本文整理汇总了Java中org.eclipse.jetty.util.ssl.SslContextFactory.setWantClientAuth方法的典型用法代码示例。如果您正苦于以下问题:Java SslContextFactory.setWantClientAuth方法的具体用法?Java SslContextFactory.setWantClientAuth怎么用?Java SslContextFactory.setWantClientAuth使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.eclipse.jetty.util.ssl.SslContextFactory的用法示例。
在下文中一共展示了SslContextFactory.setWantClientAuth方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSslContextFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public SslContextFactory getSslContextFactory() throws GeneralSecurityException, IOException {
SslContextFactory sslContextFactory = new SslContextFactory();
KeyStore keyStore = KeyStore.getInstance(properties.getProperty(MINIFI_C2_SERVER_KEYSTORE_TYPE));
Path keyStorePath = Paths.get(C2_SERVER_HOME).resolve(properties.getProperty(MINIFI_C2_SERVER_KEYSTORE)).toAbsolutePath();
logger.debug("keystore path: " + keyStorePath);
try (InputStream inputStream = Files.newInputStream(keyStorePath)) {
keyStore.load(inputStream, properties.getProperty(MINIFI_C2_SERVER_KEYSTORE_PASSWD).toCharArray());
}
sslContextFactory.setKeyStore(keyStore);
sslContextFactory.setKeyManagerPassword(properties.getProperty(MINIFI_C2_SERVER_KEY_PASSWD));
sslContextFactory.setWantClientAuth(true);
String trustStorePath = Paths.get(C2_SERVER_HOME).resolve(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE)).toAbsolutePath().toFile().getAbsolutePath();
logger.debug("truststore path: " + trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
sslContextFactory.setTrustStoreType(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE_TYPE));
sslContextFactory.setTrustStorePassword(properties.getProperty(MINIFI_C2_SERVER_TRUSTSTORE_PASSWD));
try {
sslContextFactory.start();
} catch (Exception e) {
throw new IOException(e);
}
return sslContextFactory;
}
示例2: createSslContextFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
private SslContextFactory createSslContextFactory(OptionMap options) {
SslContextFactory context = new SslContextFactory();
Object keystore = options.get("keystore");
if (keystore instanceof KeyStore) {
context.setKeyStore((KeyStore) keystore);
} else {
throw new MisconfigurationException("");
}
context.setKeyStorePassword(options.getString("keystorePassword"));
Object truststore = options.get("truststore");
if (truststore instanceof KeyStore) {
context.setTrustStore((KeyStore) truststore);
}
context.setTrustStorePassword(options.getString("truststorePassword"));
String clientAuth = options.getString("clientAuth", "none");
switch (clientAuth) {
case "need": context.setNeedClientAuth(true); break;
case "want": context.setWantClientAuth(true); break;
}
return context;
}
示例3: configureSslClientAuth
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
private void configureSslClientAuth(SslContextFactory factory, Ssl ssl) {
if (ssl.getClientAuth() == Ssl.ClientAuth.NEED) {
factory.setNeedClientAuth(true);
factory.setWantClientAuth(true);
} else if (ssl.getClientAuth() == Ssl.ClientAuth.WANT) {
factory.setWantClientAuth(true);
}
}
示例4: ServerManager
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public ServerManager(ServiceConfig config) {
this.webServiceExecutor = Executors.newFixedThreadPool(32, new DefaultThreadFactory("pulsar-external-web"));
this.server = new Server(new ExecutorThreadPool(webServiceExecutor));
this.externalServicePort = config.getWebServicePort();
List<ServerConnector> connectors = Lists.newArrayList();
ServerConnector connector = new ServerConnector(server, 1, 1);
connector.setPort(externalServicePort);
connectors.add(connector);
if (config.isTlsEnabled()) {
SslContextFactory sslCtxFactory = new SslContextFactory();
try {
SSLContext sslCtx = SecurityUtility.createSslContext(config.isTlsAllowInsecureConnection(), config.getTlsTrustCertsFilePath(), config.getTlsCertificateFilePath(),
config.getTlsKeyFilePath());
sslCtxFactory.setSslContext(sslCtx);
} catch (GeneralSecurityException e) {
throw new RestException(e);
}
sslCtxFactory.setWantClientAuth(true);
ServerConnector tlsConnector = new ServerConnector(server, 1, 1, sslCtxFactory);
tlsConnector.setPort(config.getWebServicePortTls());
connectors.add(tlsConnector);
}
// Limit number of concurrent HTTP connections to avoid getting out of file descriptors
