Author: asankha
Date: Wed Feb 21 01:34:26 2007
New Revision: 509949
URL: http://svn.apache.org/viewvc?view=rev&rev=509949
Log:
added the NIO SSL transport listener, and a sample jks keystore to startup the
listener
updated the axis2.xml we ship to include the SSL listener
updated the synapse.sh script to support the renaming of the SynapseHTTPServer
as SynapseServer
updated pom.xml to include dependency for niossl - but the code should now be
compiled under JDK 1.5, and the target code would be 1.4 compatible. Hence it
is still possible to run Synapse on JDK 1.4 if the NIO SSL transport is not used
Added:
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseServer.java
- copied, changed from r509218,
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseHTTPServer.java
webservices/synapse/trunk/java/modules/core/src/test/resources/keystore.jks
(with props)
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSSLListener.java
webservices/synapse/trunk/java/repository/conf/keystore.jks (with props)
Removed:
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseHTTPServer.java
Modified:
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java
webservices/synapse/trunk/java/pom.xml
webservices/synapse/trunk/java/repository/conf/axis2.xml
webservices/synapse/trunk/java/src/main/bin/synapse.bat
webservices/synapse/trunk/java/src/main/bin/synapse.sh
Copied:
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseServer.java
(from r509218,
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseHTTPServer.java)
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseServer.java?view=diff&rev=509949&p1=webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseHTTPServer.java&r1=509218&p2=webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseServer.java&r2=509949
==============================================================================
---
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseHTTPServer.java
(original)
+++
webservices/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/SynapseServer.java
Wed Feb 21 01:34:26 2007
@@ -36,12 +36,12 @@
/**
* Starts all transports as specified on the axis2.xml
*/
-public class SynapseHTTPServer {
+public class SynapseServer {
- private static final Log log = LogFactory.getLog(SynapseHTTPServer.class);
+ private static final Log log = LogFactory.getLog(SynapseServer.class);
public static void printUsage() {
- System.out.println("Usage: SynapseHTTPServer <repository>");
+ System.out.println("Usage: SynapseServer <repository>");
System.out.println(" Opts: -? this message");
System.exit(1);
}
@@ -53,7 +53,7 @@
printUsage();
}
- System.out.println("[SynapseHTTPServer] Using the Axis2 Repository "
+ System.out.println("[SynapseServer] Using the Axis2 Repository "
+ new File(args[0]).getAbsolutePath());
try {
@@ -76,17 +76,17 @@
TransportInDescription trsIn = (TransportInDescription)
configctx.getAxisConfiguration().getTransportsIn().get(trp);
listenerManager.addListener(trsIn, false);
- if (new QName("http").equals(trsIn.getName())) {
-
- System.out.println("[SynapseHTTPServer] Started HTTP on
port : " +
- trsIn.getParameter("port").getValue());
+ String msg = "[SynapseServer] Starting transport " +
trsIn.getName();
+ if (trsIn.getParameter("port") != null) {
+ msg += " on port " + trsIn.getParameter("port").getValue();
}
+ System.out.println(msg);
}
- System.out.println("[SynapseHTTPServer] Ready");
+ System.out.println("[SynapseServer] Ready");
} catch (Throwable t) {
t.printStackTrace();
- System.out.println("[SynapseHTTPServer] Startup failed...");
+ System.out.println("[SynapseServer] Startup failed...");
}
}
@@ -121,7 +121,7 @@
trsIn.getParameter("port").setValue(Integer.toString(port));
break;
} catch (Exception e) {
- System.out.println("[SynapseHTTPServer] Port "+port+"
already in use. Trying alternate");
+ System.out.println("[SynapseServer] Port "+port+"
already in use. Trying alternate");
if (port == 8080) {
port = 8008;
} else {
Added:
webservices/synapse/trunk/java/modules/core/src/test/resources/keystore.jks
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/modules/core/src/test/resources/keystore.jks?view=auto&rev=509949
==============================================================================
Binary file - no diff available.
