当前位置: 首页>>代码示例>>Java>>正文

Java ClientAuth类代码示例

本文整理汇总了Java中io.netty.handler.ssl.ClientAuth的典型用法代码示例。如果您正苦于以下问题:Java ClientAuth类的具体用法?Java ClientAuth怎么用?Java ClientAuth使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


ClientAuth类属于io.netty.handler.ssl包,在下文中一共展示了ClientAuth类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: initChannel

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        if (serviceConfig.isTlsAllowInsecureConnection()) {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (serviceConfig.getTlsTrustCertsFilePath().isEmpty()) {
                // Use system default
                builder.trustManager((File) null);
            } else {
                File trustCertCollection = new File(serviceConfig.getTlsTrustCertsFilePath());
                builder.trustManager(trustCertCollection);
            }
        }
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerConnection(discoveryService));
}
开发者ID:apache,项目名称:incubator-pulsar,代码行数:24,代码来源:ServiceChannelInitializer.java

示例2: usingNetty

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
static ClientHttpRequestFactory usingNetty(ClientOptions options)
		throws IOException, GeneralSecurityException {

	SslContext sslContext = new JdkSslContext(SSLContext.getDefault(), true, ClientAuth.REQUIRE);

	final Netty4ClientHttpRequestFactory requestFactory = new Netty4ClientHttpRequestFactory();
	requestFactory.setSslContext(sslContext);

	if (options.getConnectionTimeout() != null) {
		requestFactory.setConnectTimeout(options.getConnectionTimeout());
	}
	if (options.getReadTimeout() != null) {
		requestFactory.setReadTimeout(options.getReadTimeout());
	}

	return requestFactory;
}
开发者ID:spring-projects,项目名称:spring-credhub,代码行数:18,代码来源:ClientHttpRequestFactoryFactory.java

示例3: initChannel

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        if (serviceConfig.isTlsAllowInsecureConnection()) {
            builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        } else {
            if (serviceConfig.getTlsTrustCertsFilePath().isEmpty()) {
                // Use system default
                builder.trustManager((File) null);
            } else {
                File trustCertCollection = new File(serviceConfig.getTlsTrustCertsFilePath());
                builder.trustManager(trustCertCollection);
            }
        }
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ServerCnx(brokerService));
}
开发者ID:apache,项目名称:incubator-pulsar,代码行数:24,代码来源:PulsarChannelInitializer.java

示例4: initSsl

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
private void initSsl(String addr, NettyRequestFactory factory) throws Exception {
    SSLContext sslc = SSLContext.getInstance("TLS");
    if(!checkSsl) {
        log.debug("disable any SSL check on {} address", addr);
        sslc.init(null, new TrustManager[]{new SSLUtil.NullX509TrustManager()}, null);
    } else if(StringUtils.hasText(keystore)) {
        log.debug("use SSL trusted store {} on {} address", keystore, addr);
        final String alg = TrustManagerFactory.getDefaultAlgorithm();
        TrustManagerFactory def = TrustManagerFactory.getInstance(alg);
        def.init((KeyStore)null);// initialize default list of trust managers
        Resource resource = resourceLoader.getResource(keystore);
        if(!resource.exists()) {
            log.warn("Specified JKS {} is not exists.", keystore);
            return;
        }
        KeyStore ks = KeyStore.getInstance("JKS");
        try(InputStream is = resource.getInputStream()) {
            ks.load(is, storepass == null? new char[0] : storepass.toCharArray());
        }
        TrustManagerFactory local = TrustManagerFactory.getInstance(alg);
        local.init(ks);
        TrustManager tm = SSLUtil.combineX509TrustManagers(local.getTrustManagers(), def.getTrustManagers());
        sslc.init(null, new TrustManager[]{tm}, null);
    }
    factory.setSslContext(new JdkSslContext(sslc, true, ClientAuth.OPTIONAL));
}
开发者ID:codeabovelab,项目名称:haven-platform,代码行数:27,代码来源:DockerServiceFactory.java

