diff options
| author | Robert Gemmell <robbie@apache.org> | 2012-07-13 14:37:23 +0000 |
|---|---|---|
| committer | Robert Gemmell <robbie@apache.org> | 2012-07-13 14:37:23 +0000 |
| commit | 4dafd3cc40c262c13a53fc4ae853413a64aaa1cb (patch) | |
| tree | 380e889f2d1516ce1a2f7484de2a2bce0db37047 | |
| parent | bfeb478032164121c8403c1a5fc375123d7ce66f (diff) | |
| download | qpid-python-4dafd3cc40c262c13a53fc4ae853413a64aaa1cb.tar.gz | |
QPID-3998: Add HTTPS support for the REST management interface
Applied patch from Oleksandr Rudyy <orudyy@gmail.com>
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1361239 13f79535-47bb-0310-9956-ffa450edef68
18 files changed, 234 insertions, 89 deletions
diff --git a/qpid/java/broker-plugins/management-http/MANIFEST.MF b/qpid/java/broker-plugins/management-http/MANIFEST.MF index 389ff03b2d..a03844494b 100644 --- a/qpid/java/broker-plugins/management-http/MANIFEST.MF +++ b/qpid/java/broker-plugins/management-http/MANIFEST.MF @@ -38,11 +38,14 @@ Import-Package: org.apache.qpid, org.apache.qpid.util, org.eclipse.jetty.server;version=7.6.3, org.eclipse.jetty.server.session;version=7.6.3, + org.eclipse.jetty.server.ssl;version=7.6.3, + org.eclipse.jetty.server.nio;version=7.6.3, org.eclipse.jetty.security;version=7.6.3, org.eclipse.jetty.http;version=7.6.3, org.eclipse.jetty.io;version=7.6.3, org.eclipse.jetty.io.nio;version=7.6.3, org.eclipse.jetty.servlet;version=7.6.3, + org.eclipse.jetty.util.ssl;version=7.6.3, org.apache.commons.codec;version=1.3.0, org.apache.commons.codec.binary;version=1.3.0, org.apache.commons.configuration;version=1.0.0, diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/Management.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/Management.java index 589f46749d..c2f9b73b54 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/Management.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/Management.java @@ -20,22 +20,46 @@ */ package org.apache.qpid.server.management.plugin; -import java.net.InetSocketAddress; -import java.net.SocketAddress; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; import java.util.ArrayList; import java.util.Collection; + +import org.apache.commons.configuration.ConfigurationException; import org.apache.log4j.Logger; import org.apache.qpid.server.management.plugin.servlet.DefinedFileServlet; import org.apache.qpid.server.management.plugin.servlet.FileServlet; import org.apache.qpid.server.management.plugin.servlet.api.ExchangesServlet; import org.apache.qpid.server.management.plugin.servlet.api.VhostsServlet; -import org.apache.qpid.server.management.plugin.servlet.rest.*; -import org.apache.qpid.server.model.*; +import org.apache.qpid.server.management.plugin.servlet.rest.LogRecordsServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.MessageContentServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.MessageServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.RestServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.SaslServlet; +import org.apache.qpid.server.management.plugin.servlet.rest.StructureServlet; +import org.apache.qpid.server.model.AuthenticationProvider; +import org.apache.qpid.server.model.Binding; +import org.apache.qpid.server.model.Broker; +import org.apache.qpid.server.model.ConfiguredObject; +import org.apache.qpid.server.model.Connection; +import org.apache.qpid.server.model.Exchange; +import org.apache.qpid.server.model.Port; +import org.apache.qpid.server.model.Protocol; +import org.apache.qpid.server.model.Queue; +import org.apache.qpid.server.model.Session; +import org.apache.qpid.server.model.Transport; +import org.apache.qpid.server.model.User; +import org.apache.qpid.server.model.VirtualHost; import org.apache.qpid.server.registry.ApplicationRegistry; +import org.apache.qpid.server.registry.IApplicationRegistry; import org.eclipse.jetty.server.Server; import org.eclipse.jetty.server.SessionManager; +import org.eclipse.jetty.server.nio.SelectChannelConnector; +import org.eclipse.jetty.server.ssl.SslSocketConnector; import org.eclipse.jetty.servlet.ServletContextHandler; import org.eclipse.jetty.servlet.ServletHolder; +import org.eclipse.jetty.util.ssl.SslContextFactory; public class Management { @@ -46,72 +70,110 @@ public class Management private Collection<Server> _servers = new ArrayList<Server>(); - - public Management() + public Management() throws ConfigurationException, IOException { _broker = ApplicationRegistry.getInstance().getBroker(); Collection<Port> ports = _broker.getPorts(); - for(Port port : ports) + int httpPort = -1, httpsPort = -1; + for (Port port : ports) { - // TODO - cover cases where more than just HTTP supported, and SSL as a transport - if(port.getProtocols().contains(Protocol.HTTP)) + if (port.getProtocols().contains(Protocol.HTTP)) + { + if (port.getTransports().contains(Transport.TCP)) + { + httpPort = port.getPort(); + } + } + if (port.getProtocols().contains(Protocol.HTTPS)) { - if(port.getTransports().contains(Transport.TCP)) + if (port.getTransports().contains(Transport.SSL)) { - int portNumber = port.getPort(); - if (_logger.isInfoEnabled()) - { - _logger.info("Creating web server on port " + portNumber); - } - _servers.add(createServer(portNumber)); + httpsPort = port.getPort(); } } } - if (_logger.isDebugEnabled()) + if (httpPort != -1 || httpsPort != -1) { - _logger.info(_servers.size() + " server(s) defined"); + _servers.add(createServer(httpPort, httpsPort)); + if (_logger.isDebugEnabled()) + { + _logger.debug(_servers.size() + " server(s) defined"); + } + } + else + { + if (_logger.isInfoEnabled()) + { + _logger.info("Cannot create web server as neither HTTP nor HTTPS port specified"); + } } - } - private Server createServer(int port) + @SuppressWarnings("unchecked") + private Server createServer(int port, int sslPort) throws IOException, ConfigurationException { - _logger.info("Starting up web server on port " + port); + if (_logger.isInfoEnabled()) + { + _logger.info("Starting up web server on" + (port == -1 ? "" : " HTTP port " + port) + + (sslPort == -1 ? "" : " HTTPS port " + sslPort)); + } + + Server server = new Server(); - Server server = new Server(port); - SocketAddress socketAddress = new InetSocketAddress(port); + if (port != -1) + { + SelectChannelConnector connector = new SelectChannelConnector(); + connector.setPort(port); + if (sslPort != -1) + { + connector.setConfidentialPort(sslPort); + } + server.addConnector(connector); + } + + if (sslPort != -1) + { + IApplicationRegistry appRegistry = ApplicationRegistry.getInstance(); + String keyStorePath = getKeyStorePath(appRegistry); + + SslContextFactory factory = new SslContextFactory(); + factory.setKeyStorePath(keyStorePath); + factory.setKeyStorePassword(appRegistry.getConfiguration().getManagementKeyStorePassword()); + + SslSocketConnector connector = new SslSocketConnector(factory); + connector.setPort(sslPort); + server.addConnector(connector); + } ServletContextHandler root = new ServletContextHandler(ServletContextHandler.SESSIONS); - root.setContextPath("/"); - server.setHandler(root); + root.setContextPath("/"); + server.setHandler(root); root.addServlet(new ServletHolder(new VhostsServlet(_broker)), "/api/vhosts/*"); root.addServlet(new ServletHolder(new ExchangesServlet(_broker)), "/api/exchanges/*"); - addRestServlet(root, "broker", socketAddress); - addRestServlet(root, "virtualhost", socketAddress, VirtualHost.class); - addRestServlet(root, "authenticationprovider", socketAddress, AuthenticationProvider.class); - addRestServlet(root, "user", socketAddress, AuthenticationProvider.class, User.class); - addRestServlet(root, "exchange", socketAddress, VirtualHost.class, Exchange.class); - addRestServlet(root, "queue", socketAddress, VirtualHost.class, Queue.class); - addRestServlet(root, "connection", socketAddress, VirtualHost.class, Connection.class); - addRestServlet(root, "binding", socketAddress, VirtualHost.class, Exchange.class, Queue.class, Binding.class); - addRestServlet(root, "port", socketAddress, Port.class); - addRestServlet(root, "session", socketAddress, VirtualHost.class, Connection.class, Session.class); + addRestServlet(root, "broker"); + addRestServlet(root, "virtualhost", VirtualHost.class); + addRestServlet(root, "authenticationprovider", AuthenticationProvider.class); + addRestServlet(root, "user", AuthenticationProvider.class, User.class); + addRestServlet(root, "exchange", VirtualHost.class, Exchange.class); + addRestServlet(root, "queue", VirtualHost.class, Queue.class); + addRestServlet(root, "connection", VirtualHost.class, Connection.class); + addRestServlet(root, "binding", VirtualHost.class, Exchange.class, Queue.class, Binding.class); + addRestServlet(root, "port", Port.class); + addRestServlet(root, "session", VirtualHost.class, Connection.class, Session.class); - root.addServlet(new ServletHolder(new StructureServlet(_broker, socketAddress)), "/rest/structure"); - root.addServlet(new