In general it sounds great. And if you you managed to get "working, reasonable defaults" in there, then I have nothing to add at this stage. I will try and free up some time during the week and take a closer look.
-- NIclas On Wed, Oct 12, 2011 at 4:05 PM, Paul Merlin <[email protected]> wrote: > Gang, > > As I need some configuration of the http service plus https support I > made the http library evolve. > > I created a QI_351_Improve_library_http branch from the develop branch. > > > Here are the changes that could impact current users: > > * Jetty version upgrade from Mortbay 6.1 to Eclipse 8 that use version > 3.0 of the servlet api > * resourcePath configuration property is not mandatory anymore, behavior > is the same as when it was declared empty before > > Not so much. I tried to keep theses changes as small as possible. > > > Here are the new configuration properties for basic http service: > > * Set the root context prefix, defaulted to "/" > * Enable/disable statistics collection by Jetty, exposed through JMX if > available > * Set connections max idle times > * Set used header & buffer sizes > * Set accepted hostnames (for virtual hosts support) > * Set welcome files > * Set maximum form content size > * Set gracefull shutdown timeout > * Plus some minor configurations (expose server version, set-cookie header > version etc...) > > > Here are the new configuration properties for https service: > > * Set server certified keypair and server cacert, supporting PKCS12, JCEKS > and JKS files > * Set need/want client authentication > * Set used random algorithm, allowed cipher suites > * Enable/disable ssl renegotiation > * Set maximum PKIX CertPath length > * Enable/disable certificates validations check (CRL/OCSP) > * Enable/disable use of the CRL Distribution Points certificate extension > * Set a fixed local CRL file path > * Enable/disable use of the OCSP Responders certificate extension > * Set a fixed OCSP responder URL > > > Here are new "bootstrap features": > > * If a MBeanServer @Service is available the Jetty MBeans are registered > * The fluent api to register Servlets and Filters now provide methods to > register security constraints on paths, only for client certificate > based authentication at the moment, eg: > > addConstraints( constrain( "/hello" ).by( CLIENT_CERT ) ).to( module ); > > > I'm calling here for remarks, comments, code review and even tests if you > happen to have time. > > I tried to write unit tests showing enough of the configuration > possibilities. If some of the config properties need clarification I can > write some more. > > > BTW, there are things I'd like to add after that: > > * Full support for VirtualHosts would need to factor out the Jetty Server > instance handling to a dedicated Service used by the HttpService mixins. > > * Bind the Jetty MBeans to the Qi4j Service node would be nice but I don't > know JMX enough to do that easily. See in AbstractJettyMixin.activate the > use of MBeanContainer from the Jetty codebase. > > * Remove the use of DefaultServlet by default. None of my use cases needs > it to be registered. We could add a convenience method on the > JettyAssembler that handle the DefaultServlet registration: > JettyAssembler withDefaultServlet(); > > WDYT? > > > /Paul > > -- > Paul Merlin - eskatos.github.com > _______________________________________________ > qi4j-dev mailing list > [email protected] > http://lists.ops4j.org/mailman/listinfo/qi4j-dev > -- Niclas Hedhman, Software Developer http://www.qi4j.org - New Energy for Java I live here; http://tinyurl.com/3xugrbk I work here; http://tinyurl.com/24svnvk I relax here; http://tinyurl.com/2cgsug _______________________________________________ qi4j-dev mailing list [email protected] http://lists.ops4j.org/mailman/listinfo/qi4j-dev
