OF-481: Moved from connector-based configuration to factory-based...

OF-481: Moved from connector-based configuration to factory-based configuration (as is preferred in later versions of Jetty). git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@12945 b35dd754-fafc-0310-a699-88a17e54d16e

OF-481: Moved from connector-based configuration to factory-based...
OF-481: Moved from connector-based configuration to factory-based configuration (as is preferred in later versions of Jetty). git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@12945 b35dd754-fafc-0310-a699-88a17e54d16e
fffd6bae · guus · 7c1524b3 · fffd6bae · fffd6bae
Commit fffd6bae authored Jan 01, 2012 by guus
Showing with 36 additions and 40 deletions

AdminConsolePlugin.java ...g/jivesoftware/openfire/container/AdminConsolePlugin.java +19 -22

HttpBindManager.java src/java/org/jivesoftware/openfire/http/HttpBindManager.java +17 -18

No files found.
--- a/src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java
+++ b/src/java/org/jivesoftware/openfire/container/AdminConsolePlugin.java
@@ -24,16 +24,7 @@ import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.List;
-import javax.net.ssl.SSLContext;
+import org.eclipse.jetty.http.ssl.SslContextFactory;
-import org.jivesoftware.openfire.XMPPServer;
-import org.jivesoftware.openfire.net.SSLConfig;
-import org.jivesoftware.util.CertificateEventListener;
-import org.jivesoftware.util.CertificateManager;
-import org.jivesoftware.util.JiveGlobals;
-import org.jivesoftware.util.LocaleUtils;
-import org.jivesoftware.util.StringUtils;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
@@ -45,7 +36,13 @@ import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
 import org.eclipse.jetty.webapp.WebAppContext;
+import org.jivesoftware.openfire.XMPPServer;
+import org.jivesoftware.openfire.net.SSLConfig;
+import org.jivesoftware.util.CertificateEventListener;
+import org.jivesoftware.util.CertificateManager;
+import org.jivesoftware.util.JiveGlobals;
+import org.jivesoftware.util.LocaleUtils;
+import org.jivesoftware.util.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -124,21 +121,21 @@ public class AdminConsolePlugin implements Plugin {
                        XMPPServer.getInstance().getServerInfo().getXMPPDomain())) {
                    Log.warn("Admin console: Using RSA certificates but they are not valid for the hosted domain");
                }
-                SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector();
+                final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
+                sslContextFactory.setTrustStorePassword(SSLConfig.gets2sTrustPassword());
+                sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
+                sslContextFactory.setTrustStore(SSLConfig.gets2sTruststoreLocation());
+                sslContextFactory.setNeedClientAuth(false);
+                sslContextFactory.setWantClientAuth(false);
+                sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
+                sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
+                final SslSelectChannelConnector httpsConnector = new SslSelectChannelConnector(sslContextFactory);
                String bindInterface = getBindInterface();
                httpsConnector.setHost(bindInterface);
                httpsConnector.setPort(adminSecurePort);
-                httpsConnector.setTrustPassword(SSLConfig.gets2sTrustPassword());
-                httpsConnector.setTruststoreType(SSLConfig.getStoreType());
-                httpsConnector.setTruststore(SSLConfig.gets2sTruststoreLocation());
-                httpsConnector.setNeedClientAuth(false);
-                httpsConnector.setWantClientAuth(false);
-                httpsConnector.setKeyPassword(SSLConfig.getKeyPassword());
-                httpsConnector.setKeystoreType(SSLConfig.getStoreType());
-                httpsConnector.setKeystore(SSLConfig.getKeystoreLocation());
                adminServer.addConnector(httpsConnector);
                sslEnabled = true;

--- a/src/java/org/jivesoftware/openfire/http/HttpBindManager.java
+++ b/src/java/org/jivesoftware/openfire/http/HttpBindManager.java
@@ -26,8 +26,7 @@ import java.security.cert.X509Certificate;
 import java.util.List;
 import java.util.Map;
-import javax.net.ssl.SSLContext;
+import org.eclipse.jetty.http.ssl.SslContextFactory;
 import org.eclipse.jetty.server.Connector;
 import org.eclipse.jetty.server.Handler;
 import org.eclipse.jetty.server.Server;
@@ -160,30 +159,30 @@ public final class HttpBindManager {
                            "the hosted domain");
                }
-                SslSelectChannelConnector sslConnector = new SslSelectChannelConnector();
+                final SslContextFactory sslContextFactory = new SslContextFactory(SSLConfig.getKeystoreLocation());
-                sslConnector.setHost(getBindInterface());
+                sslContextFactory.setTrustStorePassword(SSLConfig.getc2sTrustPassword());
-                sslConnector.setPort(securePort);
+                sslContextFactory.setTrustStoreType(SSLConfig.getStoreType());
+                sslContextFactory.setTrustStore(SSLConfig.getc2sTruststoreLocation());
-                sslConnector.setTrustPassword(SSLConfig.getc2sTrustPassword());
+                sslContextFactory.setKeyStorePassword(SSLConfig.getKeyPassword());
-                sslConnector.setTruststoreType(SSLConfig.getStoreType());
+                sslContextFactory.setKeyStoreType(SSLConfig.getStoreType());
-                sslConnector.setTruststore(SSLConfig.getc2sTruststoreLocation());
                // Set policy for checking client certificates
                String certPol = JiveGlobals.getProperty("xmpp.client.cert.policy", "disabled");
                if(certPol.equals("needed")) {                    
-                    sslConnector.setNeedClientAuth(true);
+                	sslContextFactory.setNeedClientAuth(true);
-                    sslConnector.setWantClientAuth(true);
+                	sslContextFactory.setWantClientAuth(true);
                } else if(certPol.equals("wanted")) {
-                    sslConnector.setNeedClientAuth(false);
+                	sslContextFactory.setNeedClientAuth(false);
-                    sslConnector.setWantClientAuth(true);
+                	sslContextFactory.setWantClientAuth(true);
                } else {
-                    sslConnector.setNeedClientAuth(false);
+                	sslContextFactory.setNeedClientAuth(false);
-                    sslConnector.setWantClientAuth(false);
+                	sslContextFactory.setWantClientAuth(false);
                }
-                sslConnector.setKeyPassword(SSLConfig.getKeyPassword());
+                final SslSelectChannelConnector sslConnector = new SslSelectChannelConnector();
-                sslConnector.setKeystoreType(SSLConfig.getStoreType());
+                sslConnector.setHost(getBindInterface());
-                sslConnector.setKeystore(SSLConfig.getKeystoreLocation());
+                sslConnector.setPort(securePort);
                httpsConnector = sslConnector;
            }
        }