List of usage examples for io.netty.handler.ssl SslHandler SslHandler
public SslHandler(SSLEngine engine)
From source file:org.apache.camel.component.netty4.http.HttpServerSharedInitializerFactory.java
License:Apache License
private SslHandler configureServerSSLOnDemand() throws Exception { if (!configuration.isSsl()) { return null; }//from w w w.ja v a 2 s.c om if (configuration.getSslHandler() != null) { return configuration.getSslHandler(); } else if (sslContext != null) { SSLEngine engine = sslContext.createSSLEngine(); engine.setUseClientMode(false); engine.setNeedClientAuth(configuration.isNeedClientAuth()); if (configuration.getSslContextParameters() == null) { // just set the enabledProtocols if the SslContextParameter doesn't set engine.setEnabledProtocols(configuration.getEnabledProtocols().split(",")); } return new SslHandler(engine); } return null; }
From source file:org.apache.cxf.transport.http.netty.client.NettyHttpClientPipelineFactory.java
License:Apache License
private SslHandler configureClientSSLOnDemand() throws Exception { if (tlsClientParameters != null) { SSLEngine sslEngine = SSLUtils.createClientSSLEngine(tlsClientParameters); return new SslHandler(sslEngine); } else {//from w w w .ja v a2 s . c om return null; } }
From source file:org.apache.cxf.transport.http.netty.server.NettyHttpServletPipelineFactory.java
License:Apache License
private SslHandler configureServerSSLOnDemand() throws Exception { if (tlsServerParameters != null) { SSLEngine sslEngine = SSLUtils.createServerSSLEngine(tlsServerParameters); return new SslHandler(sslEngine); } else {/*from ww w . j av a 2 s . c o m*/ return null; } }
From source file:org.apache.flink.mesos.util.MesosArtifactServer.java
License:Apache License
public MesosArtifactServer(String prefix, String serverHostname, int configuredPort, Configuration config) throws Exception { if (configuredPort < 0 || configuredPort > 0xFFFF) { throw new IllegalArgumentException("File server port is invalid: " + configuredPort); }// w w w .j ava 2 s . c o m // Config to enable https access to the artifact server boolean enableSSL = config.getBoolean(ConfigConstants.MESOS_ARTIFACT_SERVER_SSL_ENABLED, ConfigConstants.DEFAULT_MESOS_ARTIFACT_SERVER_SSL_ENABLED) && SSLUtils.getSSLEnabled(config); if (enableSSL) { LOG.info("Enabling ssl for the artifact server"); try { serverSSLContext = SSLUtils.createSSLServerContext(config); } catch (Exception e) { throw new IOException("Failed to initialize SSLContext for the artifact server", e); } } else { serverSSLContext = null; } router = new Router(); ChannelInitializer<SocketChannel> initializer = new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(SocketChannel ch) { Handler handler = new Handler(router); // SSL should be the first handler in the pipeline if (serverSSLContext != null) { SSLEngine sslEngine = serverSSLContext.createSSLEngine(); sslEngine.setUseClientMode(false); ch.pipeline().addLast("ssl", new SslHandler(sslEngine)); } ch.pipeline().addLast(new HttpServerCodec()).addLast(new ChunkedWriteHandler()) .addLast(handler.name(), handler).addLast(new UnknownFileHandler()); } }; NioEventLoopGroup bossGroup = new NioEventLoopGroup(1); NioEventLoopGroup workerGroup = new NioEventLoopGroup(); this.bootstrap = new ServerBootstrap(); this.bootstrap.group(bossGroup, workerGroup).channel(NioServerSocketChannel.class) .childHandler(initializer); Channel ch = this.bootstrap.bind(serverHostname, configuredPort).sync().channel(); this.serverChannel = ch; InetSocketAddress bindAddress = (InetSocketAddress) ch.localAddress(); String address = bindAddress.getAddress().getHostAddress(); int port = bindAddress.getPort(); String httpProtocol = (serverSSLContext != null) ? "https" : "http"; baseURL = new URL(httpProtocol, serverHostname, port, "/" + prefix + "/"); LOG.info("Mesos Artifact Server Base URL: {}, listening at {}:{}", baseURL, address, port); }
