tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ma...@apache.org
Subject svn commit: r992363 - in /tomcat/tc5.5.x/trunk: ./ connectors/http11/src/java/org/apache/coyote/http11/ container/catalina/src/share/org/apache/catalina/connector/ container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ container/webapps/admin...
Date Fri, 03 Sep 2010 16:40:16 GMT
Author: markt
Date: Fri Sep  3 16:40:16 2010
New Revision: 992363

URL: http://svn.apache.org/viewvc?rev=992363&view=rev
Log:
Add SSL with APR support to the admin app

Modified:
    tomcat/tc5.5.x/trunk/STATUS.txt
    tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Http11AprProtocol.java
    tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/connector/mbeans-descriptors.xml
    tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources.properties
    tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/AddConnectorAction.java
    tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/ConnectorForm.java
    tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/EditConnectorAction.java
    tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/SaveConnectorAction.java
    tomcat/tc5.5.x/trunk/container/webapps/admin/connector/connector.jsp
    tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml

Modified: tomcat/tc5.5.x/trunk/STATUS.txt
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/STATUS.txt?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/STATUS.txt (original)
+++ tomcat/tc5.5.x/trunk/STATUS.txt Fri Sep  3 16:40:16 2010
@@ -88,10 +88,3 @@ PATCHES PROPOSED TO BACKPORT:
      and thus I am letting this pass. The SingleSignOn valve is usually added to
      a <Host> (looking at the default server.xml), so we have to call
      request.getContext() to get a Context there?
-
-* Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=49774
-  Add SSL support using the APR connector to the admin app
-  https://issues.apache.org/bugzilla/attachment.cgi?id=25954
-  +1: markt, jim, mturk
-  -1:
-

Modified: tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Http11AprProtocol.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Http11AprProtocol.java?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Http11AprProtocol.java
(original)
+++ tomcat/tc5.5.x/trunk/connectors/http11/src/java/org/apache/coyote/http11/Http11AprProtocol.java
Fri Sep  3 16:40:16 2010
@@ -498,14 +498,20 @@ public class Http11AprProtocol implement
      * SSL engine.
      */
     public String getSSLEngine() { return ep.getSSLEngine(); }
-    public void setSSLEngine(String SSLEngine) { ep.setSSLEngine(SSLEngine); }
+    public void setSSLEngine(String SSLEngine) {
+        ep.setSSLEngine(SSLEngine);
+        setAttribute("SSLEngine", SSLEngine);
+    }
 
 
     /**
      * SSL protocol.
      */
     public String getSSLProtocol() { return ep.getSSLProtocol(); }
-    public void setSSLProtocol(String SSLProtocol) { ep.setSSLProtocol(SSLProtocol); }
+    public void setSSLProtocol(String SSLProtocol) {
+        ep.setSSLProtocol(SSLProtocol);
+        setAttribute("SSLProtocol", SSLProtocol);
+    }
 
 
     /**
@@ -513,77 +519,110 @@ public class Http11AprProtocol implement
      * will ask for a password).
      */
     public String getSSLPassword() { return ep.getSSLPassword(); }
-    public void setSSLPassword(String SSLPassword) { ep.setSSLPassword(SSLPassword); }
+    public void setSSLPassword(String SSLPassword) {
+        ep.setSSLPassword(SSLPassword);
+        setAttribute("SSLPassword", SSLPassword);
+    }
 
 
     /**
      * SSL cipher suite.
      */
     public String getSSLCipherSuite() { return ep.getSSLCipherSuite(); }
-    public void setSSLCipherSuite(String SSLCipherSuite) { ep.setSSLCipherSuite(SSLCipherSuite);
}
+    public void setSSLCipherSuite(String SSLCipherSuite) {
+        ep.setSSLCipherSuite(SSLCipherSuite);
+        setAttribute("SSLCipherSuite", SSLCipherSuite);
+    }
 
 
     /**
      * SSL certificate file.
      */
     public String getSSLCertificateFile() { return ep.getSSLCertificateFile(); }
-    public void setSSLCertificateFile(String SSLCertificateFile) { ep.setSSLCertificateFile(SSLCertificateFile);
}
+    public void setSSLCertificateFile(String SSLCertificateFile) {
+        ep.setSSLCertificateFile(SSLCertificateFile);
+        setAttribute("SSLCertificateFile", SSLCertificateFile);
+    }
 