Propchange:
webservices/synapse/trunk/java/modules/core/src/test/resources/keystore.jks
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified:
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java?view=diff&rev=509949&r1=509948&r2=509949
==============================================================================
---
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java
(original)
+++
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOListener.java
Wed Feb 21 01:34:26 2007
@@ -33,6 +33,7 @@
import org.apache.http.impl.nio.reactor.DefaultListeningIOReactor;
import org.apache.http.impl.nio.DefaultServerIOEventDispatch;
+import javax.net.ssl.SSLContext;
import java.io.InterruptedIOException;
import java.io.IOException;
import java.net.InetSocketAddress;
@@ -56,6 +57,8 @@
private int port = 8080;
/** The hostname to use, defaults to localhost */
private String host = "localhost";
+ /** SSLContext if this listener is a SSL listener */
+ private SSLContext sslContext = null;
/**
* configure and start the IO reactor on the specified port
@@ -70,7 +73,7 @@
}
NHttpServiceHandler handler = new ServerHandler(cfgCtx, params);
- IOEventDispatch ioEventDispatch = new
DefaultServerIOEventDispatch(handler, params);
+ IOEventDispatch ioEventDispatch = getEventDispatch(handler,
sslContext, params);
try {
ioReactor.listen(new InetSocketAddress(port));
@@ -83,6 +86,11 @@
log.info("Listener Shutdown");
}
+ protected IOEventDispatch getEventDispatch(
+ NHttpServiceHandler handler, SSLContext sslContext, HttpParams params)
{
+ return new DefaultServerIOEventDispatch(handler, params);
+ }
+
/**
* get HTTP protocol parameters to which the listener must adhere to
* @return the applicable HTTP protocol parameters
@@ -123,8 +131,25 @@
}
}
+ // is this an SSL listener?
+ Parameter keystore = transprtIn.getParameter("keystore");
+ if (keystore != null) {
+ sslContext = getSSLContext(keystore);
+ }
+
serviceEPRPrefix = "http://"; + host + (port == 80 ? "" : ":" + port) +
- "/" + cfgCtx.getServiceContextPath() + "/";
+ (!cfgCtx.getServiceContextPath().startsWith("/") ? "/" : "") +
+ cfgCtx.getServiceContextPath() +
+ (!cfgCtx.getServiceContextPath().endsWith("/") ? "/" : "");
+ }
+
+ /**
+ * Create the SSLContext to be used by this listener
+ * @param ksParam
+ * @return always null
+ */
+ protected SSLContext getSSLContext(Parameter ksParam) throws AxisFault {
+ return null;
}
/**
Added:
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSSLListener.java
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSSLListener.java?view=auto&rev=509949
==============================================================================
---
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSSLListener.java
(added)
+++
webservices/synapse/trunk/java/modules/nhttp/src/org/apache/axis2/transport/nhttp/HttpCoreNIOSSLListener.java
Wed Feb 21 01:34:26 2007
@@ -0,0 +1,65 @@
+package org.apache.axis2.transport.nhttp;
+
+import org.apache.axis2.description.Parameter;
+import org.apache.axis2.AxisFault;
+import org.apache.axiom.om.OMElement;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.http.impl.nio.reactor.SSLServerIOEventDispatch;
+import org.apache.http.nio.reactor.IOEventDispatch;
+import org.apache.http.nio.NHttpServiceHandler;
+import org.apache.http.params.HttpParams;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.KeyManager;
+import javax.xml.namespace.QName;
+import java.security.KeyStore;
+import java.security.GeneralSecurityException;
+import java.net.URL;
+import java.io.IOException;
+
+public class HttpCoreNIOSSLListener extends HttpCoreNIOListener {
+
+ private static final Log log =
LogFactory.getLog(HttpCoreNIOSSLListener.class);
+
+ protected IOEventDispatch getEventDispatch(
+ NHttpServiceHandler handler, SSLContext sslContext, HttpParams params)
{
+ return new SSLServerIOEventDispatch(handler, sslContext, params);
+ }
+
+ /**
+ * Create the SSLContext to be used by this listener
+ * @param ksParam the Axis2 Parameter that specifies the ksParam info
