomcat.build}/classes">
  +        <include name="**/*.properties" />
       </copydir>
     </target>
   
  
  
  
  1.22      +137 -64   jakarta-tomcat/src/etc/server.xml
  
  Index: server.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/etc/server.xml,v
  retrieving revision 1.21
  retrieving revision 1.22
  diff -u -r1.21 -r1.22
  --- server.xml	2000/06/11 18:23:41	1.21
  +++ server.xml	2000/06/14 19:07:17	1.22
  @@ -17,12 +17,12 @@
   	    WARNING 
               INFORMATION
               DEBUG
  -         -->
  +    -->
   
  +    <!-- if you don't want messages on screen, add
  +         path="logs/tomcat.log" -->
       <Logger name="tc_log" 
               customOutput="yes" />
  -     <!-- add this back if you don't want messages on screen 
  -         path="logs/tomcat.log" -->
   
       <Logger name="servlet_log" 
               path="logs/servlet.log"
  @@ -32,97 +32,170 @@
   	    path="logs/jasper.log"
               verbosityLevel = "INFORMATION" />
   
  -    <!-- Add "home" attribute if you want tomcat to be based on a different directory
  -         "home" is used to create work and to read webapps, but not for libs or CLASSPATH.
  -         Note that TOMCAT_HOME is where tomcat is installed, while ContextManager home
is the
  -         base directory for contexts, webapps/ and work/
  +    <!-- You can add a "home" attribute to represent the "base" for 
  +         all relative paths. If none is set, the TOMCAT_HOME property
  +         will be used, and if not set "." will be used.
  +         webapps/, work/ and log/ will be relative to this ( unless 
  +         set explicitely to absolute paths )
         -->
       <ContextManager debug="0" workDir="work" >
  -        <!-- ContextInterceptor className="org.apache.tomcat.context.LogEvents" / -->
  +        <!-- 
  +         ContextInterceptor className="org.apache.tomcat.context.LogEvents" 
  +         -->
  +        
           <ContextInterceptor className="org.apache.tomcat.context.AutoSetup" />
  -        <ContextInterceptor className="org.apache.tomcat.context.PolicyInterceptor"
/>
  -        <ContextInterceptor className="org.apache.tomcat.context.LoaderInterceptor"
/>
  -        <ContextInterceptor className="org.apache.tomcat.context.DefaultCMSetter" />
  -        <ContextInterceptor className="org.apache.tomcat.context.WorkDirInterceptor"
/>
  -        <ContextInterceptor className="org.apache.tomcat.context.WebXmlReader" />
  -        <ContextInterceptor className="org.apache.tomcat.context.LoadOnStartupInterceptor"
/>
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.PolicyInterceptor" />
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.LoaderInterceptor" />
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.DefaultCMSetter" />
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.WorkDirInterceptor" />
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.WebXmlReader" />
  +        <ContextInterceptor 
  +            className="org.apache.tomcat.context.LoadOnStartupInterceptor" />
  +
           <!-- Request processing -->
           <!-- Session interceptor will extract the session id from cookies and 
  -             deal with URL rewriting. It has to be first to support rewriting ( otherwise
  -             the mapper will have to know about sessions 
  +             deal with URL rewriting ( by fixing the URL )
             -->
  -        <RequestInterceptor className="org.apache.tomcat.request.SessionInterceptor"
/>
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.request.SessionInterceptor" />
   
  -        <!-- Find the container ( context and prefix/extension map ) for a request.
  -             For "integrated" mode it can be avoided, assuming we get all the info from
  -             the server.
  +        <!-- Find the container ( context and prefix/extension map ) 
  +             for a request.
             -->
  -        <RequestInterceptor className="org.apache.tomcat.request.SimpleMapper1" debug="0"
/>
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.request.SimpleMapper1" 
  +            debug="0" />
   
  -        <!-- Plug a session manager. This should be per-context ( easy to do, but nobody
asked
  -             for it yet )
  +        <!-- Plug a session manager. You can plug in more advanced session
  +             modules.
             -->
  -        <RequestInterceptor className="org.apache.tomcat.session.StandardSessionInterceptor"
/>
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.session.StandardSessionInterceptor" />
   