From source file:org.apache.hadoop.hdfs.server.datanode.web.DatanodeHttpServer.java
License:Apache License
public DatanodeHttpServer(final Configuration conf, final InetSocketAddress jettyAddr, final ServerSocketChannel externalHttpChannel) throws IOException { this.conf = conf; this.confForCreate = new Configuration(conf); confForCreate.set(FsPermission.UMASK_LABEL, "000"); this.bossGroup = new NioEventLoopGroup(); this.workerGroup = new NioEventLoopGroup(); this.externalHttpChannel = externalHttpChannel; HttpConfig.Policy policy = DFSUtil.getHttpPolicy(conf); if (policy.isHttpEnabled()) { this.httpServer = new ServerBootstrap().group(bossGroup, workerGroup) .childHandler(new ChannelInitializer<SocketChannel>() { @Override/*from www . ja v a2 s . c o m*/ protected void initChannel(SocketChannel ch) throws Exception { ChannelPipeline p = ch.pipeline(); p.addLast(new HttpRequestDecoder(), new HttpResponseEncoder(), new ChunkedWriteHandler(), new URLDispatcher(jettyAddr, conf, confForCreate)); } }); if (externalHttpChannel == null) { httpServer.channel(NioServerSocketChannel.class); } else { httpServer.channelFactory(new ChannelFactory<NioServerSocketChannel>() { @Override public NioServerSocketChannel newChannel() { return new NioServerSocketChannel(externalHttpChannel) { // The channel has been bounded externally via JSVC, // thus bind() becomes a no-op. @Override protected void doBind(SocketAddress localAddress) throws Exception { } }; } }); } } else { this.httpServer = null; } if (policy.isHttpsEnabled()) { this.sslFactory = new SSLFactory(SSLFactory.Mode.SERVER, conf); try { sslFactory.init(); } catch (GeneralSecurityException e) { throw new IOException(e); } this.httpsServer = new ServerBootstrap().group(bossGroup, workerGroup) .channel(NioServerSocketChannel.class).childHandler(new ChannelInitializer<SocketChannel>() { @Override protected void initChannel(SocketChannel ch) throws Exception { ChannelPipeline p = ch.pipeline(); p.addLast(new SslHandler(sslFactory.createSSLEngine()), new HttpRequestDecoder(), new HttpResponseEncoder(), new ChunkedWriteHandler(), new URLDispatcher(jettyAddr, conf, confForCreate)); } }); } else { this.httpsServer = null; this.sslFactory = null; } }
From source file:org.apache.qpid.jms.transports.netty.NettyServer.java
License:Apache License
public void start() throws Exception { if (started.compareAndSet(false, true)) { // Configure the server. bossGroup = new NioEventLoopGroup(1); workerGroup = new NioEventLoopGroup(); ServerBootstrap server = new ServerBootstrap(); server.group(bossGroup, workerGroup); server.channel(NioServerSocketChannel.class); server.option(ChannelOption.SO_BACKLOG, 100); server.handler(new LoggingHandler(LogLevel.INFO)); server.childHandler(new ChannelInitializer<Channel>() { @Override//w w w . j a va 2 s . c o m public void initChannel(Channel ch) throws Exception { if (options instanceof TransportSslOptions) { TransportSslOptions sslOptions = (TransportSslOptions) options; SSLContext context = TransportSupport.createSslContext(sslOptions); SSLEngine engine = TransportSupport.createSslEngine(context, sslOptions); engine.setUseClientMode(false); engine.setNeedClientAuth(needClientAuth); sslHandler = new SslHandler(engine); ch.pipeline().addLast(sslHandler); } if (webSocketServer) { ch.pipeline().addLast(new HttpServerCodec()); ch.pipeline().addLast(new HttpObjectAggregator(65536)); ch.pipeline().addLast(new WebSocketServerProtocolHandler(getWebSocketPath(), "amqp", true)); } ch.pipeline().addLast(new NettyServerOutboundHandler()); ch.pipeline().addLast(new NettyServerInboundHandler()); ch.pipeline().addLast(getServerHandler()); } }); // Start the server. serverChannel = server.bind(getServerPort()).sync().channel(); } }
