Added support for connecting to the admin console through SSL (JM-178).

git-svn-id: http://svn.igniterealtime.org/svn/repos/messenger/trunk@1001 b35dd754-fafc-0310-a699-88a17e54d16e

src/conf/jive-messenger.xml

@@ -18,7 +18,8 @@
 <jive>
     <adminConsole>
         <port>9090</port>
-        <!-- By default, only the user with the username "admin" can login 
+        <securePort>9091</securePort>
+        <!-- By default, only the user with the username "admin" can login
          to the admin console. Alternatively, you can specify a comma-delimitted 
          list usernames that should be authorized to login by setting the  
          <authorizedUsernames> field below. --> 

src/i18n/messenger_i18n_en.properties

@@ -800,8 +800,10 @@ setup.host.settings.domain=Domain:
 setup.host.settings.invalid_domain=Invalid domain.
 setup.host.settings.hostname=Hostname or IP address of this server.
 setup.host.settings.port=Admin Console Port:
+setup.host.settings.secure_port=Secure Admin Console Port:
 setup.host.settings.invalid_port=Invalid port number.
 setup.host.settings.port_number=Port number for the web-based admin console (default is 9090).
+setup.host.settings.secure_port_number=Port number for the web-based admin console through SSL (default is 9091).
 setup.host.settings.ssl=SSL Connections Enabled:
 setup.host.settings.yes=Yes
 setup.host.settings.no=No

src/java/org/jivesoftware/messenger/container/AdminConsolePlugin.java

@@ -19,6 +19,7 @@ import java.io.File;
 import org.mortbay.jetty.Server;
 import org.mortbay.jetty.servlet.WebApplicationContext;
 import org.mortbay.log.*;
+import org.mortbay.http.SunJsseListener;
 
 /**
  * The admin console plugin. It starts a Jetty instance on the configured
@@ -29,7 +30,8 @@ import org.mortbay.log.*;
 public class AdminConsolePlugin implements Plugin {
 
     private static Server jetty = null;
-    private String port = null;
+    private int port;
+    private int securePort;
 
     /**
      * Create a jetty module.
@@ -72,8 +74,42 @@ public class AdminConsolePlugin implements Plugin {
             jetty = new Server();
 
             // Configure HTTP socket listener
-            port = JiveGlobals.getXMLProperty("adminConsole.port", "9090");
-            jetty.addListener(port);
+            port = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
+            jetty.addListener(Integer.toString(port));
+
+            boolean secureStarted = false;
+            try {
+                SunJsseListener listener = new SunJsseListener();
+                // Get the keystore location. The default location is security/keystore
+                String keyStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.keystore",
+                    "resources" + File.separator + "security" + File.separator + "keystore");
+                keyStoreLocation = JiveGlobals.getMessengerHome() + File.separator + keyStoreLocation;
+
+                // Get the keystore password. The default password is "changeit".
+                String keypass = JiveGlobals.getProperty("xmpp.socket.ssl.keypass", "changeit");
+                keypass = keypass.trim();
+
+                // Get the truststore location; default at security/truststore
+                String trustStoreLocation = JiveGlobals.getProperty("xmpp.socket.ssl.truststore",
+                        "resources" + File.separator + "security" + File.separator + "truststore");
+                trustStoreLocation = JiveGlobals.getMessengerHome() + File.separator + trustStoreLocation;
+
+                // Get the truststore passwprd; default is "changeit".
+                String trustpass = JiveGlobals.getProperty("xmpp.socket.ssl.trustpass", "changeit");
+                trustpass = trustpass.trim();
+
+                listener.setKeystore(keyStoreLocation);
+                listener.setKeyPassword(keypass);
+                listener.setPassword(keypass);
+                securePort = JiveGlobals.getXMLProperty("adminConsole.securePort", 9091);
+                listener.setPort(securePort);
+
+                jetty.addListener(listener);
+                secureStarted = true;
+            }
+            catch (Exception e) {
+                Log.error(e);
+            }
 