  -        <!-- Check if the request requires an authenticated role  -->
  -        <RequestInterceptor className="org.apache.tomcat.request.AccessInterceptor"
debug="0" />
  -
  -        <!-- Check permissions using a simple xml file  -->
  -        <RequestInterceptor className="org.apache.tomcat.request.SimpleRealm" debug="0"
/>
  -
  -		<!-- UnComment one of the following and comment out the above to get a JDBC realm
-->
  +        <!-- Check if the request requires an authenticated role.
  +          -->
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.request.AccessInterceptor" 
  +            debug="0" />
   
  -		<!--
  -		     <RequestInterceptor className="org.apache.tomcat.request.JDBCRealm" debug="99"

  -		        driverName="sun.jdbc.odbc.JdbcOdbcDriver" 
  -		        connectionURL="jdbc:odbc:TOMCAT" 
  -		        userTable="users" userNameCol="user_name" userCredCol="user_pass" 
  -		        userRoleTable="user_roles" roleNameCol="role_name"/>
  +        <!-- Check permissions using the simple xml file. You can 
  +             plug more advanced authentication modules.
  +          -->
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.request.SimpleRealm" 
  +            debug="0" />
  +
  +       <!-- UnComment the following and comment out the
  +            above to get a JDBC realm.
  +            Other options for driverName: 
  +              driverName="oracle.jdbc.driver.OracleDriver"
  +              connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
  +                              "?user=scott;password=tiger"  
   
  -        
  -             <RequestInterceptor className="org.apache.tomcat.request.JDBCRealm" debug="99"
  -                driverName="oracle.jdbc.driver.OracleDriver"
  -                connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL?user=scott;password=tiger"
  -                userTable="users" userNameCol="user_name" userCredCol="user_pass"
  -                userRoleTable="user_roles" roleNameCol="role_name" />
  -        
  -             <RequestInterceptor className="org.apache.tomcat.realm.JDBCRealm" debug="99"
                 driverName="org.gjt.mm.mysql.Driver"
  -              connectionURL="jdbc:mysql://localhost/authority?user=test;password=test"
  -              userTable="users" userNameCol="user_name" userCredCol="user_pass"
  -              userRoleTable="user_roles" roleNameCol="role_name" />
  +              connectionURL="jdbc:mysql://localhost/authority"
  +                            "?user=test;password=test"
   
           -->
  +        <!--
  +        <RequestInterceptor 
  +            className="org.apache.tomcat.request.JDBCRealm" 
  +            debug="99" 
  +	    driverName="sun.jdbc.odbc.JdbcOdbcDriver" 
  +	    connectionURL="jdbc:odbc:TOMCAT" 
  +	    userTable="users" 
  +            userNameCol="user_name" 
  +            userCredCol="user_pass" 
  +	    userRoleTable="user_roles" 
  +            roleNameCol="role_name" />
  +        -->
  +
  +      <!-- ==================== Connectors ==================== -->
  +
  +        <!-- Normal HTTP -->
  +        <Connector className="org.apache.tomcat.service.PoolTcpConnector">
  +            <Parameter name="handler" 
  +                value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
  +            <Parameter name="port" 
  +                value="8080"/>
  +        </Connector>
   
  +        <!--
  +            Uncomment this for SSL support. 
  +            You _need_ to set up a server certificate if you want this
  +            to work, and you need JSSE.
  +            1. Add JSSE jars to CLASSPATH 
  +            2. Edit java.home/jre/lib/security/java.security
  +               Add:
  +               security.provider.2=com.sun.net.ssl.internal.ssl.Provider
  +            3. Do: keytool -genkey -alias tomcat -keyalg RSA
  +               RSA is essential to work with Netscape and IIS.
  +               Use "changeit" as password. ( or add keypass attribute )
  +               You don't need to sign the certificate.
  + 
  +            You can set parameter keystore and keypass if you want 
  +            to change the default ( user.home/.keystore with changeit )
  +         -->
  +        
           <Connector className="org.apache.tomcat.service.PoolTcpConnector">
  -            <Parameter name="handler" value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
  -            <Parameter name="port" value="8080"/>
  +            <Parameter name="handler" 
  +                value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
  +            <Parameter name="port" 
  +                value="8443"/>
  +            <Parameter name="socketFactory" 
  +                value="org.apache.tomcat.net.SSLSocketFactory" />
           </Connector>
   