示例5: buildSSLServerContext

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
private SslContext buildSSLServerContext(final PrivateKey _key, final X509Certificate[] _cert, final X509Certificate[] _trustedCerts, final Iterable<String> ciphers, final SslProvider sslProvider, final ClientAuth authMode) throws SSLException {

        final SslContextBuilder _sslContextBuilder = 
                SslContextBuilder
                .forServer(_key, _cert)
                .ciphers(ciphers)
                .applicationProtocolConfig(ApplicationProtocolConfig.DISABLED)
                .clientAuth(Objects.requireNonNull(authMode)) // https://github.com/netty/netty/issues/4722
                .sessionCacheSize(0)
                .sessionTimeout(0)
                .sslProvider(sslProvider);
        
        if(_trustedCerts != null && _trustedCerts.length > 0) {
            _sslContextBuilder.trustManager(_trustedCerts);
        }
        
        return buildSSLContext0(_sslContextBuilder);
    }
开发者ID:floragunncom,项目名称:search-guard-ssl,代码行数:19,代码来源:DefaultSearchGuardKeyStore.java

示例6: NettyCenter

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
/**
 * 私有构造函数
 */
private NettyCenter() {
    int maybeThreadSize = Runtime.getRuntime().availableProcessors();
    if (maybeThreadSize == 1) maybeThreadSize += 2;
    else if (maybeThreadSize == 8) maybeThreadSize = 2;
    else if (maybeThreadSize > 8) maybeThreadSize /= 2;
    /**
     * 构造事件循环组
     */
    eventLoopGroup = new NioEventLoopGroup(maybeThreadSize, new DefaultThreadFactory("NettyNioLoopGroup"));
    /**
     * 构造定时器
     */
    hashedWheelTimer = new HashedWheelTimer(new DefaultThreadFactory("NettyHashedWheelTimer"));
    /**
     * 构造 SSL 环境
     */
    try {
        SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
        sslContextBuilder.clientAuth(ClientAuth.OPTIONAL);
        simpleClientSslContext = sslContextBuilder.build();
    } catch (Throwable e) {
        log.error("NettyCenter :: initialize client sslcontext error!", e);
    }
}
开发者ID:316181444,项目名称:GameServerFramework,代码行数:28,代码来源:NettyCenter.java

示例7: createHttp2TLSContext

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
/**
 * This method will provide netty ssl context which supports HTTP2 over TLS using
 * Application Layer Protocol Negotiation (ALPN)
 *
 * @return instance of {@link SslContext}
 * @throws SSLException if any error occurred during building SSL context.
 */
public SslContext createHttp2TLSContext() throws SSLException {

    // If listener configuration does not include cipher suites , default ciphers required by the HTTP/2
    // specification will be added.
    List<String> ciphers = sslConfig.getCipherSuites() != null && sslConfig.getCipherSuites().length > 0 ? Arrays
            .asList(sslConfig.getCipherSuites()) : Http2SecurityUtil.CIPHERS;
    SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
    return SslContextBuilder.forServer(this.getKeyManagerFactory())
            .trustManager(this.getTrustStoreFactory())
            .sslProvider(provider)
            .ciphers(ciphers,
                    SupportedCipherSuiteFilter.INSTANCE)
            .clientAuth(needClientAuth ? ClientAuth.REQUIRE : ClientAuth.NONE)
            .applicationProtocolConfig(new ApplicationProtocolConfig(
                    ApplicationProtocolConfig.Protocol.ALPN,
                    // NO_ADVERTISE is currently the only mode supported by both OpenSsl and JDK providers.
                    ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
                    // ACCEPT is currently the only mode supported by both OpenSsl and JDK providers.
                    ApplicationProtocolConfig.SelectedListenerFailureBehavior.ACCEPT,
                    ApplicationProtocolNames.HTTP_2,
                    ApplicationProtocolNames.HTTP_1_1)).build();
}
开发者ID:wso2,项目名称:carbon-transports,代码行数:30,代码来源:SSLHandlerFactory.java