connectors.stream().forEach(c -> c.setAcceptQueueSize(1024 / connectors.size()));
server.setConnectors(connectors.toArray(new ServerConnector[connectors.size()]));
}
示例5: ProxyServer
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public ProxyServer(WebSocketProxyConfiguration config)
throws PulsarClientException, MalformedURLException, PulsarServerException {
this.conf = config;
executorService = Executors.newFixedThreadPool(WebSocketProxyConfiguration.PROXY_SERVER_EXECUTOR_THREADS,
new DefaultThreadFactory("pulsar-websocket-web"));
this.server = new Server(new ExecutorThreadPool(executorService));
List<ServerConnector> connectors = new ArrayList<>();
ServerConnector connector = new ServerConnector(server);
connector.setPort(config.getWebServicePort());
connectors.add(connector);
// TLS enabled connector
if (config.isTlsEnabled()) {
SslContextFactory sslCtxFactory = new SslContextFactory(true);
try {
SSLContext sslCtx = SecurityUtility.createSslContext(false, config.getTlsTrustCertsFilePath(), config.getTlsCertificateFilePath(),
config.getTlsKeyFilePath());
sslCtxFactory.setSslContext(sslCtx);
} catch (GeneralSecurityException e) {
throw new PulsarServerException(e);
}
sslCtxFactory.setWantClientAuth(true);
ServerConnector tlsConnector = new ServerConnector(server, -1, -1, sslCtxFactory);
tlsConnector.setPort(config.getWebServicePortTls());
connectors.add(tlsConnector);
}
// Limit number of concurrent HTTP connections to avoid getting out of
// file descriptors
connectors.stream().forEach(c -> c.setAcceptQueueSize(1024 / connectors.size()));
server.setConnectors(connectors.toArray(new ServerConnector[connectors.size()]));
}
示例6: WebService
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public WebService(PulsarService pulsar) throws PulsarServerException {
this.handlers = Lists.newArrayList();
this.pulsar = pulsar;
this.webServiceExecutor = Executors.newFixedThreadPool(WebService.NUM_ACCEPTORS, new DefaultThreadFactory("pulsar-web"));
this.server = new Server(new ExecutorThreadPool(webServiceExecutor));
List<ServerConnector> connectors = new ArrayList<>();
ServerConnector connector = new PulsarServerConnector(server, 1, 1);
connector.setPort(pulsar.getConfiguration().getWebServicePort());
connector.setHost(pulsar.getBindAddress());
connectors.add(connector);
if (pulsar.getConfiguration().isTlsEnabled()) {
SslContextFactory sslCtxFactory = new SslContextFactory();
try {
sslCtxFactory.setSslContext(
SecurityUtility.createSslContext(
pulsar.getConfiguration().isTlsAllowInsecureConnection(),
pulsar.getConfiguration().getTlsTrustCertsFilePath(),
pulsar.getConfiguration().getTlsCertificateFilePath(),
pulsar.getConfiguration().getTlsKeyFilePath()));
} catch (GeneralSecurityException e) {
throw new PulsarServerException(e);
}
sslCtxFactory.setWantClientAuth(true);
ServerConnector tlsConnector = new PulsarServerConnector(server, 1, 1, sslCtxFactory);
tlsConnector.setPort(pulsar.getConfiguration().getWebServicePortTls());
tlsConnector.setHost(pulsar.getBindAddress());
connectors.add(tlsConnector);
}
// Limit number of concurrent HTTP connections to avoid getting out of file descriptors
connectors.forEach(c -> c.setAcceptQueueSize(WebService.MAX_CONCURRENT_REQUESTS / connectors.size()));
server.setConnectors(connectors.toArray(new ServerConnector[connectors.size()]));
}
示例7: WebServer
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public WebServer(ProxyConfiguration config) {
this.webServiceExecutor = Executors.newFixedThreadPool(32, new DefaultThreadFactory("pulsar-external-web"));
this.server = new Server(new ExecutorThreadPool(webServiceExecutor));
this.externalServicePort = config.getWebServicePort();
List<ServerConnector> connectors = Lists.newArrayList();
ServerConnector connector = new ServerConnector(server, 1, 1);
connector.setPort(externalServicePort);
connectors.add(connector);
if (config.isTlsEnabledInProxy()) {
SslContextFactory sslCtxFactory = new SslContextFactory();
try {
SSLContext sslCtx = SecurityUtility.createSslContext(false, null, config.getTlsCertificateFilePath(),
config.getTlsKeyFilePath());
sslCtxFactory.setSslContext(sslCtx);
} catch (GeneralSecurityException e) {
throw new RuntimeException(e);
}
sslCtxFactory.setWantClientAuth(false);
ServerConnector tlsConnector = new ServerConnector(server, 1, 1, sslCtxFactory);