             // Add web-app
             WebApplicationContext webAppContext = jetty.addWebApplication("/",
@@ -83,8 +119,18 @@ public class AdminConsolePlugin implements Plugin {
             jetty.start();
 
             Log.info("Started admin console on port: " + port);
-            System.out.println("Admin console listening at http://" +
-                    XMPPServer.getInstance().getServerInfo().getName() + ":" + port);
+            if (!secureStarted) {
+                System.out.println("Admin console listening at http://" +
+                        XMPPServer.getInstance().getServerInfo().getName() + ":" + port);
+            }
+            else {
+                Log.info("Started secure admin console on port: " + securePort);
+                System.out.println("Admin console listening at:");
+                System.out.println("  http://" +
+                        XMPPServer.getInstance().getServerInfo().getName() + ":" + port);
+                System.out.println("  https://" +
+                        XMPPServer.getInstance().getServerInfo().getName() + ":" + securePort);
+            }
         }
         catch (Exception e) {
             Log.error("Trouble initializing admin console", e);

src/web/setup-host-settings.jsp

@@ -16,8 +16,9 @@
 <%@ taglib uri="http://java.sun.com/jstl/fmt_rt" prefix="fmt" %>
 <%  // Get parameters
     String domain = ParamUtils.getParameter(request,"domain");
-    int embeddedPort = ParamUtils.getIntParameter(request,"embeddedPort",-1);
-    boolean sslEnabled = ParamUtils.getBooleanParameter(request,"sslEnabled",true);
+    int embeddedPort = ParamUtils.getIntParameter(request, "embeddedPort", -1);
+    int securePort = ParamUtils.getIntParameter(request, "securePort", -1);
+    boolean sslEnabled = ParamUtils.getBooleanParameter(request, "sslEnabled", true);
 
     boolean doContinue = request.getParameter("continue") != null;
 
@@ -37,6 +38,7 @@
 
             xmppSettings.put("xmpp.domain",domain);
             xmppSettings.put("adminConsole.port",Integer.toString(embeddedPort));
+            xmppSettings.put("adminConsole.securePort",Integer.toString(securePort));
             xmppSettings.put("xmpp.socket.ssl.active",""+sslEnabled);
             xmppSettings.put("xmpp.auth.anonymous", "true" );
             session.setAttribute("xmppSettings", xmppSettings);
@@ -54,7 +56,8 @@
     // Load the current values:
     if (!doContinue) {
         domain = JiveGlobals.getProperty("xmpp.domain");
-        embeddedPort = JiveGlobals.getIntProperty("adminConsole.port", 9090);
+        embeddedPort = JiveGlobals.getXMLProperty("adminConsole.port", 9090);
+        securePort = JiveGlobals.getXMLProperty("adminConsole.port", 9091);
         sslEnabled = JiveGlobals.getBooleanProperty("xmpp.socket.ssl.active", true);
 
         // If the domain is still blank, guess at the value:
@@ -121,6 +124,26 @@ LABEL { font-weight : normal; }
         </span>
     </td>
 </tr>
+<tr valign="top">
+    <td width="1%" nowrap>
+        <fmt:message key="setup.host.settings.secure_port" />
+        <%  if (errors.get("securePort") != null) { %>
+
+            <span class="jive-error-text"><br>
+            <fmt:message key="setup.host.settings.invalid_port" />
+            </span>
+
+        <%  } %>
+    </td>
+    <td width="99%">
+        <input type="text" size="6" maxlength="6" name="securePort"
+         value="<%= ((securePort != -1) ? ""+securePort : "9091") %>">
+        <span class="jive-description">
+        <br>
+        <fmt:message key="setup.host.settings.secure_port_number" />
+        </span>
+    </td>
+</tr>
 <tr valign="middle">
     <td width="1%" nowrap>
         <fmt:message key="setup.host.settings.ssl" />