ServletHolder(new MessageServlet(_broker, socketAddress)), "/rest/message/*"); - root.addServlet(new ServletHolder(new MessageContentServlet(_broker, socketAddress)), "/rest/message-content/*"); + root.addServlet(new ServletHolder(new StructureServlet(_broker)), "/rest/structure"); + root.addServlet(new ServletHolder(new MessageServlet(_broker)), "/rest/message/*"); + root.addServlet(new ServletHolder(new MessageContentServlet(_broker)), "/rest/message-content/*"); - root.addServlet(new ServletHolder(new LogRecordsServlet(_broker, socketAddress)), "/rest/logrecords"); + root.addServlet(new ServletHolder(new LogRecordsServlet(_broker)), "/rest/logrecords"); + root.addServlet(new ServletHolder(new SaslServlet(_broker)), "/rest/sasl"); - root.addServlet(new ServletHolder(new SaslServlet(_broker, socketAddress)), "/rest/sasl"); - - root.addServlet(new ServletHolder(new DefinedFileServlet("management.html")),"/management"); - + root.addServlet(new ServletHolder(new DefinedFileServlet("management.html")), "/management"); root.addServlet(new ServletHolder(FileServlet.INSTANCE), "*.js"); root.addServlet(new ServletHolder(FileServlet.INSTANCE), "*.css"); @@ -131,14 +193,14 @@ public class Management return server; } - private void addRestServlet(ServletContextHandler root, String name, SocketAddress socketAddress, Class<? extends ConfiguredObject>... hierarchy) + private void addRestServlet(ServletContextHandler root, String name, Class<? extends ConfiguredObject>... hierarchy) { - root.addServlet(new ServletHolder(new RestServlet(_broker, socketAddress, hierarchy)), "/rest/"+name+"/*"); + root.addServlet(new ServletHolder(new RestServlet(_broker, hierarchy)), "/rest/" + name + "/*"); } public void start() throws Exception { - for(Server server : _servers) + for (Server server : _servers) { server.start(); } @@ -146,10 +208,41 @@ public class Management public void stop() throws Exception { - for(Server server : _servers) + for (Server server : _servers) { server.stop(); } } + private String getKeyStorePath(IApplicationRegistry appRegistry) throws ConfigurationException, FileNotFoundException + { + String keyStorePath = null; + if (System.getProperty("javax.net.ssl.keyStore") != null) + { + keyStorePath = System.getProperty("javax.net.ssl.keyStore"); + } + else + { + keyStorePath = appRegistry.getConfiguration().getManagementKeyStorePath(); + } + + if (keyStorePath == null) + { + throw new ConfigurationException("Management SSL keystore path not defined, unable to start SSL protected HTTP connector"); + } + else + { + File ksf = new File(keyStorePath); + if (!ksf.exists()) + { + throw new FileNotFoundException("Cannot find management SSL keystore file: " + ksf); + } + if (!ksf.canRead()) + { + throw new FileNotFoundException("Cannot read management SSL keystore file: " + ksf + ". Check permissions."); + } + } + return keyStorePath; + } + } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/ManagementActivator.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/ManagementActivator.java index 2600d8a7bf..09b7e08bfb 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/ManagementActivator.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/ManagementActivator.java @@ -39,9 +39,10 @@ public class ManagementActivator implements BundleActivator public void start(final BundleContext ctx) throws Exception { _ctx = ctx; - if (!ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementEnabled()) + if (!ApplicationRegistry.getInstance().getConfiguration().getHTTPManagementEnabled() + && !ApplicationRegistry.getInstance().getConfiguration().getHTTPSManagementEnabled()) { - _logger.info("Management plugin is diabled!"); + _logger.info("Management plugin is disabled!"); ctx.getBundle().uninstall(); return; } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java index 123f352ec1..a76bd98179 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/AbstractServlet.java @@ -42,19 +42,16 @@ import org.apache.qpid.server.security.auth.manager.AuthenticationManager; public abstract class AbstractServlet extends HttpServlet { private final Broker _broker; - private SocketAddress _socketAddress; protected AbstractServlet() { super(); _broker = ApplicationRegistry.getInstance().getBroker(); - _socketAddress = null; } - protected AbstractServlet(Broker broker, SocketAddress socketAddress) + protected AbstractServlet(Broker broker) { _broker = broker; - _socketAddress = socketAddress; } @Override @@ -206,10 +203,6 @@ public abstract class AbstractServlet extends HttpServlet protected SocketAddress getSocketAddress(HttpServletRequest request) { - if (_socketAddress == null) - { - return InetSocketAddress.createUnresolved(request.getServerName(), request.getServerPort()); - } - return _socketAddress; + return InetSocketAddress.createUnresolved(request.getServerName(), request.getServerPort()); } } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java index 7a4b92f907..404793b592 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/LogRecordsServlet.java @@ -18,7 +18,6 @@ package org.apache.qpid.server.management.plugin.servlet.rest; import java.io.IOException; import java.io.PrintWriter; -import java.net.SocketAddress; import java.util.ArrayList; import java.util.LinkedHashMap; import java.util.List; @@ -36,12 +35,12 @@ public class LogRecordsServlet extends AbstractServlet { public LogRecordsServlet() { - super(ApplicationRegistry.getInstance().getBroker(), null); + super(ApplicationRegistry.getInstance().getBroker()); } - public LogRecordsServlet(Broker broker, SocketAddress socketaddress) + public LogRecordsServlet(Broker broker) { - super(broker, socketaddress); + super(broker); } @Override diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java index 4d58a9f3b0..bc87f0bcc5 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageContentServlet.java @@ -18,7 +18,6 @@ package org.apache.qpid.server.management.plugin.servlet.rest; import java.io.IOException; -import java.net.SocketAddress; import java.nio.ByteBuffer; import java.util.ArrayList; import java.util.Arrays; @@ -43,9 +42,9 @@ public class MessageContentServlet extends AbstractServlet super(); } - public MessageContentServlet(Broker broker, SocketAddress socketaddress) + public MessageContentServlet(Broker broker) { - super(broker, socketaddress); + super(broker); } @Override diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java index b47dc8b28e..6e7bc1d935 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/MessageServlet.java @@ -19,7 +19,6 @@ package org.apache.qpid.server.management.plugin.servlet.rest; import java.io.IOException; import java.io.PrintWriter; -import java.net.SocketAddress; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; @@ -57,9 +56,9 @@ public class MessageServlet extends AbstractServlet super(); } - public MessageServlet(Broker broker, SocketAddress socketaddress) + public MessageServlet(Broker broker) { - super(broker, socketaddress); + super(broker); } @Override diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java index b2f4147366..5c7421fdaa 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/RestServlet.java @@ -55,9 +55,9 @@ public class RestServlet extends AbstractServlet initializationRequired = true; } - public RestServlet(Broker broker, SocketAddress socketaddress, Class<? extends ConfiguredObject>... hierarchy) + public RestServlet(Broker broker, Class<? extends ConfiguredObject>... hierarchy) { - super(broker, socketaddress); + super(broker); _hierarchy = hierarchy; } diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java index 03ee2e92ee..1b78611a50 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/SaslServlet.java @@ -39,7 +39,6 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.io.PrintWriter; -import java.net.SocketAddress; import java.security.Principal; import java.security.SecureRandom; import java.util.LinkedHashMap; @@ -63,9 +62,9 @@ public class SaslServlet extends AbstractServlet super(); } - public SaslServlet(Broker broker, SocketAddress socketaddress) + public SaslServlet(Broker broker) { - super(broker, socketaddress); + super(broker); } protected void onGet(HttpServletRequest request, HttpServletResponse response) throws diff --git a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java index 6295d74b42..e4ba374f89 100644 --- a/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java +++ b/qpid/java/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/servlet/rest/StructureServlet.java @@ -18,7 +18,6 @@ package org.apache.qpid.server.management.plugin.servlet.rest; import java.io.IOException; import java.io.PrintWriter; -import java.net.SocketAddress; import java.util.ArrayList; import java.util.Collection; import java.util.LinkedHashMap; @@ -42,9 +41,9 @@ public class StructureServlet extends AbstractServlet super(); } - public StructureServlet(Broker broker, SocketAddress