tlsConnector.setPort(config.getWebServicePortTls());
connectors.add(tlsConnector);
}
// Limit number of concurrent HTTP connections to avoid getting out of file descriptors
connectors.stream().forEach(c -> c.setAcceptQueueSize(1024 / connectors.size()));
server.setConnectors(connectors.toArray(new ServerConnector[connectors.size()]));
}
示例8: configureSslClientAuth
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
private void configureSslClientAuth(SslContextFactory factory, Ssl ssl) {
if (ssl.getClientAuth() == ClientAuth.NEED) {
factory.setNeedClientAuth(true);
factory.setWantClientAuth(true);
}
else if (ssl.getClientAuth() == ClientAuth.WANT) {
factory.setWantClientAuth(true);
}
}
开发者ID:vikrammane23,项目名称:https-github.com-g0t4-jenkins2-course-spring-boot,代码行数:10,代码来源:JettyEmbeddedServletContainerFactory.java
示例9: newSslConnectionFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
private SslConnectionFactory newSslConnectionFactory() {
Ssl sslConfig = connectorConfig.ssl();
SslContextFactory factory = new JDiscSslContextFactory();
sslKeyStoreConfigurator.configure(new DefaultSslKeyStoreContext(factory));
sslTrustStoreConfigurator.configure(new DefaultSslTrustStoreContext(factory));
switch (sslConfig.clientAuth()) {
case NEED_AUTH:
factory.setNeedClientAuth(true);
break;
case WANT_AUTH:
factory.setWantClientAuth(true);
break;
}
if (!sslConfig.prng().isEmpty()) {
factory.setSecureRandomAlgorithm(sslConfig.prng());
}
setStringArrayParameter(
factory, sslConfig.excludeProtocol(), ExcludeProtocol::name, SslContextFactory::setExcludeProtocols);
setStringArrayParameter(
factory, sslConfig.includeProtocol(), IncludeProtocol::name, SslContextFactory::setIncludeProtocols);
setStringArrayParameter(
factory, sslConfig.excludeCipherSuite(), ExcludeCipherSuite::name, SslContextFactory::setExcludeCipherSuites);
setStringArrayParameter(
factory, sslConfig.includeCipherSuite(), IncludeCipherSuite::name, SslContextFactory::setIncludeCipherSuites);
factory.setKeyManagerFactoryAlgorithm(sslConfig.sslKeyManagerFactoryAlgorithm());
factory.setProtocol(sslConfig.protocol());
return new SslConnectionFactory(factory, HttpVersion.HTTP_1_1.asString());
}
示例10: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
SslContextFactory createSSLContextObject() {
String keyStorePath = System.getProperty(ZMS_KEYSTORE_PATH);
String keyStorePassword = System.getProperty(ZMS_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(ZMS_KEYSTORE_TYPE, "PKCS12");
String trustStorePath = System.getProperty(ZMS_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(ZMS_TRUSTSTORE_PASSWORD);
String trustStoreType = System.getProperty(ZMS_TRUSTSTORE_TYPE, "PKCS12");
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
sslContextFactory.setKeyStorePassword(keyStorePassword);
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (trustStorePath != null) {
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
sslContextFactory.setTrustStorePassword(trustStorePassword);
}
sslContextFactory.setTrustStoreType(trustStoreType);
sslContextFactory.setWantClientAuth(true);
return sslContextFactory;
}
示例11: createSslContextFactory
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
private SslContextFactory createSslContextFactory() {
final SslContextFactory contextFactory = new SslContextFactory();
// if needClientAuth is false then set want to true so we can optionally use certs
if (properties.getNeedClientAuth()) {
logger.info("Setting Jetty's SSLContextFactory needClientAuth to true");
contextFactory.setNeedClientAuth(true);
} else {
logger.info("Setting Jetty's SSLContextFactory wantClientAuth to true");
contextFactory.setWantClientAuth(true);
}
/* below code sets JSSE system properties when values are provided */
// keystore properties
if (StringUtils.isNotBlank(properties.getKeyStorePath())) {
contextFactory.setKeyStorePath(properties.getKeyStorePath());
}
if (StringUtils.isNotBlank(properties.getKeyStoreType())) {
contextFactory.setKeyStoreType(properties.getKeyStoreType());
}
final String keystorePassword = properties.getKeyStorePassword();
final String keyPassword = properties.getKeyPassword();
if (StringUtils.isNotBlank(keystorePassword)) {
// if no key password was provided, then assume the keystore password is the same as the key password.