From source file:org.apache.qpid.jms.transports.TransportSupport.java
License:Apache License
/** * Creates a Netty SslHandler instance for use in Transports that require * an SSL encoder / decoder./* w ww . j a va 2 s . c o m*/ * * If the given options contain an SSLContext override, this will be used directly * when creating the handler. If they do not, an SSLContext will first be created * using the other option values. * * @param remote * The URI of the remote peer that the SslHandler will be used against. * @param options * The SSL options object to build the SslHandler instance from. * * @return a new SslHandler that is configured from the given options. * * @throws Exception if an error occurs while creating the SslHandler instance. */ public static SslHandler createSslHandler(URI remote, TransportSslOptions options) throws Exception { SSLContext sslContext = options.getSslContextOverride(); if (sslContext == null) { sslContext = createSslContext(options); } SSLEngine sslEngine = createSslEngine(remote, sslContext, options); return new SslHandler(sslEngine); }
From source file:org.apache.zookeeper.server.NettyServerCnxnFactory.java
License:Apache License
private synchronized void initSSL(ChannelPipeline p) throws X509Exception, KeyManagementException, NoSuchAlgorithmException { String authProviderProp = System.getProperty(x509Util.getSslAuthProviderProperty()); SSLContext sslContext;//from w w w . j a va2 s. co m if (authProviderProp == null) { sslContext = x509Util.getDefaultSSLContext(); } else { sslContext = SSLContext.getInstance("TLSv1"); X509AuthenticationProvider authProvider = (X509AuthenticationProvider) ProviderRegistry .getProvider(System.getProperty(x509Util.getSslAuthProviderProperty(), "x509")); if (authProvider == null) { LOG.error("Auth provider not found: {}", authProviderProp); throw new SSLContextException( "Could not create SSLContext with specified auth provider: " + authProviderProp); } sslContext.init(new X509KeyManager[] { authProvider.getKeyManager() }, new X509TrustManager[] { authProvider.getTrustManager() }, null); } SSLEngine sslEngine = sslContext.createSSLEngine(); sslEngine.setUseClientMode(false); sslEngine.setNeedClientAuth(true); p.addLast("ssl", new SslHandler(sslEngine)); LOG.info("SSL handler added for channel: {}", p.channel()); }
From source file:org.asynchttpclient.netty.channel.ChannelManager.java
License:Open Source License
private SslHandler createSslHandler(String peerHost, int peerPort) { SSLEngine sslEngine = sslEngineFactory.newSslEngine(config, peerHost, peerPort); SslHandler sslHandler = new SslHandler(sslEngine); if (handshakeTimeout > 0) sslHandler.setHandshakeTimeoutMillis(handshakeTimeout); return sslHandler; }
From source file:org.asynchttpclient.providers.netty.channel.ChannelManager.java
License:Open Source License
public SslHandler createSslHandler(String peerHost, int peerPort) throws IOException, GeneralSecurityException { SSLEngine sslEngine = null;/* w w w . ja v a 2 s . c o m*/ if (nettyConfig.getSslEngineFactory() != null) { sslEngine = nettyConfig.getSslEngineFactory().newSSLEngine(); } else { SSLContext sslContext = config.getSSLContext(); if (sslContext == null) sslContext = SslUtils.getInstance().getSSLContext(config.isAcceptAnyCertificate()); sslEngine = sslContext.createSSLEngine(peerHost, peerPort); sslEngine.setUseClientMode(true); } SslHandler sslHandler = new SslHandler(sslEngine); if (handshakeTimeout > 0) sslHandler.setHandshakeTimeoutMillis(handshakeTimeout); return sslHandler; }