+ * @return the SSLContext to be used
+ */
+ protected SSLContext getSSLContext(Parameter ksParam) throws AxisFault {
+ OMElement ksEle = ksParam.getParameterElement().getFirstElement();
+ String ksLocation = ksEle.getFirstChildWithName(new
QName("Location")).getText();
+ String ksType = ksEle.getFirstChildWithName(new
QName("Type")).getText();
+ String ksPassword = ksEle.getFirstChildWithName(new
QName("Password")).getText();
+ String pvtKeyPassword = ksEle.getFirstChildWithName(new
QName("KeyPassword")).getText();
+
+ KeyStore keystore = null;
+ try {
+ keystore = KeyStore.getInstance(ksType);
+ URL url = getClass().getClassLoader().getResource(ksLocation);
+ log.debug("keystore loaded from url : " + url);
+ keystore.load(url.openStream(), ksPassword.toCharArray());
+ KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(
+ KeyManagerFactory.getDefaultAlgorithm());
+ kmfactory.init(keystore, pvtKeyPassword.toCharArray());
+ KeyManager[] keymanagers = kmfactory.getKeyManagers();
+ SSLContext sslcontext = SSLContext.getInstance("TLS");
+ sslcontext.init(keymanagers, null, null);
+ return sslcontext;
+ } catch (GeneralSecurityException gse) {
+ log.error("Unable to create SSL context with the given
configuration", gse);
+ throw new AxisFault("Unable to create SSL context with the given
configuration", gse);
+ } catch (IOException ioe) {
+ log.error("Unable to open keystore", ioe);
+ throw new AxisFault("Unable to open keystore", ioe);
+ }
+ }
+
+}
Modified: webservices/synapse/trunk/java/pom.xml
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/pom.xml?view=diff&rev=509949&r1=509948&r2=509949
==============================================================================
--- webservices/synapse/trunk/java/pom.xml (original)
+++ webservices/synapse/trunk/java/pom.xml Wed Feb 21 01:34:26 2007
@@ -426,6 +426,11 @@
<artifactId>jakarta-httpcore-nio</artifactId>
<version>${jakarta.httpcore.nio.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>jakarta-httpcore-niossl</artifactId>
+ <version>${jakarta.httpcore.nio.version}</version>
+ </dependency>
</dependencies>
Modified: webservices/synapse/trunk/java/repository/conf/axis2.xml
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/repository/conf/axis2.xml?view=diff&rev=509949&r1=509948&r2=509949
==============================================================================
--- webservices/synapse/trunk/java/repository/conf/axis2.xml (original)
+++ webservices/synapse/trunk/java/repository/conf/axis2.xml Wed Feb 21
01:34:26 2007
@@ -134,7 +134,25 @@
<parameter name="port" locked="false">8080</parameter>
<parameter name="non-blocking" locked="false">true</parameter>
</transportReceiver>
-
+
+ <!-- the experimental non blocking https transport based on HttpCore +
SSL-NIO extensions -->
+ <transportReceiver name="https"
class="org.apache.axis2.transport.nhttp.HttpCoreNIOSSLListener">
+ <parameter name="port" locked="false">8443</parameter>
+ <parameter name="non-blocking" locked="false">true</parameter>
+ <parameter name="keystore" locked="false">
+ <syn:KeyStore xmlns:syn="http://ws.apache.org/ns/synapse";>
+ <!-- Key store file location-->
+ <syn:Location>keystore.jks</syn:Location>
+ <!-- Key store type (JKS/PKCS12 etc.)-->
+ <syn:Type>JKS</syn:Type>
+ <!-- Key store password-->
+ <syn:Password>password</syn:Password>
+ <!-- Private Key password-->
+ <syn:KeyPassword>password</syn:KeyPassword>
+ </syn:KeyStore>
+ </parameter>
+ </transportReceiver>
+
<!--Uncomment this and configure as appropriate for JMS transport support,
after setting up your JMS environment (e.g. ActiveMQ)
<transportReceiver name="jms"
class="org.apache.axis2.transport.jms.JMSListener">
<parameter name="myTopicConnectionFactory" locked="false">
Added: webservices/synapse/trunk/java/repository/conf/keystore.jks
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/repository/conf/keystore.jks?view=auto&rev=509949
==============================================================================
Binary file - no diff available.
