activemq-http/src/main/java/org/apache/activemq/transport/SecureSocketConnectorFactory.java - activemq - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.activemq.transport;

 import javax.net.ssl.SSLContext;

 import org.apache.activemq.broker.SslContext;
 import org.apache.activemq.util.IntrospectionSupport;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Server;
 import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.util.ssl.SslContextFactory;

 public class SecureSocketConnectorFactory extends SocketConnectorFactory {

     private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
     private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
     private String keyStore = System.getProperty("javax.net.ssl.keyStore");
     private String trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
     private String trustStore = System.getProperty("javax.net.ssl.trustStore");
     private boolean needClientAuth;
     private boolean wantClientAuth;
     private String keyStoreType;
     private String secureRandomCertficateAlgorithm;
     private String trustCertificateAlgorithm;
     private String keyCertificateAlgorithm;
     private String protocol;
     private String auth;

     private SslContext context;
     private SslContextFactory contextFactory;

     public SecureSocketConnectorFactory() {

     }
     public SecureSocketConnectorFactory(SslContext context) {
         this.context = context;
     }

     public SecureSocketConnectorFactory(SslContextFactory contextFactory) {
         this.contextFactory = contextFactory;
     }

     @Override
     public Connector createConnector(Server server) throws Exception {
         if (getTransportOptions() != null) {
             IntrospectionSupport.setProperties(this, getTransportOptions());
         }

         SSLContext sslContext = context == null ? null : context.getSSLContext();

         // Get a reference to the current ssl context factory...

         SslContextFactory factory;
         if (contextFactory == null) {
             factory = new SslContextFactory.Server();
             if (context != null) {
                 // Should not be using this method since it does not use all of the values
                 // from the passed SslContext instance.....
                 factory.setSslContext(sslContext);

             } else {
                 if (keyStore != null) {
                     factory.setKeyStorePath(keyStore);
                 }
                 if (keyStorePassword != null) {
                     factory.setKeyStorePassword(keyStorePassword);
                 }
                 // if the keyPassword hasn't been set, default it to the
                 // key store password
                 if (keyPassword == null && keyStorePassword != null) {
                     factory.setKeyStorePassword(keyStorePassword);
                 }
                 if (keyStoreType != null) {
                     factory.setKeyStoreType(keyStoreType);
                 }
                 if (secureRandomCertficateAlgorithm != null) {
                     factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
                 }
                 if (keyCertificateAlgorithm != null) {
                     factory.setKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
                 }
                 if (trustCertificateAlgorithm != null) {
                     factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
                 }
                 if (protocol != null) {
                     factory.setProtocol(protocol);
                 }
                 if (trustStore != null) {
                     setTrustStore(factory, trustStore);
                 }
                 if (trustStorePassword != null) {
                     factory.setTrustStorePassword(trustStorePassword);
                 }
             }
             factory.setNeedClientAuth(needClientAuth);
             factory.setWantClientAuth(wantClientAuth);
         } else {
             factory = contextFactory;
         }


         if ("KRB".equals(auth) || "BOTH".equals(auth)
             && Server.getVersion().startsWith("8")) {
             //return new Krb5AndCertsSslSocketConnector(factory, auth);
             return null;
         } else {
             ServerConnector connector = new ServerConnector(server, factory);
             server.setStopTimeout(500);
             connector.setStopTimeout(500);
             return connector;
         }
     }
     private void setTrustStore(SslContextFactory factory, String trustStore2) throws Exception {
         String mname = Server.getVersion().startsWith("8") ? "setTrustStore" : "setTrustStorePath";
         factory.getClass().getMethod(mname, String.class).invoke(factory, trustStore2);
     }


