private URI getServerUri(ServerConnector connector) throws URISyntaxException { String scheme = "http"; for (ConnectionFactory connectFactory : connector .getConnectionFactories()) { if (connectFactory.getProtocol().startsWith("SSL-http")) { scheme = "https"; } } String host = connector.getHost(); if (host == null) { try{ host = InetAddress.getLocalHost().getHostName(); }catch(Exception ex){} } if (host == null){ host = "localhost"; } int myport = connector.getLocalPort(); serverURI = new URI(String.format("%s://%s:%d", scheme, host, myport)); System.out.println(new Date() + " Server URI: " + serverURI + this.contextPath); return serverURI; }
private AbstractConnector createConnector(InetSocketAddress address, Server server) { ServerConnector connector = new ServerConnector(server, this.acceptors, this.selectors); connector.setHost(address.getHostString()); connector.setPort(address.getPort()); for (ConnectionFactory connectionFactory : connector.getConnectionFactories()) { if (connectionFactory instanceof HttpConfiguration.ConnectionFactory) { ((HttpConfiguration.ConnectionFactory) connectionFactory) .getHttpConfiguration().setSendServerVersion(false); } } return connector; }
private AbstractConnector createConnector(InetSocketAddress address, Server server) { ServerConnector connector; JettyResourceFactory resourceFactory = getResourceFactory(); if (resourceFactory != null) { connector = new ServerConnector(server, resourceFactory.getExecutor(), resourceFactory.getScheduler(), resourceFactory.getByteBufferPool(), this.acceptors, this.selectors, new HttpConnectionFactory()); } else { connector = new ServerConnector(server, this.acceptors, this.selectors); } connector.setHost(address.getHostString()); connector.setPort(address.getPort()); for (ConnectionFactory connectionFactory : connector.getConnectionFactories()) { if (connectionFactory instanceof HttpConfiguration.ConnectionFactory) { ((HttpConfiguration.ConnectionFactory) connectionFactory) .getHttpConfiguration().setSendServerVersion(false); } } return connector; }
@Test public void shouldAddHttpSocketConnector() throws Exception { ArgumentCaptor<Connector> captor = ArgumentCaptor.forClass(Connector.class); jetty9Server.configure(); verify(server, times(2)).addConnector(captor.capture()); List<Connector> connectors = captor.getAllValues(); Connector plainConnector = connectors.get(0); assertThat(plainConnector instanceof ServerConnector, is(true)); ServerConnector connector = (ServerConnector) plainConnector; assertThat(connector.getServer(), is(server)); assertThat(connector.getConnectionFactories().size(), is(1)); ConnectionFactory connectionFactory = connector.getConnectionFactories().iterator().next(); assertThat(connectionFactory instanceof HttpConnectionFactory, is(true)); }
@Test public void shouldSetupSslContextWithKeystoreAndTruststore() throws IOException { ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getKeyStorePath(), is(keystore.getCanonicalFile().toPath().toAbsolutePath().toUri().toString())); assertThat(sslContextFactory.getTrustStorePath(), is(truststore.getCanonicalFile().toPath().toAbsolutePath().toUri().toString())); assertThat(sslContextFactory.getWantClientAuth(), is(true)); }
@Test public void shouldSetupCipherSuitesToBeIncluded() { ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); List<String> includedCipherSuites = new ArrayList<>(Arrays.asList(sslContextFactory.getIncludeCipherSuites())); assertThat(includedCipherSuites.size(), is(1)); assertThat(includedCipherSuites.contains("FOO"), is(true)); }
