JAMES-1958 Enable HTTPS through configuration
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/3ac2368b Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/3ac2368b Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/3ac2368b Branch: refs/heads/master Commit: 3ac2368bf86ad6c607b6a31dc5eddf7ff160a197 Parents: ef84ed7 Author: benwa <btell...@linagora.com> Authored: Wed Mar 8 16:26:19 2017 +0700 Committer: benwa <btell...@linagora.com> Committed: Wed Mar 15 09:01:53 2017 +0700 ---------------------------------------------------------------------- .../destination/conf/webadmin.properties | 13 +++++++++++- .../destination/conf/webadmin.properties | 13 +++++++++++- .../modules/server/WebAdminServerModule.java | 22 ++++++++++++++++++++ .../apache/james/webadmin/WebAdminServer.java | 8 +++++++ 4 files changed, 54 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/3ac2368b/dockerfiles/run/guice/cassandra-ldap/destination/conf/webadmin.properties ---------------------------------------------------------------------- diff --git a/dockerfiles/run/guice/cassandra-ldap/destination/conf/webadmin.properties b/dockerfiles/run/guice/cassandra-ldap/destination/conf/webadmin.properties index 70a6cb9..3a1e755 100644 --- a/dockerfiles/run/guice/cassandra-ldap/destination/conf/webadmin.properties +++ b/dockerfiles/run/guice/cassandra-ldap/destination/conf/webadmin.properties @@ -19,4 +19,15 @@ # DO NOT USE IT AS SUCH AND ADAPT IT TO YOUR NEEDS enabled=true -port=8000 \ No newline at end of file +port=8000 + +# Defaults to false +https.enabled=false + +# Compulsory when enabling HTTPS +#https.keystore=/path/to/keystore +#https.password=password + +# Optional when enabling HTTPS (self signed) +#https.trust.keystore +#https.trust.password \ No newline at end of file http://git-wip-us.apache.org/repos/asf/james-project/blob/3ac2368b/dockerfiles/run/guice/cassandra/destination/conf/webadmin.properties ---------------------------------------------------------------------- diff --git a/dockerfiles/run/guice/cassandra/destination/conf/webadmin.properties b/dockerfiles/run/guice/cassandra/destination/conf/webadmin.properties index 70a6cb9..3a1e755 100644 --- a/dockerfiles/run/guice/cassandra/destination/conf/webadmin.properties +++ b/dockerfiles/run/guice/cassandra/destination/conf/webadmin.properties @@ -19,4 +19,15 @@ # DO NOT USE IT AS SUCH AND ADAPT IT TO YOUR NEEDS enabled=true -port=8000 \ No newline at end of file +port=8000 + +# Defaults to false +https.enabled=false + +# Compulsory when enabling HTTPS +#https.keystore=/path/to/keystore +#https.password=password + +# Optional when enabling HTTPS (self signed) +#https.trust.keystore +#https.trust.password \ No newline at end of file http://git-wip-us.apache.org/repos/asf/james-project/blob/3ac2368b/server/container/guice/protocols/webadmin/src/main/java/org/apache/james/modules/server/WebAdminServerModule.java ---------------------------------------------------------------------- diff --git a/server/container/guice/protocols/webadmin/src/main/java/org/apache/james/modules/server/WebAdminServerModule.java b/server/container/guice/protocols/webadmin/src/main/java/org/apache/james/modules/server/WebAdminServerModule.java index 8495797..29c6223 100644 --- a/server/container/guice/protocols/webadmin/src/main/java/org/apache/james/modules/server/WebAdminServerModule.java +++ b/server/container/guice/protocols/webadmin/src/main/java/org/apache/james/modules/server/WebAdminServerModule.java @@ -32,6 +32,7 @@ import org.apache.james.utils.GuiceProbe; import org.apache.james.utils.PropertiesProvider; import org.apache.james.utils.WebAdminGuiceProbe; import org.apache.james.webadmin.FixedPort; +import org.apache.james.webadmin.HttpsConfiguration; import org.apache.james.webadmin.Routes; import org.apache.james.webadmin.WebAdminConfiguration; import org.apache.james.webadmin.WebAdminServer; @@ -72,6 +73,7 @@ public class WebAdminServerModule extends AbstractModule { return WebAdminConfiguration.builder() .enable(configurationFile.getBoolean("enabled", false)) .port(new FixedPort(configurationFile.getInt("port", WebAdminServer.DEFAULT_PORT))) + .https(readHttpsConfiguration(configurationFile)) .build(); } catch (FileNotFoundException e) { return WebAdminConfiguration.builder() @@ -80,6 +82,26 @@ public class WebAdminServerModule extends AbstractModule { } } + private HttpsConfiguration readHttpsConfiguration(PropertiesConfiguration configurationFile) { + boolean enabled = configurationFile.getBoolean("https.enabled", DEFAULT_HTTPS_DISABLED()); + if (enabled) { + return HttpsConfiguration.builder() + .enabled() + .raw(configurationFile.getString("https.keystore", null), + configurationFile.getString("https.password", null), + configurationFile.getString("https.trust.keystore", null), + configurationFile.getString("https.trust.password", null)) + .build(); + } + return HttpsConfiguration.builder() + .disabled() + .build(); + } + + private boolean DEFAULT_HTTPS_DISABLED() { + return false; + } + @Singleton public static class WebAdminServerModuleConfigurationPerformer implements ConfigurationPerformer { http://git-wip-us.apache.org/repos/asf/james-project/blob/3ac2368b/server/protocols/webadmin/src/main/java/org/apache/james/webadmin/WebAdminServer.java ---------------------------------------------------------------------- diff --git a/server/protocols/webadmin/src/main/java/org/apache/james/webadmin/WebAdminServer.java b/server/protocols/webadmin/src/main/java/org/apache/james/webadmin/WebAdminServer.java index c70f318..c1e1cad 100644 --- a/server/protocols/webadmin/src/main/java/org/apache/james/webadmin/WebAdminServer.java +++ b/server/protocols/webadmin/src/main/java/org/apache/james/webadmin/WebAdminServer.java @@ -67,6 +67,14 @@ public class WebAdminServer implements Configurable { public void configure(HierarchicalConfiguration config) throws ConfigurationException { if (configuration.isEnabled()) { service.port(configuration.getPort().toInt()); + HttpsConfiguration httpsConfiguration = configuration.getHttpsConfiguration(); + if (httpsConfiguration.isEnabled()) { + service.secure(httpsConfiguration.getKeystoreFilePath(), + httpsConfiguration.getKeystorePassword(), + httpsConfiguration.getTruststoreFilePath(), + httpsConfiguration.getTruststorePassword()); + LOGGER.info("Web admin set up to use HTTPS"); + } routesList.forEach(routes -> routes.define(service)); LOGGER.info("Web admin server started"); } --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org