craigmcc 00/11/17 13:16:21
Modified: src/share/org/apache/tomcat/service Tag: tomcat_32
PoolTcpConnector.java
src/share/org/apache/tomcat/startup Tag: tomcat_32
EmbededTomcat.java
Log:
When using the EmbededTomcat approach to starting Tomcat, properly pass
the keystore, keystore password, and requirement for client authentication
to the underlying SSL socket factory. Also, support the ability to
provide your own custom socket factory object, rather than just a
classname.
PR: BugRat Bug Report #404
Submitted by: Stefan F. Stefansson <[EMAIL PROTECTED]>
(Sorry about not being able to get the
accented letters right)
Revision Changes Path
No revision
No revision
1.8.2.2 +8 -0
jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpConnector.java
Index: PoolTcpConnector.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/service/PoolTcpConnector.java,v
retrieving revision 1.8.2.1
retrieving revision 1.8.2.2
diff -u -r1.8.2.1 -r1.8.2.2
--- PoolTcpConnector.java 2000/10/06 20:42:00 1.8.2.1
+++ PoolTcpConnector.java 2000/11/17 21:16:21 1.8.2.2
@@ -394,6 +394,14 @@
loghelper.setLogger(logger);
}
+ /**
+ * Set a socket factory explicitly. This is used
+ * by the EmbededTomcat class to create custom endpoints.
+ */
+ public void setSocketFactory(ServerSocketFactory socketFactory) {
+ this.socketFactory = socketFactory;
+ }
+
// -------------------- Implementation methods --------------------
No revision
No revision
1.13.2.3 +50 -4
jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java
Index: EmbededTomcat.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat/src/share/org/apache/tomcat/startup/EmbededTomcat.java,v
retrieving revision 1.13.2.2
retrieving revision 1.13.2.3
diff -u -r1.13.2.2 -r1.13.2.3
--- EmbededTomcat.java 2000/08/16 22:24:27 1.13.2.2
+++ EmbededTomcat.java 2000/11/17 21:16:21 1.13.2.3
@@ -4,6 +4,7 @@
import java.io.*;
import org.apache.tomcat.core.*;
+import org.apache.tomcat.net.*;
import org.apache.tomcat.request.*;
import org.apache.tomcat.service.*;
import org.apache.tomcat.service.http.*;
@@ -33,6 +34,7 @@
* "expensive" as code complexity and will be deprecated ).
*
* @author [EMAIL PROTECTED]
+ * @author Stefan Freyr Stafansson [[EMAIL PROTECTED]]
*/
public class EmbededTomcat { // extends WebService
ContextManager contextM = null;
@@ -112,11 +114,23 @@
contextM.addServerConnector( sc );
}
- /** Add a secure web service.
+ /** Add a secure web service without client authentication using the
+ * default server socket factory.
*/
public void addSecureEndpoint( int port, InetAddress addr, String hostname,
String keyFile, String keyPass )
{
+ addSecureEndpoint(port, addr, hostname, keyFile, keyPass, false);
+ }
+
+ /** Add a secure web service using the
+ * org.apache.tomcat.net.SSLSocketFactory. clientAuth specifies whether
+ * client authentication is required or not.
+ */
+ public void addSecureEndpoint(int port, InetAddress addr, String hostname,
+ String keyStore, String keyPass,
+ boolean clientAuth)
+ {
if(debug>0) log( "addSecureConnector " + port + " " + addr + " " +
hostname );
@@ -126,9 +140,13 @@
sc.setAttribute( "vhost_port" , new Integer( port ) );
if( addr != null ) sc.setAttribute( "vhost_address", addr );
if( hostname != null ) sc.setAttribute( "vhost_name", hostname );
-
- sc.setAttribute( "socketFactory",
- "org.apache.tomcat.net.SSLSocketFactory");
+ if (keyStore != null)
+ sc.setAttribute("keystore", keyStore);
+ if (keyPass != null)
+ sc.setAttribute("keypass", keyPass);
+ if (clientAuth)
+ sc.setAttribute("clientAuth", "true");
+ sc.setSocketFactory(new org.apache.tomcat.net.SSLSocketFactory());
// System.out.println("XXX " + keyFile + " " + keyPass);
HttpConnectionHandler ch=new HttpConnectionHandler();
ch.setSecure(true);
@@ -136,6 +154,34 @@
// XXX add the secure socket
contextM.addServerConnector( sc );
+ }
+
+ /** Add a custom web service using the specified socket factory.
+ *
+ * @param port Port number on which to listen
+ * @param addr Internet address on which to listen
+ * @param hostname Virtual host name for this service
+ * @param secure Should this endpoint be marked secure?
+ * @param socketFactory The factory for server sockets to be used
+ */
+ public void addCustomEndpoint(int port, InetAddress addr, String hostname,
+ boolean secure,
+ ServerSocketFactory socketFactory) {
+ if (debug>0) log("addCustomEndpoint " + port + " " + addr + " " +
+ hostname);
+
+ PoolTcpConnector sc = new PoolTcpConnector();
+ sc.setServer(contextM);
+ if (secure) contextM.setSecurePort(port);
+ sc.setAttribute("vhost_port", new Integer(port));
+ if (addr != null) sc.setAttribute("vhost_address", addr);
+ if (hostname != null) sc.setAttribute("vhost_name", hostname);
+ sc.setSocketFactory(socketFactory);
+ HttpConnectionHandler ch = new HttpConnectionHandler();
+ ch.setSecure(secure);
+ sc.setTcpConnectionHandler(ch);
+ contextM.addServerConnector(sc);
+
}
// -------------------- Context add/remove --------------------