 
     /**
      * SSL certificate key file.
      */
     public String getSSLCertificateKeyFile() { return ep.getSSLCertificateKeyFile(); }
-    public void setSSLCertificateKeyFile(String SSLCertificateKeyFile) { ep.setSSLCertificateKeyFile(SSLCertificateKeyFile);
}
+    public void setSSLCertificateKeyFile(String SSLCertificateKeyFile) {
+        ep.setSSLCertificateKeyFile(SSLCertificateKeyFile);
+        setAttribute("SSLCertificateKeyFile", SSLCertificateKeyFile);
+    }
 
 
     /**
      * SSL certificate chain file.
      */
     public String getSSLCertificateChainFile() { return ep.getSSLCertificateChainFile();
}
-    public void setSSLCertificateChainFile(String SSLCertificateChainFile) { ep.setSSLCertificateChainFile(SSLCertificateChainFile);
}
+    public void setSSLCertificateChainFile(String SSLCertificateChainFile) {
+        ep.setSSLCertificateChainFile(SSLCertificateChainFile);
+        setAttribute("SSLCertificateChainFile", SSLCertificateChainFile);
+    }
 
 
     /**
      * SSL CA certificate path.
      */
     public String getSSLCACertificatePath() { return ep.getSSLCACertificatePath(); }
-    public void setSSLCACertificatePath(String SSLCACertificatePath) { ep.setSSLCACertificatePath(SSLCACertificatePath);
}
+    public void setSSLCACertificatePath(String SSLCACertificatePath) {
+        ep.setSSLCACertificatePath(SSLCACertificatePath);
+        setAttribute("SSLCACertificatePath", SSLCACertificatePath);
+    }
 
 
     /**
      * SSL CA certificate file.
      */
     public String getSSLCACertificateFile() { return ep.getSSLCACertificateFile(); }
-    public void setSSLCACertificateFile(String SSLCACertificateFile) { ep.setSSLCACertificateFile(SSLCACertificateFile);
}
+    public void setSSLCACertificateFile(String SSLCACertificateFile) {
+        ep.setSSLCACertificateFile(SSLCACertificateFile);
+        setAttribute("SSLCACertificateFile", SSLCACertificateFile);
+    }
 
 
     /**
      * SSL CA revocation path.
      */
     public String getSSLCARevocationPath() { return ep.getSSLCARevocationPath(); }
-    public void setSSLCARevocationPath(String SSLCARevocationPath) { ep.setSSLCARevocationPath(SSLCARevocationPath);
}
+    public void setSSLCARevocationPath(String SSLCARevocationPath) {
+        ep.setSSLCARevocationPath(SSLCARevocationPath);
+        setAttribute("SSLCARevocationPath", SSLCARevocationPath);
+    }
 
 
     /**
      * SSL CA revocation file.
      */
     public String getSSLCARevocationFile() { return ep.getSSLCARevocationFile(); }
-    public void setSSLCARevocationFile(String SSLCARevocationFile) { ep.setSSLCARevocationFile(SSLCARevocationFile);
}
+    public void setSSLCARevocationFile(String SSLCARevocationFile) {
+        ep.setSSLCARevocationFile(SSLCARevocationFile);
+        setAttribute("SSLCARevocationFile", SSLCARevocationFile);
+    }
 
 
     /**
      * SSL verify client.
      */
     public String getSSLVerifyClient() { return ep.getSSLVerifyClient(); }
-    public void setSSLVerifyClient(String SSLVerifyClient) { ep.setSSLVerifyClient(SSLVerifyClient);
}
+    public void setSSLVerifyClient(String SSLVerifyClient) {
+        ep.setSSLVerifyClient(SSLVerifyClient);
+        setAttribute("SSLVerifyClient", SSLVerifyClient);
+    }
 
 
     /**
      * SSL verify depth.
      */
     public int getSSLVerifyDepth() { return ep.getSSLVerifyDepth(); }
-    public void setSSLVerifyDepth(int SSLVerifyDepth) { ep.setSSLVerifyDepth(SSLVerifyDepth);
}
+    public void setSSLVerifyDepth(int SSLVerifyDepth) {
+        ep.setSSLVerifyDepth(SSLVerifyDepth);
+        setAttribute("SSLVerifyDepth", "" + SSLVerifyDepth);
+    }
 