final String defaultKeyPassword = (StringUtils.isBlank(keyPassword)) ? keystorePassword : keyPassword;
contextFactory.setKeyManagerPassword(keystorePassword);
contextFactory.setKeyStorePassword(defaultKeyPassword);
} else if (StringUtils.isNotBlank(keyPassword)) {
// since no keystore password was provided, there will be no keystore integrity check
contextFactory.setKeyStorePassword(keyPassword);
}
// truststore properties
if (StringUtils.isNotBlank(properties.getTrustStorePath())) {
contextFactory.setTrustStorePath(properties.getTrustStorePath());
}
if (StringUtils.isNotBlank(properties.getTrustStoreType())) {
contextFactory.setTrustStoreType(properties.getTrustStoreType());
}
if (StringUtils.isNotBlank(properties.getTrustStorePassword())) {
contextFactory.setTrustStorePassword(properties.getTrustStorePassword());
}
return contextFactory;
}
示例12: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
SslContextFactory createSSLContextObject(boolean needClientAuth) {
String keyStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PATH);
String keyStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD_APPNAME);
String keyStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_TYPE, "PKCS12");
String keyManagerPassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD);
String keyManagerPasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD_APPNAME);
String trustStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD);
String trustStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD_APPNAME);
String trustStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_TYPE, "PKCS12");
String includedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_INCLUDED_CIPHER_SUITES);
String excludedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_CIPHER_SUITES);
String excludedProtocols = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_PROTOCOLS,
ATHENZ_DEFAULT_EXCLUDED_PROTOCOLS);
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
LOG.info("Using SSL KeyStore path: {}", keyStorePath);
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
//default implementation should just return the same
sslContextFactory.setKeyStorePassword(this.privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword));
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (keyManagerPassword != null) {
sslContextFactory.setKeyManagerPassword(this.privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword));
}
if (trustStorePath != null) {
LOG.info("Using SSL TrustStore path: {}", trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
sslContextFactory.setTrustStorePassword(this.privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword));
}
sslContextFactory.setTrustStoreType(trustStoreType);
if (includedCipherSuites != null && !includedCipherSuites.isEmpty()) {
sslContextFactory.setIncludeCipherSuites(includedCipherSuites.split(","));
}
if (excludedCipherSuites != null && !excludedCipherSuites.isEmpty()) {
sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
}
if (!excludedProtocols.isEmpty()) {
sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
}
if (needClientAuth) {
sslContextFactory.setNeedClientAuth(true);
} else {
sslContextFactory.setWantClientAuth(true);
}
return sslContextFactory;
}
示例13: createSSLContextObject
import org.eclipse.jetty.util.ssl.SslContextFactory; //导入方法依赖的package包/类
public static SslContextFactory createSSLContextObject(String[] clientProtocols, PrivateKeyStore privateKeyStore) {
String keyStorePath = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PATH);
String keyStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD_APPNAME);
String keyStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD);
String keyStoreType = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_TYPE, "PKCS12");
String keyManagerPassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD);
String keyManagerPasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD_APPNAME);
String trustStorePath = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PATH);
String trustStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD);
String trustStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD_APPNAME);
String trustStoreType = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_TYPE, "PKCS12");
String excludedCipherSuites = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_CIPHER_SUITES,
ZTS_DEFAULT_EXCLUDED_CIPHER_SUITES);
String excludedProtocols = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_PROTOCOLS,
ZTS_DEFAULT_EXCLUDED_PROTOCOLS);
Boolean wantClientAuth = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_WANT_CLIENT_CERT, "false"));
SslContextFactory sslContextFactory = new SslContextFactory();
if (keyStorePath != null) {
LOGGER.info("createSSLContextObject: using SSL KeyStore path: " + keyStorePath);
sslContextFactory.setKeyStorePath(keyStorePath);
}
if (keyStorePassword != null) {
if (null != privateKeyStore) {
keyStorePassword = privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword);
}
sslContextFactory.setKeyStorePassword(keyStorePassword);
}
sslContextFactory.setKeyStoreType(keyStoreType);
if (keyManagerPassword != null) {
if (null != privateKeyStore) {
keyManagerPassword = privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword);
}
sslContextFactory.setKeyManagerPassword(keyManagerPassword);
}
if (trustStorePath != null) {
LOGGER.info("createSSLContextObject: using SSL TrustStore path: " + trustStorePath);
sslContextFactory.setTrustStorePath(trustStorePath);
}
if (trustStorePassword != null) {
if (null != privateKeyStore) {
trustStorePassword = privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword);
}
sslContextFactory.setTrustStorePassword(trustStorePassword);
}
sslContextFactory.setTrustStoreType(trustStoreType);
if (excludedCipherSuites.length() != 0) {
sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
}
if (excludedProtocols.length() != 0) {
sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
}
sslContextFactory.setWantClientAuth(wantClientAuth);
if (clientProtocols != null) {
sslContextFactory.setIncludeProtocols(clientProtocols);
}
return sslContextFactory;
}