@Test public void shouldAddSSLSocketConnector() throws Exception { ArgumentCaptor<Connector> captor = ArgumentCaptor.forClass(Connector.class); jetty9Server.configure(); verify(server, times(2)).addConnector(captor.capture()); List<Connector> connectors = captor.getAllValues(); Connector sslConnector = connectors.get(1); assertThat(sslConnector instanceof ServerConnector, is(true)); ServerConnector connector = (ServerConnector) sslConnector; assertThat(connector.getServer(), is(server)); assertThat(connector.getConnectionFactories().size(), is(2)); Iterator<ConnectionFactory> iterator = connector.getConnectionFactories().iterator(); ConnectionFactory first = iterator.next(); ConnectionFactory second = iterator.next(); assertThat(first instanceof SslConnectionFactory, is(true)); SslConnectionFactory sslConnectionFactory = (SslConnectionFactory) first; assertThat(sslConnectionFactory.getProtocol(), is("SSL")); assertThat(sslConnectionFactory.getNextProtocol(), is("HTTP/1.1")); assertThat(second instanceof HttpConnectionFactory, is(true)); }
@Test public void shouldLeaveTheDefaultProtocolInclusionAndExclusionListUnTouchedIfNotOverridden() { when(goSSLConfig.getProtocolsToBeIncluded()).thenReturn(null); when(goSSLConfig.getProtocolsToBeExcluded()).thenReturn(null); sslSocketConnector = new GoSslSocketConnector(jettyServer, "password", systemEnvironment, goSSLConfig); ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getExcludeProtocols().length, is(4)); assertThat(Arrays.asList(sslContextFactory.getExcludeProtocols()).containsAll(Arrays.asList("SSL", "SSLv2", "SSLv2Hello", "SSLv3")), is(true)); assertThat(sslContextFactory.getIncludeProtocols().length, is(0)); }
@Test public void shouldOverrideTheDefaultProtocolExclusionListIfConfigured() { when(goSSLConfig.getProtocolsToBeExcluded()).thenReturn(new String[]{"SSL", "TLS1.0", "TLS1.1"}); when(goSSLConfig.getProtocolsToBeIncluded()).thenReturn(new String[]{"TLS1.2"}); sslSocketConnector = new GoSslSocketConnector(jettyServer, "password", systemEnvironment, goSSLConfig); ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getExcludeProtocols().length, is(3)); assertThat(Arrays.asList(sslContextFactory.getExcludeProtocols()).containsAll(Arrays.asList("SSL", "TLS1.0", "TLS1.1")), is(true)); assertThat(sslContextFactory.getIncludeProtocols().length, is(1)); assertThat(sslContextFactory.getIncludeProtocols()[0], is("TLS1.2")); }
@Test public void shouldOverrideTheDefaultCipherSuiteExclusionListIfConfigured() { when(goSSLConfig.getCipherSuitesToBeExcluded()).thenReturn(new String[]{"*MD5*"}); when(goSSLConfig.getCipherSuitesToBeIncluded()).thenReturn(new String[]{"*ECDHE*"}); sslSocketConnector = new GoSslSocketConnector(jettyServer, "password", systemEnvironment, goSSLConfig); ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getExcludeCipherSuites().length, is(1)); assertThat(sslContextFactory.getExcludeCipherSuites()[0], is("*MD5*")); assertThat(sslContextFactory.getIncludeCipherSuites().length, is(1)); assertThat(sslContextFactory.getIncludeCipherSuites()[0], is("*ECDHE*")); }
@Test public void shouldClearOutDefaultProtocolsAndCipherSetByJettyIfFlagIsSet() { when(systemEnvironment.get(SystemEnvironment.GO_SSL_CONFIG_CLEAR_JETTY_DEFAULT_EXCLUSIONS)).thenReturn(true); when(goSSLConfig.getProtocolsToBeExcluded()).thenReturn(null); when(goSSLConfig.getProtocolsToBeIncluded()).thenReturn(null); when(goSSLConfig.getCipherSuitesToBeIncluded()).thenReturn(null); when(goSSLConfig.getCipherSuitesToBeExcluded()).thenReturn(null); sslSocketConnector = new GoSslSocketConnector(jettyServer, "password", systemEnvironment, goSSLConfig); ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getExcludeProtocols().length, is(0)); assertThat(sslContextFactory.getIncludeProtocols().length, is(0)); assertThat(sslContextFactory.getExcludeCipherSuites().length, is(0)); assertThat(sslContextFactory.getIncludeCipherSuites().length, is(0)); }