     // --------------------  Connection handler --------------------
 

Modified: tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/connector/mbeans-descriptors.xml
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/connector/mbeans-descriptors.xml?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/connector/mbeans-descriptors.xml
(original)
+++ tomcat/tc5.5.x/trunk/container/catalina/src/share/org/apache/catalina/connector/mbeans-descriptors.xml
Fri Sep  3 16:40:16 2010
@@ -171,6 +171,58 @@
           description="Comma-separated list of SSL protocol variants to be enabled"
                  type="java.lang.String"/>
 
+    <attribute   name="SSLEngine"
+          description="Name of SSL engine to use"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLProtocol"
+          description="Protocol to use to communicate with clients"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCipherSuite"
+          description="Ciphers to use to communicate with clients"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCertificateFile"
+          description="File containing server certificate"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCertificateKeyFile"
+          description="File containing server private key"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLPassword"
+          description="Pass phrase for the server private key"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLVerifyClient"
+          description="Extend to which clients must be validated"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLVerifyDepth"
+          description="Maximum verification depth for client certificates"
+                 type="int"/>
+
+    <attribute   name="SSLCACertificateFile"
+          description="File containing CA certificates"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCACertificatePath"
+          description="Directory containing CA certificates"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCertificateChainFile"
+          description="File containing certificates in server certificate chain"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCARevocationFile"
+          description="File containing CA revocation lists"
+                 type="java.lang.String"/>
+
+    <attribute   name="SSLCARevocationPath"
+          description="Directory containing CA revocation lists"
+                 type="java.lang.String"/>
+
     <attribute   name="strategy"
           description="Thread pool strategy"
                  type="java.lang.String"/>

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources.properties?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources.properties
(original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/ApplicationResources.properties
Fri Sep  3 16:40:16 2010
@@ -163,8 +163,22 @@ connector.truststore.type=Trust Store Ty
 connector.sslProtocol=SSL Protocol
 connector.keyPass.warning=<li>Please use keytool to generate certificate.</li>
 connector.secure=Secure
-connector.tcpNoDelay=TCP No Delay 
-connector.xpoweredby=X Powered By 
+connector.tcpNoDelay=TCP No Delay
+connector.xpoweredby=X Powered By
+connector.sslProperties=SSL Properties
+connector.SSLEngine=Engine
+connector.SSLProtocol=Protocols
+connector.SSLCipherSuite=Ciphers
+connector.SSLCertificateFile=Server certificate file
+connector.SSLCertificateKeyFile=Server private key file
+connector.SSLPassword=Private key pass phrase
+connector.SSLVerifyClient=Client verification mode
+connector.SSLVerifyDepthText=Client verification depth
+connector.SSLCACertificateFile=File of CA certificates
+connector.SSLCACertificatePath=Directory of CA certificates
+connector.SSLCertificateChainFile=Server certificate chain
+connector.SSLCARevocationFile=File of CA revocation lists
+connector.SSLCARevocationPath=Directory of CA revocation lists
 host.properties=Host Properties
 host.name=Name
 host.base=Application Base

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/AddConnectorAction.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/AddConnectorAction.java?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/AddConnectorAction.java
(original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/AddConnectorAction.java
Fri Sep  3 16:40:16 2010
@@ -83,7 +83,8 @@ public class AddConnectorAction extends 
             type = "HTTP";    // default type is HTTP
         connectorFm.setConnectorType(type);
         connectorFm.setServiceName(serviceName);
-        if ("HTTPS".equalsIgnoreCase(type)) {
+        if ("HTTPS-JSSE".equalsIgnoreCase(type) ||
+                "HTTPS-APR".equalsIgnoreCase(type)) {
             connectorFm.setScheme("https");
         } else {
             connectorFm.setScheme("http");       
@@ -110,7 +111,7 @@ public class AddConnectorAction extends 
         connectorFm.setTcpNoDelay("true");
         connectorFm.setXpoweredBy("false");
 