socketaddress) + public StructureServlet(Broker broker) { - super(broker, socketaddress); + super(broker); } @Override diff --git a/qpid/java/broker/etc/config.xml b/qpid/java/broker/etc/config.xml index e1aacd43b5..08c7c23d13 100644 --- a/qpid/java/broker/etc/config.xml +++ b/qpid/java/broker/etc/config.xml @@ -57,6 +57,9 @@ <keyStorePath>${conf}/qpid.keystore</keyStorePath> <keyStorePassword>password</keyStorePassword> </ssl> + <https> + <enabled>false</enabled> + </https> </management> <advanced> <framesize>65535</framesize> diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java index c23e58fdab..7161c556e9 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java @@ -65,6 +65,7 @@ public class ServerConfiguration extends ConfigurationPlugin public static final int DEFAULT_JMXPORT_REGISTRYSERVER = 8999; public static final int JMXPORT_CONNECTORSERVER_OFFSET = 100; public static final int DEFAULT_HTTP_MANAGEMENT_PORT = 8080; + public static final int DEFAULT_HTTPS_MANAGEMENT_PORT = 8443; public static final String QPID_HOME = "QPID_HOME"; public static final String QPID_WORK = "QPID_WORK"; @@ -580,7 +581,17 @@ public class ServerConfiguration extends ConfigurationPlugin public int getHTTPManagementPort() { - return getIntValue("management.http.port", 8080); + return getIntValue("management.http.port", DEFAULT_HTTP_MANAGEMENT_PORT); + } + + public boolean getHTTPSManagementEnabled() + { + return getBooleanValue("management.https.enabled", false); + } + + public int getHTTPSManagementPort() + { + return getIntValue("management.https.port", DEFAULT_HTTPS_MANAGEMENT_PORT); } public String[] getVirtualHosts() @@ -1015,4 +1026,5 @@ public class ServerConfiguration extends ConfigurationPlugin { _qpidHome = path; } + } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Protocol.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Protocol.java index fecbcec194..5d9de69f9a 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Protocol.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Protocol.java @@ -28,5 +28,6 @@ public enum Protocol AMQP_0_10, AMQP_1_0, JMX, - HTTP + HTTP, + HTTPS } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java index e1a6b6a337..f1cce2d45c 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java @@ -26,6 +26,7 @@ import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.HashMap; +import java.util.List; import java.util.Map; import org.apache.qpid.common.QpidProperties; import org.apache.qpid.server.model.AuthenticationProvider; @@ -33,8 +34,10 @@ import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.ConfiguredObject; import org.apache.qpid.server.model.LifetimePolicy; import org.apache.qpid.server.model.Port; +import org.apache.qpid.server.model.Protocol; import org.apache.qpid.server.model.State; import org.apache.qpid.server.model.Statistics; +import org.apache.qpid.server.model.Transport; import org.apache.qpid.server.model.UUIDGenerator; import org.apache.qpid.server.model.VirtualHost; import org.apache.qpid.server.registry.IApplicationRegistry; @@ -55,7 +58,8 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, VirtualHos new HashMap<org.apache.qpid.server.virtualhost.VirtualHost, VirtualHostAdapter>(); private final StatisticsAdapter _statistics; private final Map<QpidAcceptor, PortAdapter> _portAdapters = new HashMap<QpidAcceptor, PortAdapter>(); - private HTTPPortAdapter _httpManagementPort; + private Collection<HTTPPortAdapter> _httpManagementPorts; + private final Map<AuthenticationManager, AuthenticationProviderAdapter> _authManagerAdapters = new HashMap<AuthenticationManager, AuthenticationProviderAdapter>(); @@ -114,11 +118,19 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, VirtualHos _portAdapters.put(entry.getValue(), new PortAdapter(this, entry.getValue(), entry.getKey())); } } - if(_applicationRegistry.useHTTPManagement()) + if(_applicationRegistry.useHTTPManagement() || _applicationRegistry.useHTTPSManagement()) { - _httpManagementPort = new HTTPPortAdapter(this, _applicationRegistry.getHTTPManagementPort()); + ArrayList<HTTPPortAdapter> httpPorts = new ArrayList<HTTPPortAdapter>(); + if (_applicationRegistry.useHTTPManagement()) + { + httpPorts.add(new HTTPPortAdapter(this, _applicationRegistry.getHTTPManagementPort())); + } + if (_applicationRegistry.useHTTPSManagement()) + { + httpPorts.add(new HTTPPortAdapter(this, _applicationRegistry.getHTTPSManagementPort(), Protocol.HTTPS, Transport.SSL)); + } + _httpManagementPorts = Collections.unmodifiableCollection(httpPorts); } - } } @@ -127,9 +139,9 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, VirtualHos synchronized (_portAdapters) { final ArrayList<Port> ports = new ArrayList<Port>(_portAdapters.values()); - if(_httpManagementPort != null) + if(_httpManagementPorts != null) { - ports.add(_httpManagementPort); + ports.addAll(_httpManagementPorts); } return ports; } diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/HTTPPortAdapter.