     // Properties
     // --------------------------------------------------------------------------------

     public String getKeyStore() {
         return keyStore;
     }

     public void setKeyStore(String keyStore) {
         this.keyStore = keyStore;
     }

     public String getKeyPassword() {
         return keyPassword;
     }

     public void setKeyPassword(String keyPassword) {
         this.keyPassword = keyPassword;
     }

     public String getKeyStoreType() {
         return keyStoreType;
     }

     public void setKeyStoreType(String keyStoreType) {
         this.keyStoreType = keyStoreType;
     }

     public String getKeyStorePassword() {
         return keyStorePassword;
     }

     public void setKeyStorePassword(String keyStorePassword) {
         this.keyStorePassword = keyStorePassword;
     }

     public String getProtocol() {
         return protocol;
     }

     public void setProtocol(String protocol) {
         this.protocol = protocol;
     }

     public String getSecureRandomCertficateAlgorithm() {
         return secureRandomCertficateAlgorithm;
     }

     public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
         this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
     }

     public String getKeyCertificateAlgorithm() {
         return keyCertificateAlgorithm;
     }

     public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
         this.keyCertificateAlgorithm = keyCertificateAlgorithm;
     }

     public String getTrustCertificateAlgorithm() {
         return trustCertificateAlgorithm;
     }

     public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
         this.trustCertificateAlgorithm = trustCertificateAlgorithm;
     }

     /**
      * @return the auth
      */
     public String getAuth() {
         return auth;
     }

     /**
      * @param auth the auth to set
      */
     public void setAuth(String auth) {
         this.auth = auth;
     }

     public boolean isWantClientAuth() {
         return wantClientAuth;
     }

     public void setWantClientAuth(boolean wantClientAuth) {
         this.wantClientAuth = wantClientAuth;
     }

     public boolean isNeedClientAuth() {
         return needClientAuth;
     }

     public void setNeedClientAuth(boolean needClientAuth) {
         this.needClientAuth = needClientAuth;
     }

     public String getTrustStore() {
         return trustStore;
     }

     public void setTrustStore(String trustStore) {
         this.trustStore = trustStore;
     }

     public String getTrustStorePassword() {
         return trustStorePassword;
     }

     public void setTrustStorePassword(String trustStorePassword) {
         this.trustStorePassword = trustStorePassword;
     }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.activemq.transport;

	import javax.net.ssl.SSLContext;

	import org.apache.activemq.broker.SslContext;
	import org.apache.activemq.util.IntrospectionSupport;
	import org.eclipse.jetty.server.Connector;
	import org.eclipse.jetty.server.Server;
	import org.eclipse.jetty.server.ServerConnector;
	import org.eclipse.jetty.util.ssl.SslContextFactory;

	public class SecureSocketConnectorFactory extends SocketConnectorFactory {

	private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
	private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
	private String keyStore = System.getProperty("javax.net.ssl.keyStore");
	private String trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
	private String trustStore = System.getProperty("javax.net.ssl.trustStore");
	private boolean needClientAuth;
	private boolean wantClientAuth;
	private String keyStoreType;
	private String secureRandomCertficateAlgorithm;
	private String trustCertificateAlgorithm;
	private String keyCertificateAlgorithm;
	private String protocol;
	private String auth;

	private SslContext context;
	private SslContextFactory contextFactory;

	public SecureSocketConnectorFactory() {

	}
	public SecureSocketConnectorFactory(SslContext context) {
	this.context = context;
	}

	public SecureSocketConnectorFactory(SslContextFactory contextFactory) {
	this.contextFactory = contextFactory;
	}

	@Override
	public Connector createConnector(Server server) throws Exception {
	if (getTransportOptions() != null) {
	IntrospectionSupport.setProperties(this, getTransportOptions());
	}

	SSLContext sslContext = context == null ? null : context.getSSLContext();

	// Get a reference to the current ssl context factory...