  +        <!-- Apache AJP12 support. This is also used to shut down tomcat.
  +          -->
           <Connector className="org.apache.tomcat.service.PoolTcpConnector">
  -            <Parameter name="handler" value="org.apache.tomcat.service.connector.Ajp12ConnectionHandler"/>
  +            <Parameter name="handler" 
  +       value="org.apache.tomcat.service.connector.Ajp12ConnectionHandler"/>
               <Parameter name="port" value="8007"/>
           </Connector>
   
  -        <!-- example - how to override AutoSetup actions -->
  -        <Context path="/examples" docBase="webapps/examples" debug="0" reloadable="true"
> 
  -        </Context>
  -        <!-- example - how to override AutoSetup actions -->
  -        <Context path="" docBase="webapps/ROOT" debug="0" reloadable="true" > 
  -        </Context>
  +        <!-- ==================== Special webapps ==================== -->
  +        <!-- You don't need this if you place your app in webapps/
  +             and use defaults. 
  +             For security you'll also need to edit tomcat.policy
  +
  +             Defaults are: debug=0, reloadable=true, trusted=false
  +             (trusted allows you to access tomcat internal objects 
  +              with FacadeManager )
  + 
  +             If security manager is enabled, you'll have read perms.
  +             in the webapps dir and read/write in the workdir.
  +         -->
   
  -        <Context path="/test" docBase="webapps/test" debug="0" reloadable="true" >

  +        <Context path="/examples" 
  +                 docBase="webapps/examples" 
  +                 debug="0" 
  +                 reloadable="true" > 
           </Context>
   
  -        <Context path="/admin" docBase="webapps/admin" debug="0" reloadable="true" trusted="true"
> 
  +        <Context path="/admin" 
  +                 docBase="webapps/admin" 
  +                 debug="0" 
  +                 reloadable="true" 
  +                 trusted="true" > 
           </Context>
   
  -        <!-- Virtual host example - just use numeric IP instead of localhost
  -             and you should see /examples as the root context and root as examples.
  -             Same docBase is used, just different mappings :-)        -->
  +        <!-- Virtual host example - 
  +             In "127.0.0.1" virtual host we'll reverse "/" and 
  +             "/examples"
  +             (XXX need a better example )
  +             (use  "http://127.0.0.1/examples" )
  +         -->
           <Host name="127.0.0.1" >
  -           <Context path="" docBase="webapps/examples" />
  -           <Context path="/examples" docBase="webapps/ROOT" />
  +           <Context path="" 
  +                    docBase="webapps/examples" />
  +           <Context path="/examples" 
  +                    docBase="webapps/ROOT" />
           </Host>
   
       </ContextManager>
  
  
  
  1.3       +8 -0      jakarta-tomcat/src/etc/tomcat.policy
  
  Index: tomcat.policy
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/etc/tomcat.policy,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- tomcat.policy	2000/05/26 23:06:32	1.2
  +++ tomcat.policy	2000/06/14 19:07:17	1.3
  @@ -13,6 +13,14 @@
   	permission java.security.AllPermission;
   };
   
  +// Example webapp policy 
  +// By default we grant read access on webapp dir and
  +// write in workdir
  +grant codeBase "file:${tomcat.home}/webapps/examples" {
  +      permission java.net.SocketPermission "localhost:1024-" "listen";
  +      permission java.util.PropertyPermission "*", "read";
  +}
  +
   // default permissions granted to all domains
   
   grant { 
  
  
  
  1.4       +6 -3      jakarta-tomcat/src/share/org/apache/tomcat/net/ServerSocketFactory.java
  
  Index: ServerSocketFactory.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/net/ServerSocketFactory.java,v
  retrieving revision 1.3
  retrieving revision 1.4
  diff -u -r1.3 -r1.4
  --- ServerSocketFactory.java	2000/06/03 06:35:22	1.3
  +++ ServerSocketFactory.java	2000/06/14 19:07:19	1.4
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/net/ServerSocketFactory.java,v
1.3 2000/06/03 06:35:22 costin Exp $
  - * $Revision: 1.3 $
  - * $Date: 2000/06/03 06:35:22 $
  + * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/net/ServerSocketFactory.java,v
1.4 2000/06/14 19:07:19 costin Exp $
  + * $Revision: 1.4 $
  + * $Date: 2000/06/14 19:07:19 $
    *
    * ====================================================================
    *
  @@ -201,5 +201,8 @@
       public abstract ServerSocket createSocket (int port,
           int backlog, InetAddress ifAddress)
       throws IOException, InstantiationException;
  +
  +    public void initSocket( Socket s ) {
  +    }
   }
   
