當前位置: 首頁>>代碼示例>>Java>>正文

Java SslContextFactory.setExcludeProtocols方法代碼示例

本文整理匯總了Java中org.eclipse.jetty.util.ssl.SslContextFactory.setExcludeProtocols方法的典型用法代碼示例。如果您正苦於以下問題:Java SslContextFactory.setExcludeProtocols方法的具體用法?Java SslContextFactory.setExcludeProtocols怎麽用?Java SslContextFactory.setExcludeProtocols使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在org.eclipse.jetty.util.ssl.SslContextFactory的用法示例。


在下文中一共展示了SslContextFactory.setExcludeProtocols方法的3個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: createHttpsConnector

import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
/**
 * Create an HTTPS connector for given jetty server instance. If the config has specified keystore/truststore settings
 * they will be used else a self-signed certificate is generated and used.
 *
 * @param hostName
 * @param config {@link DremioConfig} containing SSL related settings if any.
 * @param embeddedJetty Jetty server instance needed for creating a ServerConnector.
 *
 * @return Initialized {@link ServerConnector} for HTTPS connections and the trust store. Trust store is non-null only
 * when in case of auto generated self-signed certificate.
 * @throws Exception
 */
public Pair<ServerConnector, KeyStore> createHttpsConnector(final Server embeddedJetty,
    final DremioConfig config, final String hostName, final String... alternativeNames) throws Exception {
  logger.info("Setting up HTTPS connector for web server");

  final SslContextFactory sslContextFactory = new SslContextFactory();

  Pair<KeyStore, String> keyStore = getKeyStore(config, hostName, alternativeNames);
  KeyStore trustStore = getTrustStore(config);

  sslContextFactory.setKeyStore(keyStore.getLeft());
  // Assuming that the keystore and the keymanager passwords are the same
  // based on JSSE examples...
  sslContextFactory.setKeyManagerPassword(keyStore.getRight());
  sslContextFactory.setTrustStore(trustStore);

  // Disable ciphers, protocols and other that are considered weak/vulnerable
  sslContextFactory.setExcludeCipherSuites(
      "TLS_DHE.*",
      "TLS_EDH.*"
      // TODO: there are few other ciphers that Chrome complains about being obsolete. Research more about them and
      // include here.
  );

  sslContextFactory.setExcludeProtocols("SSLv3");
  sslContextFactory.setRenegotiationAllowed(false);

  // SSL Connector
  final ServerConnector sslConnector = new ServerConnector(embeddedJetty,
      new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
      new HttpConnectionFactory(new HttpConfiguration()));

  return Pair.of(sslConnector, trustStore);
}
開發者ID:dremio,項目名稱:dremio-oss,代碼行數:46,代碼來源:HttpsConnectorGenerator.java

示例2: createSSLContextObject

import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
SslContextFactory createSSLContextObject(boolean needClientAuth) {
    
    String keyStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PATH);
    String keyStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD_APPNAME);
    String keyStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_PASSWORD);
    String keyStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYSTORE_TYPE, "PKCS12");
    String keyManagerPassword = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD);
    String keyManagerPasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_KEYMANAGER_PASSWORD_APPNAME);
    String trustStorePath = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PATH);
    String trustStorePassword = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD);
    String trustStorePasswordAppName = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_PASSWORD_APPNAME);
    String trustStoreType = System.getProperty(AthenzConsts.ATHENZ_PROP_TRUSTSTORE_TYPE, "PKCS12");
    String includedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_INCLUDED_CIPHER_SUITES);
    String excludedCipherSuites = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_CIPHER_SUITES);
    String excludedProtocols = System.getProperty(AthenzConsts.ATHENZ_PROP_EXCLUDED_PROTOCOLS,
            ATHENZ_DEFAULT_EXCLUDED_PROTOCOLS);
    
    SslContextFactory sslContextFactory = new SslContextFactory();
    if (keyStorePath != null) {
        LOG.info("Using SSL KeyStore path: {}", keyStorePath);
        sslContextFactory.setKeyStorePath(keyStorePath);
    }
    if (keyStorePassword != null) {
        //default implementation should just return the same
        sslContextFactory.setKeyStorePassword(this.privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword));
    }
    sslContextFactory.setKeyStoreType(keyStoreType);

    if (keyManagerPassword != null) {
        sslContextFactory.setKeyManagerPassword(this.privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword));
    }
    if (trustStorePath != null) {
        LOG.info("Using SSL TrustStore path: {}", trustStorePath);
        sslContextFactory.setTrustStorePath(trustStorePath);
    }
    if (trustStorePassword != null) {
        sslContextFactory.setTrustStorePassword(this.privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword));
    }
    sslContextFactory.setTrustStoreType(trustStoreType);