	SslContextFactory factory;
	if (contextFactory == null) {
	factory = new SslContextFactory.Server();
	if (context != null) {
	// Should not be using this method since it does not use all of the values
	// from the passed SslContext instance.....
	factory.setSslContext(sslContext);

	} else {
	if (keyStore != null) {
	factory.setKeyStorePath(keyStore);
	}
	if (keyStorePassword != null) {
	factory.setKeyStorePassword(keyStorePassword);
	}
	// if the keyPassword hasn't been set, default it to the
	// key store password
	if (keyPassword == null && keyStorePassword != null) {
	factory.setKeyStorePassword(keyStorePassword);
	}
	if (keyStoreType != null) {
	factory.setKeyStoreType(keyStoreType);
	}
	if (secureRandomCertficateAlgorithm != null) {
	factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
	}
	if (keyCertificateAlgorithm != null) {
	factory.setKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
	}
	if (trustCertificateAlgorithm != null) {
	factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
	}
	if (protocol != null) {
	factory.setProtocol(protocol);
	}
	if (trustStore != null) {
	setTrustStore(factory, trustStore);
	}
	if (trustStorePassword != null) {
	factory.setTrustStorePassword(trustStorePassword);
	}
	}
	factory.setNeedClientAuth(needClientAuth);
	factory.setWantClientAuth(wantClientAuth);
	} else {
	factory = contextFactory;
	}


	if ("KRB".equals(auth) \|\| "BOTH".equals(auth)
	&& Server.getVersion().startsWith("8")) {
	//return new Krb5AndCertsSslSocketConnector(factory, auth);
	return null;
	} else {
	ServerConnector connector = new ServerConnector(server, factory);
	server.setStopTimeout(500);
	connector.setStopTimeout(500);
	return connector;
	}
	}
	private void setTrustStore(SslContextFactory factory, String trustStore2) throws Exception {
	String mname = Server.getVersion().startsWith("8") ? "setTrustStore" : "setTrustStorePath";
	factory.getClass().getMethod(mname, String.class).invoke(factory, trustStore2);
	}



	// Properties
	// --------------------------------------------------------------------------------

	public String getKeyStore() {
	return keyStore;
	}

	public void setKeyStore(String keyStore) {
	this.keyStore = keyStore;
	}

	public String getKeyPassword() {
	return keyPassword;
	}

	public void setKeyPassword(String keyPassword) {
	this.keyPassword = keyPassword;
	}

	public String getKeyStoreType() {
	return keyStoreType;
	}

	public void setKeyStoreType(String keyStoreType) {
	this.keyStoreType = keyStoreType;
	}

	public String getKeyStorePassword() {
	return keyStorePassword;
	}

	public void setKeyStorePassword(String keyStorePassword) {
	this.keyStorePassword = keyStorePassword;
	}

	public String getProtocol() {
	return protocol;
	}

	public void setProtocol(String protocol) {
	this.protocol = protocol;
	}

	public String getSecureRandomCertficateAlgorithm() {
	return secureRandomCertficateAlgorithm;
	}

	public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
	this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
	}

	public String getKeyCertificateAlgorithm() {
	return keyCertificateAlgorithm;
	}

	public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
	this.keyCertificateAlgorithm = keyCertificateAlgorithm;
	}

	public String getTrustCertificateAlgorithm() {
	return trustCertificateAlgorithm;
	}

	public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
	this.trustCertificateAlgorithm = trustCertificateAlgorithm;
	}

	/**
	* @return the auth
	*/
	public String getAuth() {
	return auth;
	}

	/**
	* @param auth the auth to set
	*/
	public void setAuth(String auth) {
	this.auth = auth;
	}

	public boolean isWantClientAuth() {
	return wantClientAuth;
	}

	public void setWantClientAuth(boolean wantClientAuth) {
	this.wantClientAuth = wantClientAuth;
	}

	public boolean isNeedClientAuth() {
	return needClientAuth;
	}

	public void setNeedClientAuth(boolean needClientAuth) {
	this.needClientAuth = needClientAuth;
	}

	public String getTrustStore() {
	return trustStore;
	}

	public void setTrustStore(String trustStore) {
	this.trustStore = trustStore;
	}

	public String getTrustStorePassword() {
	return trustStorePassword;
	}

	public void setTrustStorePassword(String trustStorePassword) {
	this.trustStorePassword = trustStorePassword;
	}
	}