-        //supported only by HTTPS
+        //supported only by HTTPS-JSSE
         connectorFm.setAlgorithm("SunX509");
         connectorFm.setClientAuthentication("false");
         connectorFm.setCiphers("");
@@ -121,7 +122,22 @@ public class AddConnectorAction extends 
         connectorFm.setTrustStorePassword("");
         connectorFm.setTrustStoreType("JKS");
         connectorFm.setSslProtocol("TLS");
-                       
+
+        //supported only by HTTPS-APR
+        connectorFm.setSSLEngine("");
+        connectorFm.setSSLProtocol("");
+        connectorFm.setSSLCipherSuite("");
+        connectorFm.setSSLCertificateFile("");
+        connectorFm.setSSLCertificateKeyFile("");
+        connectorFm.setSSLPassword("");
+        connectorFm.setSSLVerifyClient("none");
+        connectorFm.setSSLVerifyDepthText("10");
+        connectorFm.setSSLCACertificateFile("");
+        connectorFm.setSSLCACertificatePath("");
+        connectorFm.setSSLCertificateChainFile("");
+        connectorFm.setSSLCARevocationFile("");
+        connectorFm.setSSLCACertificatePath("");
+
         // supported only by Coyote connectors
         connectorFm.setProxyName("");
         connectorFm.setProxyPortText("0");        
@@ -129,10 +145,11 @@ public class AddConnectorAction extends 
         connectorFm.setBooleanVals(Lists.getBooleanValues());                
         connectorFm.setClientAuthVals(Lists.getClientAuthValues());
         
-        String schemeTypes[]= new String[3];
+        String schemeTypes[]= new String[4];
         schemeTypes[0] = "HTTP";
-        schemeTypes[1] = "HTTPS";                
-        schemeTypes[2] = "AJP";
+        schemeTypes[1] = "HTTPS-JSSE";                
+        schemeTypes[2] = "HTTPS-APR";                
+        schemeTypes[3] = "AJP";
         
         ArrayList types = new ArrayList();    
         // the first element in the select list should be the type selected

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/ConnectorForm.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/ConnectorForm.java?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/ConnectorForm.java
(original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/ConnectorForm.java
Fri Sep  3 16:40:16 2010
@@ -269,6 +269,21 @@ public final class ConnectorForm extends
      */
     private String xpoweredBy = "false";
     
+    private String SSLEngine;
+    private String SSLProtocol;
+    private String SSLCipherSuite;
+    private String SSLCertificateFile;
+    private String SSLCertificateKeyFile;
+    private String SSLPassword;
+    private String SSLVerifyClient;
+    private String SSLVerifyDepthText;
+    private String SSLCACertificateFile;
+    private String SSLCACertificatePath;
+    private String SSLCertificateChainFile;
+    private String SSLCARevocationFile;
+    private String SSLCARevocationPath;
+
+    
     // ------------------------------------------------------------- Properties
     
    /**
@@ -1127,6 +1142,136 @@ public final class ConnectorForm extends
         
     }
     
+        public String getSSLEngine() {
+        return SSLEngine;
+    }
+
+
+    public void setSSLEngine(String sSLEngine) {
+        SSLEngine = sSLEngine;
+    }
+
+
+    public String getSSLProtocol() {
+        return SSLProtocol;
+    }
+
+
+    public void setSSLProtocol(String sSLProtocol) {
+        SSLProtocol = sSLProtocol;
+    }
+
+
+    public String getSSLCipherSuite() {
+        return SSLCipherSuite;
+    }
+
+
+    public void setSSLCipherSuite(String sSLCipherSuite) {
+        SSLCipherSuite = sSLCipherSuite;
+    }
+
+
+    public String getSSLCertificateFile() {
+        return SSLCertificateFile;
+    }
+
+
+    public void setSSLCertificateFile(String sSLCertificateFile) {
+        SSLCertificateFile = sSLCertificateFile;
+    }
+
+
+    public String getSSLCertificateKeyFile() {
+        return SSLCertificateKeyFile;
+    }
+
+
+    public void setSSLCertificateKeyFile(String sSLCertificateKeyFile) {
+        SSLCertificateKeyFile = sSLCertificateKeyFile;
+    }
+
+
+    public String getSSLPassword() {
+        return SSLPassword;
+    }
+
+
+    public void setSSLPassword(String sSLPassword) {
+        SSLPassword = sSLPassword;
+    }
+
+
+    public String getSSLVerifyClient() {
+        return SSLVerifyClient;
+    }
+
+
+    public void setSSLVerifyClient(String sSLVerifyClient) {
+        SSLVerifyClient = sSLVerifyClient;
+    }
+
+
+    public String getSSLVerifyDepthText() {
+        return SSLVerifyDepthText;
+    }
+
+
+    public void setSSLVerifyDepthText(String sSLVerifyDepthText) {
+        SSLVerifyDepthText = sSLVerifyDepthText;
+    }
+
+
+    public String getSSLCACertificateFile() {
+        return SSLCACertificateFile;
+    }
+
+
+    public void setSSLCACertificateFile(String sSLCACertificateFile) {
+        SSLCACertificateFile = sSLCACertificateFile;
+    }
+
+
+    public String getSSLCACertificatePath() {
+        return SSLCACertificatePath;
+    }
+
+
+    public void setSSLCACertificatePath(String sSLCACertificatePath) {
+        SSLCACertificatePath = sSLCACertificatePath;
+    }
+
+
+    public String getSSLCertificateChainFile() {
+        return SSLCertificateChainFile;
+    }
+
+
+    public void setSSLCertificateChainFile(String sSLCertificateChainFile) {
+        SSLCertificateChainFile = sSLCertificateChainFile;
+    }
+
+
+    public String getSSLCARevocationFile() {
+        return SSLCARevocationFile;
+    }
+
+
+    public void setSSLCARevocationFile(String sSLCARevocationFile) {
+        SSLCARevocationFile = sSLCARevocationFile;
+    }
+
+
+    public String getSSLCARevocationPath() {
+        return SSLCARevocationPath;
+    }
+
+
+    public void setSSLCARevocationPath(String sSLCARevocationPath) {
+        SSLCARevocationPath = sSLCARevocationPath;
+    }
+
+
     // --------------------------------------------------------- Public Methods
     