  
  
  
  1.1                  jakarta-tomcat/src/share/org/apache/tomcat/net/SSLSocketFactory.java
  
  Index: SSLSocketFactory.java
  ===================================================================
  /*
   * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/net/SSLSocketFactory.java,v
1.1 2000/06/14 19:07:19 costin Exp $
   * $Revision: 1.1 $
   * $Date: 2000/06/14 19:07:19 $
   *
   * ====================================================================
   *
   * The Apache Software License, Version 1.1
   *
   * Copyright (c) 1999 The Apache Software Foundation.  All rights 
   * reserved.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
   * are met:
   *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer. 
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution, if
   *    any, must include the following acknowlegement:  
   *       "This product includes software developed by the 
   *        Apache Software Foundation (http://www.apache.org/)."
   *    Alternately, this acknowlegement may appear in the software itself,
   *    if and wherever such third-party acknowlegements normally appear.
   *
   * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
   *    Foundation" must not be used to endorse or promote products derived
   *    from this software without prior written permission. For written 
   *    permission, please contact apache@apache.org.
   *
   * 5. Products derived from this software may not be called "Apache"
   *    nor may "Apache" appear in their names without prior written
   *    permission of the Apache Group.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
   * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
   * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Apache Software Foundation.  For more
   * information on the Apache Software Foundation, please see
   * <http://www.apache.org/>.
   *
   * [Additional notices, if required by prior licensing conditions]
   *
   */ 
  package org.apache.tomcat.net;
  
  import java.io.*;
  import java.net.*;
  
  import java.security.KeyStore;
  
  import java.security.Security;
  import javax.net.ServerSocketFactory;
  import javax.net.ssl.SSLServerSocket;
  import javax.net.ssl.SSLSocket;
  import javax.net.ssl.SSLServerSocketFactory;
  import javax.net.ssl.HandshakeCompletedListener;
  import javax.net.ssl.HandshakeCompletedEvent;
  
  /*
    1. Add Jsse's jars into jre/lib/ext
    2. Edit java.security, add
         security.provider.2=com.sun.net.ssl.internal.ssl.Provider
    3. keytool -genkey -alias tomcat -keyalg RSA
       Use "changeit" as password ( this is the default we use )
   */
  
  /**
   * SSL server socket factory. It _requires_ a valid RSA key and
   * JSSE. 
   *
   * @author Harish Prabandham
   * @author Costin Manolache
   */
  public class SSLSocketFactory
      extends org.apache.tomcat.net.ServerSocketFactory
  {
      private boolean clientAuth = false;
      private SSLServerSocketFactory sslProxy = null;
      
      // defaults
      static String defaultKeystoreFile=System.getProperty("user.home") +
  	"/.keystore";
      static String defaultKeyPass="changeit";
  
      
      public SSLSocketFactory () {
      }
  
      public ServerSocket createSocket (int port)
  	throws IOException
      {
  	if( sslProxy == null ) initProxy();
  	ServerSocket socket = 
  	    sslProxy.createServerSocket(port);
  	initServerSocket(socket);
  	return socket;
      }
      
      public ServerSocket createSocket (int port, int backlog)
  	throws IOException
      {
  	if( sslProxy == null ) initProxy();
  	ServerSocket socket = 
  	    sslProxy.createServerSocket(port, backlog);
  	initServerSocket(socket);
  	return socket;
      }
      
      public ServerSocket createSocket (int port, int backlog,
  				      InetAddress ifAddress)
  	throws IOException
      {	
  	if( sslProxy == null ) initProxy();
  	ServerSocket socket = 
  	    sslProxy.createServerSocket(port, backlog, ifAddress);
  	initServerSocket(socket);
  	return socket;
      }
      
      
      // -------------------- Internal methods
      /** Read the keystore, init the SSL socket factory
       */
      private void initProxy() throws IOException {
  	try {
  	    /** You should have this in java.security, but
  		can't hurt to double check
  	    */
  	    Security.addProvider (new sun.security.provider.Sun());
  	    Security.addProvider (new com.sun.net.ssl.internal.ssl.Provider());
  
  	    String keystoreFile=(String)attributes.get("keystore");
  	    if( keystoreFile==null) keystoreFile=defaultKeystoreFile;
  
