001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.activemq.transport;
018    
019    import javax.net.ssl.SSLContext;
020    
021    import org.apache.activemq.broker.SslContext;
022    import org.apache.activemq.transport.https.Krb5AndCertsSslSocketConnector;
023    import org.apache.activemq.util.IntrospectionSupport;
024    import org.eclipse.jetty.server.Connector;
025    import org.eclipse.jetty.server.ssl.SslConnector;
026    import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
027    import org.eclipse.jetty.util.ssl.SslContextFactory;
028    
029    public class SecureSocketConnectorFactory extends SocketConnectorFactory {
030    
031        private String keyPassword = System.getProperty("javax.net.ssl.keyPassword");
032        private String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
033        private String keyStore = System.getProperty("javax.net.ssl.keyStore");
034        private String keyStoreType;
035        private String secureRandomCertficateAlgorithm;
036        private String trustCertificateAlgorithm;
037        private String keyCertificateAlgorithm;
038        private String protocol;
039        private String auth;
040    
041        private SslContext context;
042    
043        public SecureSocketConnectorFactory(SslContext context) {
044            this.context = context;
045        }
046    
047        @Override
048        public Connector createConnector() throws Exception {
049            IntrospectionSupport.setProperties(this, getTransportOptions());
050            SslConnector sslConnector;
051            if (Krb5AndCertsSslSocketConnector.isKrb(auth)) {
052                sslConnector = new Krb5AndCertsSslSocketConnector();
053                ((Krb5AndCertsSslSocketConnector)sslConnector).setMode(auth);
054            } else {
055                sslConnector = new SslSelectChannelConnector();
056            }
057    
058            SSLContext sslContext = context == null ? null : context.getSSLContext();
059    
060            // Get a reference to the current ssl context factory...
061            SslContextFactory factory = sslConnector.getSslContextFactory();
062    
063            if (context != null) {
064    
065                // Should not be using this method since it does not use all of the values
066                // from the passed SslContext instance.....
067                factory.setSslContext(sslContext);
068    
069            } else {
070    
071                if (keyStore != null) {
072                    factory.setKeyStorePath(keyStore);
073                }
074                if (keyStorePassword != null) {
075                    factory.setKeyStorePassword(keyStorePassword);
076                }
077                // if the keyPassword hasn't been set, default it to the
078                // key store password
079                if (keyPassword == null && keyStorePassword != null) {
080                    factory.setKeyStorePassword(keyStorePassword);
081                }
082                if (keyStoreType != null) {
083                    factory.setKeyStoreType(keyStoreType);
084                }
085                if (secureRandomCertficateAlgorithm != null) {
086                    factory.setSecureRandomAlgorithm(secureRandomCertficateAlgorithm);
087                }
088                if (keyCertificateAlgorithm != null) {
089                    factory.setSslKeyManagerFactoryAlgorithm(keyCertificateAlgorithm);
090                }
091                if (trustCertificateAlgorithm != null) {
092                    factory.setTrustManagerFactoryAlgorithm(trustCertificateAlgorithm);
093                }
094                if (protocol != null) {
095                    factory.setProtocol(protocol);
096                }
097            }
098    
099            return sslConnector;
100        }
101    
102        // Properties
103        // --------------------------------------------------------------------------------
104    
105        public String getKeyStore() {
106            return keyStore;
107        }
108    
109        public void setKeyStore(String keyStore) {
110            this.keyStore = keyStore;
111        }
112    
113        public String getKeyPassword() {
114            return keyPassword;
115        }
116    
117        public void setKeyPassword(String keyPassword) {
118            this.keyPassword = keyPassword;
119        }
120    
121        public String getKeyStoreType() {
122            return keyStoreType;
123        }
124    
125        public void setKeyStoreType(String keyStoreType) {
126            this.keyStoreType = keyStoreType;
127        }
128    
129        public String getKeyStorePassword() {
130            return keyStorePassword;
131        }
132    
133        public void setKeyStorePassword(String keyStorePassword) {
134            this.keyStorePassword = keyStorePassword;
135        }
136    
137        public String getProtocol() {
138            return protocol;
139        }
140    
141        public void setProtocol(String protocol) {
142            this.protocol = protocol;
143        }
144    
145        public String getSecureRandomCertficateAlgorithm() {
146            return secureRandomCertficateAlgorithm;
147        }
148    
149        public void setSecureRandomCertficateAlgorithm(String secureRandomCertficateAlgorithm) {
150            this.secureRandomCertficateAlgorithm = secureRandomCertficateAlgorithm;
151        }
152    
153        public String getKeyCertificateAlgorithm() {
154            return keyCertificateAlgorithm;
155        }
156    
157        public void setKeyCertificateAlgorithm(String keyCertificateAlgorithm) {
158            this.keyCertificateAlgorithm = keyCertificateAlgorithm;
159        }
160    
161        public String getTrustCertificateAlgorithm() {
162            return trustCertificateAlgorithm;
163        }
164    
165        public void setTrustCertificateAlgorithm(String trustCertificateAlgorithm) {
166            this.trustCertificateAlgorithm = trustCertificateAlgorithm;
167        }
168    
169        /**
170         * @return the auth
171         */
172        public String getAuth() {
173            return auth;
174        }
175    
176        /**
177         * @param auth the auth to set
178         */
179        public void setAuth(String auth) {
180            this.auth = auth;
181        }
182    }