    if (includedCipherSuites != null && !includedCipherSuites.isEmpty()) {
        sslContextFactory.setIncludeCipherSuites(includedCipherSuites.split(","));
    }
    
    if (excludedCipherSuites != null && !excludedCipherSuites.isEmpty()) {
        sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
    }
    
    if (!excludedProtocols.isEmpty()) {
        sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
    }
    
    if (needClientAuth) {
        sslContextFactory.setNeedClientAuth(true);
    } else {
        sslContextFactory.setWantClientAuth(true);
    }
    
    return sslContextFactory;
}
開發者ID:yahoo,項目名稱:athenz,代碼行數:61,代碼來源:AthenzJettyContainer.java

示例3: createSSLContextObject

import org.eclipse.jetty.util.ssl.SslContextFactory; //導入方法依賴的package包/類
public static SslContextFactory createSSLContextObject(String[] clientProtocols, PrivateKeyStore privateKeyStore) {
    
    String keyStorePath = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PATH);
    String keyStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD_APPNAME);
    String keyStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_PASSWORD);
    String keyStoreType = System.getProperty(ZTSConsts.ZTS_PROP_KEYSTORE_TYPE, "PKCS12");
    String keyManagerPassword = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD);
    String keyManagerPasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_KEYMANAGER_PASSWORD_APPNAME);

    String trustStorePath = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PATH);
    String trustStorePassword = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD);
    String trustStorePasswordAppName = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_PASSWORD_APPNAME);

    String trustStoreType = System.getProperty(ZTSConsts.ZTS_PROP_TRUSTSTORE_TYPE, "PKCS12");
    String excludedCipherSuites = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_CIPHER_SUITES,
            ZTS_DEFAULT_EXCLUDED_CIPHER_SUITES);
    String excludedProtocols = System.getProperty(ZTSConsts.ZTS_PROP_EXCLUDED_PROTOCOLS,
            ZTS_DEFAULT_EXCLUDED_PROTOCOLS);
    Boolean wantClientAuth = Boolean.parseBoolean(System.getProperty(ZTSConsts.ZTS_PROP_WANT_CLIENT_CERT, "false"));
    
    SslContextFactory sslContextFactory = new SslContextFactory();
    if (keyStorePath != null) {
        LOGGER.info("createSSLContextObject: using SSL KeyStore path: " + keyStorePath);
        sslContextFactory.setKeyStorePath(keyStorePath);
    }
    if (keyStorePassword != null) {
        if (null != privateKeyStore) {
            keyStorePassword = privateKeyStore.getApplicationSecret(keyStorePasswordAppName, keyStorePassword);
        }
        sslContextFactory.setKeyStorePassword(keyStorePassword);
    }
    sslContextFactory.setKeyStoreType(keyStoreType);

    if (keyManagerPassword != null) {
        if (null != privateKeyStore) {
            keyManagerPassword = privateKeyStore.getApplicationSecret(keyManagerPasswordAppName, keyManagerPassword);
        }
        sslContextFactory.setKeyManagerPassword(keyManagerPassword);
    }
    if (trustStorePath != null) {
        LOGGER.info("createSSLContextObject: using SSL TrustStore path: " + trustStorePath);
        sslContextFactory.setTrustStorePath(trustStorePath);
    }
    if (trustStorePassword != null) {
        if (null != privateKeyStore) {
            trustStorePassword = privateKeyStore.getApplicationSecret(trustStorePasswordAppName, trustStorePassword);
        }
        sslContextFactory.setTrustStorePassword(trustStorePassword);
    }
    sslContextFactory.setTrustStoreType(trustStoreType);

    if (excludedCipherSuites.length() != 0) {
        sslContextFactory.setExcludeCipherSuites(excludedCipherSuites.split(","));
    }
    
    if (excludedProtocols.length() != 0) {
        sslContextFactory.setExcludeProtocols(excludedProtocols.split(","));
    }

    sslContextFactory.setWantClientAuth(wantClientAuth);
    if (clientProtocols != null) {
        sslContextFactory.setIncludeProtocols(clientProtocols);
    }

    return sslContextFactory;
}
開發者ID:yahoo,項目名稱:athenz,代碼行數:67,代碼來源:ZTSUtils.java


注:本文中的org.eclipse.jetty.util.ssl.SslContextFactory.setExcludeProtocols方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。