     /**
@@ -1171,7 +1316,19 @@ public final class ConnectorForm extends
         this.trustStoreFileName = null;
         this.trustStorePassword = null;
         this.trustStoreType = null;
-        
+        this.SSLEngine = null;
+        this.SSLProtocol = null;
+        this.SSLCipherSuite = null;
+        this.SSLCertificateFile = null;
+        this.SSLCertificateKeyFile = null;
+        this.SSLPassword = null;
+        this.SSLVerifyClient = null;
+        this.SSLVerifyDepthText = null;
+        this.SSLCACertificateFile = null;
+        this.SSLCACertificatePath = null;
+        this.SSLCertificateChainFile = null;
+        this.SSLCARevocationFile = null;
+        this.SSLCARevocationPath = null;
         
     }
     
@@ -1227,6 +1384,9 @@ public final class ConnectorForm extends
             numberCheck("proxyPortText",  proxyPortText, true, 0, 65535);  
         }
         
+        if ("HTTP-APR".equalsIgnoreCase(connectorType)) {
+            numberCheck("SSLVerifyDepthText", SSLVerifyDepthText, true, 1, 100);
+        }
         return errors;
     }
     

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/EditConnectorAction.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/EditConnectorAction.java?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/EditConnectorAction.java
(original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/EditConnectorAction.java
Fri Sep  3 16:40:16 2010
@@ -130,14 +130,16 @@ public class EditConnectorAction extends
                 (String) mBServer.getAttribute(cname, attribute);
             int period = handlerClassName.lastIndexOf('.');
             String connType = handlerClassName.substring(period + 1);
-            String connectorType = "HTTPS";
+            String connectorType = "HTTP";
             if ("JkCoyoteHandler".equalsIgnoreCase(connType) ||
                     "AjpAprProtocol".equalsIgnoreCase(connType)) {
                 connectorType = "AJP";
-            } else if (("Http11Protocol".equalsIgnoreCase(connType)  ||
-                    "Http11AprProtocol".equalsIgnoreCase(connType)) && 
-                    ("http".equalsIgnoreCase(scheme))) {
-                connectorType = "HTTP";
+            } else if ("Http11Protocol".equalsIgnoreCase(connType) && 
+                    "https".equalsIgnoreCase(scheme)) {
+                connectorType = "HTTPS-JSSE";
+            } else if ("Http11AprProtocol".equalsIgnoreCase(connType) && 
+                    "https".equalsIgnoreCase(scheme)) {
+                connectorType = "HTTPS-APR";
             }             
             connectorFm.setConnectorType(connectorType);            
             
@@ -226,9 +228,8 @@ public class EditConnectorAction extends
                     (((Integer) mBServer.getAttribute(cname, attribute)).toString());   
        