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/HTTPPortAdapter.java index a20185802f..823d27160b 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/HTTPPortAdapter.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/HTTPPortAdapter.java @@ -39,13 +39,22 @@ import org.apache.qpid.server.model.VirtualHostAlias; public class HTTPPortAdapter extends AbstractAdapter implements Port { private final BrokerAdapter _broker; - private int _port; + private final int _port; + private final Protocol _protocol; + private final Transport _transport; + public HTTPPortAdapter(BrokerAdapter brokerAdapter, int port) { + this(brokerAdapter, port, Protocol.HTTP, Transport.TCP); + } + + public HTTPPortAdapter(BrokerAdapter brokerAdapter, int port, Protocol protocol, Transport transport) + { super(UUIDGenerator.generateRandomUUID()); _broker = brokerAdapter; _port = port; - + _protocol = protocol; + _transport = transport; } @Override @@ -63,7 +72,7 @@ public class HTTPPortAdapter extends AbstractAdapter implements Port @Override public Collection<Transport> getTransports() { - return Collections.singleton(Transport.TCP); + return Collections.singleton(_transport); } @Override @@ -83,7 +92,7 @@ public class HTTPPortAdapter extends AbstractAdapter implements Port @Override public Collection<Protocol> getProtocols() { - return Collections.singleton(Protocol.HTTP); + return Collections.singleton(_protocol); } @Override diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/plugins/OsgiSystemPackages.properties b/qpid/java/broker/src/main/java/org/apache/qpid/server/plugins/OsgiSystemPackages.properties index 48c33821ee..4767e1ea6b 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/plugins/OsgiSystemPackages.properties +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/plugins/OsgiSystemPackages.properties @@ -79,7 +79,10 @@ org.eclipse.jetty.io.nio=7.6.3 org.eclipse.jetty.security=7.6.3 org.eclipse.jetty.server=7.6.3 org.eclipse.jetty.server.session=7.6.3 +org.eclipse.jetty.server.ssl=7.6.3 +org.eclipse.jetty.server.nio=7.6.3 org.eclipse.jetty.servlet=7.6.3 +org.eclipse.jetty.util.ssl=7.6.3 org.codehaus.jackson=1.9.0 org.codehaus.jackson.map=1.9.0 diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java index 10c69b7f97..e0e317f75d 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/ApplicationRegistry.java @@ -108,7 +108,7 @@ public abstract class ApplicationRegistry implements IApplicationRegistry private final List<PortBindingListener> _portBindingListeners = new ArrayList<PortBindingListener>(); - private int _httpManagementPort = -1; + private int _httpManagementPort = -1, _httpsManagementPort = -1; private LogRecorder _logRecorder; @@ -299,6 +299,10 @@ public abstract class ApplicationRegistry implements IApplicationRegistry { _httpManagementPort = _configuration.getHTTPManagementPort(); } + if (_configuration.getHTTPSManagementEnabled()) + { + _httpsManagementPort = _configuration.getHTTPSManagementPort(); + } _broker = new BrokerAdapter(this); @@ -736,6 +740,18 @@ public abstract class ApplicationRegistry implements IApplicationRegistry return _httpManagementPort; } + @Override + public boolean useHTTPSManagement() + { + return _httpsManagementPort != -1; + } + + @Override + public int getHTTPSManagementPort() + { + return _httpsManagementPort; + } + public LogRecorder getLogRecorder() { return _logRecorder; diff --git a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java index 2baf7ed5ee..88c3c93156 100644 --- a/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java +++ b/qpid/java/broker/src/main/java/org/apache/qpid/server/registry/IApplicationRegistry.java @@ -119,6 +119,10 @@ public interface IApplicationRegistry extends StatisticsGatherer int getHTTPManagementPort(); + boolean useHTTPSManagement(); + + int getHTTPSManagementPort(); + void addRegistryChangeListener(IAuthenticationManagerRegistry.RegistryChangeListener registryChangeListener); public interface PortBindingListener |