Gang, As I need some configuration of the http service plus https support I made the http library evolve.
I created a QI_351_Improve_library_http branch from the develop branch. Here are the changes that could impact current users: * Jetty version upgrade from Mortbay 6.1 to Eclipse 8 that use version 3.0 of the servlet api * resourcePath configuration property is not mandatory anymore, behavior is the same as when it was declared empty before Not so much. I tried to keep theses changes as small as possible. Here are the new configuration properties for basic http service: * Set the root context prefix, defaulted to "/" * Enable/disable statistics collection by Jetty, exposed through JMX if available * Set connections max idle times * Set used header & buffer sizes * Set accepted hostnames (for virtual hosts support) * Set welcome files * Set maximum form content size * Set gracefull shutdown timeout * Plus some minor configurations (expose server version, set-cookie header version etc...) Here are the new configuration properties for https service: * Set server certified keypair and server cacert, supporting PKCS12, JCEKS and JKS files * Set need/want client authentication * Set used random algorithm, allowed cipher suites * Enable/disable ssl renegotiation * Set maximum PKIX CertPath length * Enable/disable certificates validations check (CRL/OCSP) * Enable/disable use of the CRL Distribution Points certificate extension * Set a fixed local CRL file path * Enable/disable use of the OCSP Responders certificate extension * Set a fixed OCSP responder URL Here are new "bootstrap features": * If a MBeanServer @Service is available the Jetty MBeans are registered * The fluent api to register Servlets and Filters now provide methods to register security constraints on paths, only for client certificate based authentication at the moment, eg: addConstraints( constrain( "/hello" ).by( CLIENT_CERT ) ).to( module ); I'm calling here for remarks, comments, code review and even tests if you happen to have time. I tried to write unit tests showing enough of the configuration possibilities. If some of the config properties need clarification I can write some more. BTW, there are things I'd like to add after that: * Full support for VirtualHosts would need to factor out the Jetty Server instance handling to a dedicated Service used by the HttpService mixins. * Bind the Jetty MBeans to the Qi4j Service node would be nice but I don't know JMX enough to do that easily. See in AbstractJettyMixin.activate the use of MBeanContainer from the Jetty codebase. * Remove the use of DefaultServlet by default. None of my use cases needs it to be registered. We could add a convenience method on the JettyAssembler that handle the DefaultServlet registration: JettyAssembler withDefaultServlet(); WDYT? /Paul -- Paul Merlin - eskatos.github.com _______________________________________________ qi4j-dev mailing list [email protected] http://lists.ops4j.org/mailman/listinfo/qi4j-dev