             }
             
-            if ("HTTPS".equalsIgnoreCase(connectorType)) {
-                // Initialize rest of variables. 
-                // These are set only for SSL connectors.
+            if ("HTTPS-JSSE".equalsIgnoreCase(connectorType)) {
+                // These are set only for JSSE SSL connectors.
                 attribute = "algorithm";
                 connectorFm.setAlgorithm
                     ((String) mBServer.getAttribute(cname, attribute));
@@ -261,6 +262,48 @@ public class EditConnectorAction extends
                     ((String) mBServer.getAttribute(cname, attribute));          
             }     
                 
+            if ("HTTPS-APR".equalsIgnoreCase(connectorType)) {
+                // These are set only for APR SSL connectors.
+                attribute = "SSLEngine";
+                connectorFm.setSSLEngine
+                    ((String) mBServer.getAttribute(cname, attribute));
+                attribute = "SSLProtocol";
+                connectorFm.setSSLProtocol
+                    (((String) mBServer.getAttribute(cname, attribute)));
+                attribute = "SSLCipherSuite";
+                connectorFm.setSSLCipherSuite
+                    ((String) mBServer.getAttribute(cname, attribute));   
+                attribute = "SSLCertificateFile";
+                connectorFm.setSSLCertificateFile
+                    ((String) mBServer.getAttribute(cname, attribute));
+                attribute = "SSLCertificateKeyFile";
+                connectorFm.setSSLCertificateKeyFile
+                    ((String) mBServer.getAttribute(cname, attribute));     
+                attribute = "SSLPassword";
+                connectorFm.setSSLPassword
+                    ((String) mBServer.getAttribute(cname, attribute));   
+                attribute = "SSLVerifyClient";
+                connectorFm.setSSLVerifyClient
+                    ((String) mBServer.getAttribute(cname, attribute));
+                attribute = "SSLVerifyDepth";
+                connectorFm.setSSLVerifyDepthText
+                    (((Integer) mBServer.getAttribute(cname, attribute)).toString());   
 
+                attribute = "SSLCACertificateFile";
+                connectorFm.setSSLCACertificateFile
+                    ((String) mBServer.getAttribute(cname, attribute));   
+                attribute = "SSLCACertificatePath";
+                connectorFm.setSSLCACertificatePath
+                    ((String) mBServer.getAttribute(cname, attribute));          
+                attribute = "SSLCertificateChainFile";
+                connectorFm.setSSLCertificateChainFile
+                    ((String) mBServer.getAttribute(cname, attribute));          
+                attribute = "SSLCARevocationFile";
+                connectorFm.setSSLCARevocationFile
+                    ((String) mBServer.getAttribute(cname, attribute));          
+                attribute = "SSLCARevocationPath";
+                connectorFm.setSSLCARevocationPath
+                    ((String) mBServer.getAttribute(cname, attribute));          
+            }     
                         
         } catch (Throwable t) {
             getServlet().log

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/SaveConnectorAction.java
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/SaveConnectorAction.java?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/SaveConnectorAction.java
(original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/WEB-INF/classes/org/apache/webapp/admin/connector/SaveConnectorAction.java
Fri Sep  3 16:40:16 2010
@@ -160,11 +160,12 @@ public final class SaveConnectorAction e
                 values[2] = new Integer(cform.getPortText());
 
                 if ("HTTP".equalsIgnoreCase(connectorType)) {
-                        operation = "createHttpConnector"; // HTTP
-                } else if ("HTTPS".equalsIgnoreCase(connectorType)) { 
-                        operation = "createHttpsConnector";   // HTTPS
+                    operation = "createHttpConnector"; // HTTP
+                } else if ("HTTPS-JSSE".equalsIgnoreCase(connectorType) ||
+                        "HTTPS-APR".equalsIgnoreCase(connectorType)) { 
+                    operation = "createHttpsConnector";   // HTTPS
                 } else {
-                        operation = "createAjpConnector";   // AJP(HTTP)                
 
+                    operation = "createAjpConnector";   // AJP(HTTP)                  
                 }
                 
                 cObjectName = (String)
@@ -388,8 +389,8 @@ public final class SaveConnectorAction e
                               new Attribute("proxyPort", new Integer(proxyPort))); 
             }
             