示例8: TlsConfig

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
public TlsConfig(Config config) {
  useSsl = config.getBoolean("useSsl");
  logInsecureConfig = config.getBoolean("logInsecureConfig");
  x509TrustedCerts = buildCerts(config.getStringList("x509TrustedCertPaths"));
  privateKey = parsePrivateKeyFromPem(readPathFromKey("privateKeyPath", config));
  certificate = parseX509CertificateFromPem(readPathFromKey("x509CertPath", config));
  x509CertChain =
      new ImmutableList.Builder<X509Certificate>()
          .add(certificate)
          .addAll(buildCerts(config.getStringList("x509CertChainPaths")))
          .build();
  useOpenSsl = config.getBoolean("useOpenSsl");
  alpnConfig = buildAlpnConfig(config.getConfig("alpn"));
  ciphers = config.getStringList("ciphers");
  clientAuth = config.getEnum(ClientAuth.class, "clientAuth");
  enableOcsp = config.getBoolean("enableOcsp");
  protocols = config.getStringList("protocols");
  sessionCacheSize = config.getLong("sessionCacheSize");
  sessionTimeout = config.getLong("sessionTimeout");
}
开发者ID:xjdr,项目名称:xio,代码行数:21,代码来源:TlsConfig.java

示例9: build

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
static SslContext build(final Config conf) throws IOException, CertificateException {
  String tmpdir = conf.getString("application.tmpdir");
  boolean http2 = conf.getBoolean("server.http2.enabled");
  File keyStoreCert = toFile(conf.getString("ssl.keystore.cert"), tmpdir);
  File keyStoreKey = toFile(conf.getString("ssl.keystore.key"), tmpdir);
  String keyStorePass = conf.hasPath("ssl.keystore.password")
      ? conf.getString("ssl.keystore.password") : null;
  SslContextBuilder scb = SslContextBuilder.forServer(keyStoreCert, keyStoreKey, keyStorePass);
  if (conf.hasPath("ssl.trust.cert")) {
    scb.trustManager(toFile(conf.getString("ssl.trust.cert"), tmpdir))
       .clientAuth(ClientAuth.REQUIRE);
  }
  if (http2) {
    SslProvider provider = OpenSsl.isAlpnSupported() ? SslProvider.OPENSSL : SslProvider.JDK;
    return scb.sslProvider(provider)
        .ciphers(Http2SecurityUtil.CIPHERS, SupportedCipherSuiteFilter.INSTANCE)
        .applicationProtocolConfig(new ApplicationProtocolConfig(
            Protocol.ALPN,
            SelectorFailureBehavior.NO_ADVERTISE,
            SelectedListenerFailureBehavior.ACCEPT,
            Arrays.asList(ApplicationProtocolNames.HTTP_2, ApplicationProtocolNames.HTTP_1_1)))
        .build();
  }
  return scb.build();
}
开发者ID:jooby-project,项目名称:jooby,代码行数:26,代码来源:NettySslContext.java

示例10: newServer

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
/**
 * Creates and starts a new {@link TestServiceImpl} server.
 */
private Server newServer() throws CertificateException, IOException {
  File serverCertChainFile = TestUtils.loadCert("server1.pem");
  File serverPrivateKeyFile = TestUtils.loadCert("server1.key");
  X509Certificate[] serverTrustedCaCerts = {
    TestUtils.loadX509Cert("ca.pem")
  };

  SslContext sslContext =
      GrpcSslContexts.forServer(serverCertChainFile, serverPrivateKeyFile)
                     .trustManager(serverTrustedCaCerts)
                     .clientAuth(ClientAuth.REQUIRE)
                     .build();

  return NettyServerBuilder.forPort(0)
      .sslContext(sslContext)
      .addService(new TestServiceImpl(serverExecutor))
      .build()
      .start();
}
开发者ID:grpc,项目名称:grpc-java,代码行数:23,代码来源:ConcurrencyTest.java

示例11: getServerBuilder

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Override
protected AbstractServerImplBuilder<?> getServerBuilder() {
  // Starts the server with HTTPS.
  try {
    return NettyServerBuilder.forPort(0)
        .flowControlWindow(65 * 1024)
        .maxMessageSize(AbstractInteropTest.MAX_MESSAGE_SIZE)
        .sslContext(GrpcSslContexts
            .forServer(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
            .clientAuth(ClientAuth.REQUIRE)
            .trustManager(TestUtils.loadCert("ca.pem"))
            .ciphers(TestUtils.preferredTestCiphers(), SupportedCipherSuiteFilter.INSTANCE)
            .sslProvider(SslProvider.OPENSSL)
            .build());
  } catch (IOException ex) {
    throw new RuntimeException(ex);
  }
}
开发者ID:grpc,项目名称:grpc-java,代码行数:19,代码来源:Http2NettyTest.java