@Test public void shouldSetupHttpConnectionFactory() { ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); HttpConnectionFactory httpConnectionFactory = getHttpConnectionFactory(connectionFactories); assertThat(httpConnectionFactory.getHttpConfiguration().getOutputBufferSize(), is(100)); assertThat(httpConnectionFactory.getHttpConfiguration().getCustomizers().size(), is(2)); assertThat(httpConnectionFactory.getHttpConfiguration().getCustomizers().get(0), instanceOf(SecureRequestCustomizer.class)); assertThat(httpConnectionFactory.getHttpConfiguration().getCustomizers().get(1), instanceOf(ForwardedRequestCustomizer.class)); }
@Test public void shouldLeaveTheDefaultCipherSuiteInclusionAndExclusionListUnTouchedIfNotOverridden() { when(goSSLConfig.getCipherSuitesToBeIncluded()).thenReturn(null); when(goSSLConfig.getCipherSuitesToBeExcluded()).thenReturn(null); sslSocketConnector = new GoSslSocketConnector(jettyServer, "password", systemEnvironment, goSSLConfig); ServerConnector connector = (ServerConnector) sslSocketConnector.getConnector(); Collection<ConnectionFactory> connectionFactories = connector.getConnectionFactories(); SslContextFactory sslContextFactory = findSslContextFactory(connectionFactories); assertThat(sslContextFactory.getExcludeCipherSuites(), is(arrayWithSize(5))); assertThat(sslContextFactory.getExcludeCipherSuites(), is(arrayContainingInAnyOrder("^.*_(MD5|SHA|SHA1)$", "^TLS_RSA_.*$", "^SSL_.*$", "^.*_NULL_.*$", "^.*_anon_.*$"))); assertThat(sslContextFactory.getIncludeCipherSuites(), is(emptyArray())); }
for (ConnectionFactory cf : connector.getConnectionFactories()) { monitoredConnFactories.add(new JettyMonitoringConnectionFactory(cf, activeConnections));
/** * Returns whether this microservice is using <js>"http"</js> or <js>"https"</js>. * <p> * The value is determined by looking for the existence of an SSL Connection Factorie by looking for the * <code>Server/Connectors[ServerConnector]/ConnectionFactories[SslConnectionFactory]</code> value in the Jetty * configuration. * * @return Whether this microservice is using <js>"http"</js> or <js>"https"</js>. */ public String getProtocol() { for (Connector c : getServer().getConnectors()) if (c instanceof ServerConnector) for (ConnectionFactory cf : ((ServerConnector)c).getConnectionFactories()) if (cf instanceof SslConnectionFactory) return "https"; return "http"; }
/** * Returns whether this microservice is using <js>"http"</js> or <js>"https"</js>. * <p> * The value is determined by looking for the existence of an SSL Connection Factorie by looking for the * <code>Server/Connectors[ServerConnector]/ConnectionFactories[SslConnectionFactory]</code> value in the Jetty * configuration. * * @return Whether this microservice is using <js>"http"</js> or <js>"https"</js>. */ public String getProtocol() { for (Connector c : getServer().getConnectors()) if (c instanceof ServerConnector) for (ConnectionFactory cf : ((ServerConnector)c).getConnectionFactories()) if (cf instanceof SslConnectionFactory) return "https"; return "http"; }
for (ConnectionFactory cf : connector.getConnectionFactories()) { monitoredConnFactories.add(new JettyMonitoringConnectionFactory(cf, activeConnections));
for (ConnectionFactory cf : connector.getConnectionFactories()) { monitoredConnFactories.add(new JettyMonitoringConnectionFactory(cf, activeConnections));