-            // HTTPS specific properties
-            if("HTTPS".equalsIgnoreCase(connectorType)) {
+            // HTTPS-JSSE specific properties
+            if("HTTPS-JSSE".equalsIgnoreCase(connectorType)) {
                 String algorithm = cform.getAlgorithm();
                 if ((algorithm != null) && (algorithm.length()>0)) 
                     mBServer.setAttribute(coname,
@@ -440,7 +441,94 @@ public final class SaveConnectorAction e
                     mBServer.setAttribute(coname,
                               new Attribute("sslProtocol", sslProtocol));               
    
              }
- 
+
+            // HTTPS-APR specific properties
+            if("HTTPS-APR".equalsIgnoreCase(connectorType)) {
+                String sSLEngine = cform.getSSLEngine();
+                if ((sSLEngine != null) && (sSLEngine.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLEngine", sSLEngine));  
+                
+                String sSLProtocol = cform.getSSLProtocol();
+                if ((sSLProtocol != null) && (sSLProtocol.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLProtocol", sSLProtocol));           
+                
+                String sSLCipherSuite = cform.getSSLCipherSuite();
+                if ((sSLCipherSuite != null) && (sSLCipherSuite.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCipherSuite", sSLCipherSuite));         
  
+                
+                mBServer.setAttribute(coname,
+                              new Attribute("SSLCertificateFile", 
+                                             cform.getSSLCertificateFile()));   
+                
+                String sSLCertificateKeyFile = cform.getSSLCertificateKeyFile();
+                if ((sSLCertificateKeyFile != null) &&
+                        (sSLCertificateKeyFile.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCertificateKeyFile",
+                                      sSLCertificateKeyFile));                 
+                
+                String sSLPassword = cform.getSSLPassword();
+                if ((sSLPassword != null) && (sSLPassword.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLPassword", sSLPassword));   
+                
+                String sSLVerifyClient = cform.getSSLVerifyClient();
+                if ((sSLVerifyClient != null) && (sSLVerifyClient.length()>0))

+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLVerifyClient", sSLVerifyClient));       
    
+                
+                String sSLVerifyDepthText = cform.getSSLVerifyDepthText();
+                if ((sSLVerifyDepthText != null) &&
+                        (sSLVerifyDepthText.length()>0))
+                    try {
+                        mBServer.setAttribute(coname,
+                                new Attribute("SSLVerifyDepthText",
+                                        Integer.getInteger(sSLVerifyDepthText)));
+                    } catch (NumberFormatException e) {
+                        mBServer.setAttribute(coname,
+                                new Attribute("SSLVerifyDepthText",
+                                        Integer.valueOf(10)));
+                    }
+                
+                String sSLCACertificateFile = cform.getSSLCACertificateFile();
+                if ((sSLCACertificateFile != null) &&
+                        (sSLCACertificateFile.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCACertificateFile",
+                                      sSLCACertificateFile));   
+                
+                String sSLCACertificatePath = cform.getSSLCACertificatePath();
+                if ((sSLCACertificatePath != null) &&
+                        (sSLCACertificatePath.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCACertificatePath",
+                                      sSLCACertificatePath));                    
+                
+                String sSLCertificateChainFile =
+                    cform.getSSLCertificateChainFile();
+                if ((sSLCertificateChainFile != null) &&
+                        (sSLCertificateChainFile.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCertificateChainFile",
+                                      sSLCertificateChainFile));                    
+                
+                String sSLCARevocationFile = cform.getSSLCARevocationFile();
+                if ((sSLCARevocationFile != null) &&
+                        (sSLCARevocationFile.length()>0)) 
+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCARevocationFile",
+                                      sSLCARevocationFile));                    
+                
+                String sSLCARevocationPath = cform.getSSLCARevocationPath();
+                if ((sSLCARevocationPath != null) && (sSLCARevocationPath.length()>0))

+                    mBServer.setAttribute(coname,
+                              new Attribute("SSLCARevocationPath",
+                                      sSLCARevocationPath));                    
+             }
+
         } catch (Exception e) {
 
             getServlet().log

Modified: tomcat/tc5.5.x/trunk/container/webapps/admin/connector/connector.jsp
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/admin/connector/connector.jsp?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/admin/connector/connector.jsp (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/admin/connector/connector.jsp Fri Sep  3 16:40:16
2010
@@ -359,12 +359,12 @@
             </controls:data>
         </controls:row>
 