  	    String keyPass=(String)attributes.get("keypass");
  	    if( keyPass==null) keyPass=defaultKeyPass;
  	    
  	    // You can't use ssl without a server certificate.
  	    // Create a KeyStore ( to get server certs )
  	    KeyStore kstore = initKeyStore( keystoreFile, keyPass );
  	    
  	    // Create a SSLContext ( to create the ssl factory )
  	    // This is the only way to use server sockets with JSSE 1.0.1
  	    com.sun.net.ssl.SSLContext context = 
  		com.sun.net.ssl.SSLContext.getInstance("TLS"); //SSL
  
  	    // Key manager will extract the server key
  	    com.sun.net.ssl.KeyManagerFactory kmf = 
  		com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
  	    kmf.init( kstore, keyPass.toCharArray());
  
  	    // XXX I don't know if this is needed
  //  	    com.sun.net.ssl.TrustManagerFactory tmf = 
  //  		com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509");
  // 		tmf.init(kstore);
  
  	    // init context with the key managers
  	    context.init(kmf.getKeyManagers(), null, null);
  
  	    // create proxy
  	    sslProxy = context.getServerSocketFactory();
  
  	    return;
  	} catch(Exception e) {
  	    e.printStackTrace();
  	    if( e instanceof IOException )
  		throw (IOException)e;
  	    throw new IOException(e.getMessage());
  	}
      }
  
      /** Set server socket properties ( accepted cipher suites, etc)
       */
      private void initServerSocket(ServerSocket ssocket) {
  	SSLServerSocket socket=(SSLServerSocket)ssocket;
  
  	// We enable all cipher suites when the socket is
  	// connected - XXX make this configurable 
  	String cipherSuites[] = socket.getSupportedCipherSuites();
  	socket.setEnabledCipherSuites(cipherSuites);
  
  	// we don't know if client auth is needed -
  	// after parsing the request we may re-handshake
  	socket.setNeedClientAuth(false);
      }
  
      private KeyStore initKeyStore( String keystoreFile,
  				   String keyPass)
  	throws IOException
      {
  	InputStream istream = null;
  	try {
  	    KeyStore kstore=KeyStore.getInstance( "JKS" );
  	    istream = new FileInputStream(keystoreFile);
  	    kstore.load(istream, keyPass.toCharArray());
  	    return kstore;
  	} catch(Exception ex) {
  	    ex.printStackTrace();
  	    throw new IOException( "Can't load server certificate" );
  	}
      }
  }
  
  
  
  1.7       +6 -5      jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpEndpoint.java
  
  Index: PoolTcpEndpoint.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpEndpoint.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- PoolTcpEndpoint.java	2000/05/31 20:58:37	1.6
  +++ PoolTcpEndpoint.java	2000/06/14 19:07:21	1.7
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpEndpoint.java,v
1.6 2000/05/31 20:58:37 costin Exp $
  - * $Revision: 1.6 $
  - * $Date: 2000/05/31 20:58:37 $
  + * $Header: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpEndpoint.java,v
1.7 2000/06/14 19:07:21 costin Exp $
  + * $Revision: 1.7 $
  + * $Date: 2000/06/14 19:07:21 $
    *
    * ====================================================================
    *
  @@ -279,8 +279,11 @@
           		            accepted = null;
           		        }
       		        }
  +			if( factory != null && accepted != null)
  +			    factory.initSocket( accepted );
       	        }
       	    }
  +	    
       	} catch(InterruptedIOException iioe) {
       	    // normal part -- should happen regularly so
       	    // that the endpoint can release if the server
  @@ -365,10 +368,8 @@
   	// Create per-thread cache
   	while(endpoint.running) {
   	    Socket s = endpoint.acceptSocket();
  -
   	    if(null != s) {
   		// Continue accepting on another thread...
  -		
   		endpoint.tp.runIt(this);
   		
   		try {
  
  
  
  1.2       +54 -16    jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java
  
  Index: EmbededTomcat.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- EmbededTomcat.java	2000/06/13 00:35:10	1.1
  +++ EmbededTomcat.java	2000/06/14 19:07:23	1.2
  @@ -40,7 +40,11 @@
       // null == not set up
       Vector requestInt=null;
       Vector contextInt=null;
  -
  +    /** Right now we assume all web apps use the same
  +	servlet API version. This will change after we
  +	finish the FacadeManager implementation
  +    */
  +    FacadeManager facadeM=null;
       Vector connectors=new Vector();
   