示例12: testNewInstanceLoader

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Test
public void testNewInstanceLoader() throws Exception {
    final SslContextReloader reloader = new SslContextReloader(() -> {
        return new JdkSslContext(SSLContext.getDefault(), true, ClientAuth.REQUIRE);
    });

    assertTrue(reloader.load());
    assertEquals(ReloadState.RELOADED, reloader.getReloadState());
    assertNull(reloader.getDataVersion());
}
开发者ID:indeedeng-alpha,项目名称:indeed-grpc-java,代码行数:11,代码来源:SslContextReloaderTest.java

示例13: testStaticInstanceLoader

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Test
public void testStaticInstanceLoader() throws Exception {
    final JdkSslContext context = new JdkSslContext(SSLContext.getDefault(), true, ClientAuth.REQUIRE);
    final SslContextReloader reloader = new SslContextReloader(() -> context);

    // don't invoke load here because the constructor forces load the first time
    assertEquals(ReloadState.RELOADED, reloader.getReloadState());
    assertNull(reloader.getDataVersion());

    assertFalse(reloader.load());
    assertEquals(ReloadState.NO_CHANGE, reloader.getReloadState());
    assertNull(reloader.getDataVersion());
}
开发者ID:indeedeng-alpha,项目名称:indeed-grpc-java,代码行数:14,代码来源:SslContextReloaderTest.java

示例14: createSSLContext

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
protected SslContext createSSLContext(Configuration config) throws Exception {

        Configuration.Ssl sslCfg = config.getSecurity().getSsl();
        Boolean generate = sslCfg.isUseGeneratedKeypair();
        SslContextBuilder ssl;
        if (generate) {
            LOG.warn("Using generated self signed server certificate");
            Date begin = new Date();
            Date end = new Date(begin.getTime() + 86400000);
            SelfSignedCertificate ssc = new SelfSignedCertificate("localhost", begin, end);
            ssl = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey());
        } else {
            String cert = sslCfg.getCertificateFile();
            String key = sslCfg.getKeyFile();
            String keyPass = sslCfg.getKeyPassword();
            if (null == cert || null == key) {
                throw new IllegalArgumentException("Check your SSL properties, something is wrong.");
            }
            ssl = SslContextBuilder.forServer(new File(cert), new File(key), keyPass);
        }

        ssl.ciphers(sslCfg.getUseCiphers());

        // Can't set to REQUIRE because the CORS pre-flight requests will fail.
        ssl.clientAuth(ClientAuth.OPTIONAL);

        Boolean useOpenSSL = sslCfg.isUseOpenssl();
        if (useOpenSSL) {
            ssl.sslProvider(SslProvider.OPENSSL);
        } else {
            ssl.sslProvider(SslProvider.JDK);
        }
        String trustStore = sslCfg.getTrustStoreFile();
        if (null != trustStore) {
            if (!trustStore.isEmpty()) {
                ssl.trustManager(new File(trustStore));
            }
        }
        return ssl.build();
    }
开发者ID:NationalSecurityAgency,项目名称:qonduit,代码行数:41,代码来源:Server.java

示例15: initChannel

import io.netty.handler.ssl.ClientAuth; //导入依赖的package包/类
@Override
protected void initChannel(SocketChannel ch) throws Exception {
    if (enableTLS) {
        File tlsCert = new File(serviceConfig.getTlsCertificateFilePath());
        File tlsKey = new File(serviceConfig.getTlsKeyFilePath());
        SslContextBuilder builder = SslContextBuilder.forServer(tlsCert, tlsKey);
        // allows insecure connection
        builder.trustManager(InsecureTrustManagerFactory.INSTANCE);
        SslContext sslCtx = builder.clientAuth(ClientAuth.OPTIONAL).build();
        ch.pipeline().addLast(TLS_HANDLER, sslCtx.newHandler(ch.alloc()));
    }
    ch.pipeline().addLast("frameDecoder", new LengthFieldBasedFrameDecoder(PulsarDecoder.MaxFrameSize, 0, 4, 0, 4));
    ch.pipeline().addLast("handler", new ProxyConnection(proxyService));
}
开发者ID:apache,项目名称:incubator-pulsar,代码行数:15,代码来源:ServiceChannelInitializer.java


注:本文中的io.netty.handler.ssl.ClientAuth类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。