-<%-- The following properties are supported only on HTTPS Connector --%>
-     <logic:equal name="connectorForm" property="scheme" scope="session"
-                  value="https">
+<%-- The following properties are supported only on HTTPS-JSSE Connector --%>
+     <logic:equal name="connectorForm" property="connectorType" scope="session"
+                  value="HTTPS-JSSE">
         <br>
         <controls:row header="true" labelStyle="table-header-text" dataStyle="table-header-text">
-            <controls:label>Factory Properties:</controls:label>
+            <controls:label><bean:message key="connector.sslProperties"/>:</controls:label>
             <controls:data>&nbsp;</controls:data>
         </controls:row>
 
@@ -473,6 +473,108 @@
         </controls:row>
 
     </logic:equal>
+
+<%-- The following properties are supported only on HTTPS-APR Connector --%>
+     <logic:equal name="connectorForm" property="connectorType" scope="session"
+                  value="HTTPS-APR">
+        <br>
+        <controls:row header="true" labelStyle="table-header-text" dataStyle="table-header-text">
+            <controls:label><bean:message key="connector.sslProperties"/>:</controls:label>
+            <controls:data>&nbsp;</controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLEngine">
+            <controls:label><bean:message key="connector.SSLEngine"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLEngine" size="10" styleId="SSLEngine"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLProtocol">
+            <controls:label><bean:message key="connector.SSLProtocol"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLProtocol" size="30" styleId="SSLProtocol"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCipherSuite">
+            <controls:label><bean:message key="connector.SSLCipherSuite"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCipherSuite" size="30" styleId="SSLCipherSuite"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCertificateFile">
+            <controls:label><bean:message key="connector.SSLCertificateFile"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCertificateFile" size="30" styleId="SSLCertificateFile"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCertificateKeyFile">
+            <controls:label><bean:message key="connector.SSLCertificateKeyFile"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCertificateKeyFile" size="30" styleId="SSLCertificateKeyFile"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLPassword">
+            <controls:label><bean:message key="connector.SSLPassword"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLPassword" size="30" styleId="SSLPassword"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLVerifyClient">
+            <controls:label><bean:message key="connector.SSLVerifyClient"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLVerifyClient" size="10" styleId="SSLVerifyClient"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLVerifyDepthText">
+            <controls:label><bean:message key="connector.SSLVerifyDepthText"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLVerifyDepthText" size="10" styleId="SSLVerifyDepthText"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCACertificateFile">
+            <controls:label><bean:message key="connector.SSLCACertificateFile"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCACertificateFile" size="30" styleId="SSLCACertificateFile"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCACertificatePath">
+            <controls:label><bean:message key="connector.SSLCACertificatePath"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCACertificatePath" size="30" styleId="SSLCACertificatePath"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCertificateChainFile">
+            <controls:label><bean:message key="connector.SSLCertificateChainFile"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCertificateChainFile" size="30" styleId="SSLCertificateChainFile"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCARevocationFile">
+            <controls:label><bean:message key="connector.SSLCARevocationFile"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCARevocationFile" size="30" styleId="SSLCARevocationFile"/>
+            </controls:data>
+        </controls:row>
+
+        <controls:row labelStyle="table-label-text" dataStyle="table-normal-text" styleId="SSLCARevocationPath">
+            <controls:label><bean:message key="connector.SSLCARevocationPath"/>:</controls:label>
+            <controls:data>
+               <html:text property="SSLCARevocationPath" size="30" styleId="SSLCARevocationPath"/>
+            </controls:data>
+        </controls:row>
+    </logic:equal>
+
    </controls:table>
 
       </td>

Modified: tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml
URL: http://svn.apache.org/viewvc/tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml?rev=992363&r1=992362&r2=992363&view=diff
==============================================================================
--- tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml (original)
+++ tomcat/tc5.5.x/trunk/container/webapps/docs/changelog.xml Fri Sep  3 16:40:16 2010
@@ -70,6 +70,10 @@
         <bug>49585</bug>: Update JSVC documentation to reflect new packaging
         of Commons Daemon. (markt)
       </fix>
+      <fix>
+        <bug>49774</bug>: Add support for SSL with either JSSE or APR baaed
+        connectors to the admin app. (markt) 
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Cluster">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message