       String workDir;
  @@ -151,7 +155,7 @@
   	    // XXX if virtual host set it.
   	    ctx.setDocBase( docRoot.getFile());
   	    contextM.addContext( ctx );
  -	    contextM.initContext( ctx );
  +	    if( facadeM == null ) facadeM=ctx.getFacadeManager();
   	    return ctx.getFacade();
   	} catch( Exception ex ) {
   	    ex.printStackTrace();
  @@ -161,9 +165,18 @@
   
       /** Remove a context
        */
  -    public void removeContext( ServletContext ctx ) {
  -	if(debug>-1) log( "remove context " + ctx );
  -
  +    public void removeContext( ServletContext sctx ) {
  +	if(debug>-1) log( "remove context " + sctx );
  +	try {
  +	    if( facadeM==null ) {
  +		System.out.println("XXX ERROR: no facade manager");
  +		return;
  +	    }
  +	    Context ctx=facadeM.getRealContext( sctx );
  +	    contextM.initContext( ctx );
  +	} catch( Exception ex ) {
  +	    ex.printStackTrace();
  +	}
   	// XXX todo
   	// XXX Make sure we remove the HttpSecurityHandler:
   	// 	HttpSecurityHandler.removeInstance(ctx);	
  @@ -174,21 +187,41 @@
   	to the context.
       */
       public void addClassPath( ServletContext ctx, String cpath ) {
  -	if(debug>-1) log( "addClassPath " + ctx.getRealPath("") + " " + cpath );
  -	// XXX todo
  -	//  	Context ctx=contextM.getContext(ctxPath);
  -	//  	ServletLoader loader=ctx.getServletLoader();
  -	// 	loader.addRepository( new File( cpath ),
  -	//              ctx.getProtectionDomain() );
  +	if(debug>-1) log( "addClassPath " + ctx.getRealPath("") + " " +
  +			  cpath );
  +	// XXX This functionality can be achieved by setting it in the parent
  +	// class loader ( i.e. the loader that is used to load tomcat ).
  +
  +	// It shouldn't be needed if the web app is self-contained,
       }
   
  +    /** Find the context mounted at /cpath.
  +	Right now virtual hosts are not supported in
  +	embeded tomcat.
  +    */
       public ServletContext getServletContext( String host,
   					     String cpath )
       {
  -	return null;
  +	// We don't support virtual hosts in embeded tomcat
  +	// ( it's not difficult, but can be done later )
  +	Context ctx=contextM.getContext( cpath );
  +	if( ctx==null ) return null;
  +	return ctx.getFacade();
       }
  -    public void initContext( ServletContext ctx ) {
  -	
  +
  +    /** This will make the context available.
  +     */
  +    public void initContext( ServletContext sctx ) {
  +	try {
  +	    if( facadeM==null ) {
  +		System.out.println("XXX ERROR: no facade manager");
  +		return;
  +	    }
  +	    Context ctx=facadeM.getRealContext( sctx );
  +	    contextM.initContext( ctx );
  +	} catch( Exception ex ) {
  +	    ex.printStackTrace();
  +	}
       }
   
       public void destroyContext( ServletContext ctx ) {
  @@ -307,8 +340,13 @@
   	try {
   	    EmbededTomcat tc=new EmbededTomcat();
   	    tc.setWorkDir( "/home/costin/src/jakarta/build/tomcat/work");
  -	    tc.addContext("", new URL( "file:/home/costin/src/jakarta/build/tomcat/webapps/ROOT"));
  -	    tc.addContext("/examples", new URL( "file:/home/costin/src/jakarta/build/tomcat/webapps/examples"));
  +	    ServletContext sctx;
  +	    sctx=tc.addContext("", new URL
  +		( "file:/home/costin/src/jakarta/build/tomcat/webapps/ROOT"));
  +	    tc.initContext( sctx );
  +	    sctx=tc.addContext("/examples", new URL
  +		("file:/home/costin/src/jakarta/build/tomcat/webapps/examples"));
  +	    tc.initContext( sctx );
   	    tc.addEndpoint( 8080, null, null);
   	    tc.start();
   	} catch (Throwable t ) {
  
  
  

Mime
View raw message