Propchange: webservices/synapse/trunk/java/repository/conf/keystore.jks
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: webservices/synapse/trunk/java/src/main/bin/synapse.bat
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/src/main/bin/synapse.bat?view=diff&rev=509949&r1=509948&r2=509949
==============================================================================
--- webservices/synapse/trunk/java/src/main/bin/synapse.bat (original)
+++ webservices/synapse/trunk/java/src/main/bin/synapse.bat Wed Feb 21 01:34:26
2007
@@ -117,7 +117,7 @@
@rem @echo on
cd %SYNAPSE_HOME%
-"%_JAVACMD%" %_PORT% %_SYNAPSE_XML%
-Daxis2.xml="%SYNAPSE_HOME%\repository\conf\axis2.xml"
-Djava.endorsed.dirs=%SYNAPSE_ENDORSED% %_XDEBUG% -cp %SYNAPSE_CLASS_PATH%
org.apache.synapse.SynapseHTTPServer %SYNAPSE_CMD_LINE_ARGS%
+"%_JAVACMD%" %_PORT% %_SYNAPSE_XML%
-Daxis2.xml="%SYNAPSE_HOME%\repository\conf\axis2.xml"
-Djava.endorsed.dirs=%SYNAPSE_ENDORSED% %_XDEBUG% -cp %SYNAPSE_CLASS_PATH%
org.apache.synapse.SynapseServer %SYNAPSE_CMD_LINE_ARGS%
goto end
:end
Modified: webservices/synapse/trunk/java/src/main/bin/synapse.sh
URL:
http://svn.apache.org/viewvc/webservices/synapse/trunk/java/src/main/bin/synapse.sh?view=diff&rev=509949&r1=509948&r2=509949
==============================================================================
--- webservices/synapse/trunk/java/src/main/bin/synapse.sh (original)
+++ webservices/synapse/trunk/java/src/main/bin/synapse.sh Wed Feb 21 01:34:26
2007
@@ -84,7 +84,7 @@
fi
# update classpath
-SYNAPSE_CLASSPATH="$SYNAPSE_HOME/lib"
+SYNAPSE_CLASSPATH="$SYNAPSE_HOME/lib":"$SYNAPSE_HOME/repository/conf"
for f in $SYNAPSE_HOME/lib/*.jar
do
SYNAPSE_CLASSPATH=$SYNAPSE_CLASSPATH:$f
@@ -126,4 +126,4 @@
echo "Using JAVA_HOME: $JAVA_HOME"
echo "Using SYNAPSE_XML: $SYNAPSE_XML"
-$JAVA_HOME/bin/java $PORT $SYNAPSE_XML
-Daxis2.xml=$SYNAPSE_HOME/repository/conf/axis2.xml
-Djava.endorsed.dirs=$SYNAPSE_ENDORSED -classpath $SYNAPSE_CLASSPATH
org.apache.synapse.SynapseHTTPServer $SYNAPSE_HOME/repository
+$JAVA_HOME/bin/java $PORT $SYNAPSE_XML
-Daxis2.xml=$SYNAPSE_HOME/repository/conf/axis2.xml
-Djava.endorsed.dirs=$SYNAPSE_ENDORSED -classpath $SYNAPSE_CLASSPATH
org.apache.synapse.SynapseServer $SYNAPSE_HOME/repository
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
