common/securis.git

..	..	@@ -1,6 +1,7 @@
1	1	package net.curisit.securis;
2	2
3	3	import java.net.URI;
	4	+import java.security.KeyStore;
4	5	import java.util.Properties;
5	6
6	7	import javax.inject.Inject;
..	..	@@ -11,8 +12,14 @@
11	12
12	13	import org.apache.logging.log4j.LogManager;
13	14	import org.apache.logging.log4j.Logger;
	15	+import org.eclipse.jetty.http.HttpVersion;
14	16	import org.eclipse.jetty.server.Handler;
	17	+import org.eclipse.jetty.server.HttpConfiguration;
	18	+import org.eclipse.jetty.server.HttpConnectionFactory;
	19	+import org.eclipse.jetty.server.SecureRequestCustomizer;
15	20	import org.eclipse.jetty.server.Server;
	21	+import org.eclipse.jetty.server.ServerConnector;
	22	+import org.eclipse.jetty.server.SslConnectionFactory;
16	23	import org.eclipse.jetty.server.handler.ContextHandlerCollection;
17	24	import org.eclipse.jetty.server.handler.ResourceHandler;
18	25	import org.eclipse.jetty.servlet.ErrorPageErrorHandler;
..	..	@@ -20,6 +27,8 @@
20	27	import org.eclipse.jetty.servlet.ServletContextHandler;
21	28	import org.eclipse.jetty.servlet.ServletHolder;
22	29	import org.eclipse.jetty.util.resource.Resource;
	30	+import org.eclipse.jetty.util.ssl.SslContextFactory;
	31	+import org.eclipse.jetty.util.thread.QueuedThreadPool;
23	32	import org.jboss.resteasy.plugins.guice.GuiceResteasyBootstrapServletContextListener;
24	33	import org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher;
25	34
..	..	@@ -29,6 +38,7 @@
29	38	import com.google.inject.name.Names;
30	39	import com.google.inject.persist.PersistFilter;
31	40	import com.google.inject.persist.jpa.JpaPersistModule;
	41	+import com.itextpdf.text.pdf.security.KeyStoreUtil;
32	42
33	43	public class MainApp {
34	44
..	..	@@ -63,6 +73,9 @@
63	73	private static void startServer(URI uri) throws Exception {
64	74	System.out.println("Starting jetty...");
65	75
	76	+ QueuedThreadPool threadPool = new QueuedThreadPool();
	77	+ threadPool.setMaxThreads(50);
	78	+
66	79	server = new Server(9997);
67	80	ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
68	81	context.setContextPath("/");
..	..	@@ -90,10 +103,40 @@
90	103	contexts.setHandlers(new Handler[] {
91	104	staticResources, context
92	105	});
	106	+
	107	+ HttpConfiguration http_config = new HttpConfiguration();
	108	+ http_config.setSecureScheme("https");
	109	+ http_config.setSecurePort(8443);
	110	+ http_config.setOutputBufferSize(32768);
	111	+ http_config.setSendServerVersion(true);
	112	+ http_config.setSendDateHeader(false);
	113	+
	114	+
	115	+ HttpConfiguration https_config = new HttpConfiguration(http_config);
	116	+ https_config.addCustomizer(new SecureRequestCustomizer());
	117	+
	118	+ SslContextFactory sslContextFactory = new SslContextFactory();
	119	+ sslContextFactory.setKeyStorePath("/Users/rob/.ssh/keys/securis.pkcs12");
	120	+ sslContextFactory.setKeyStoreType("PKCS12");
	121	+ sslContextFactory.setKeyStorePassword("curist3c");
	122	+ //sslContextFactory.setCertAlias("1");
	123	+// sslContextFactory.setKeyManagerPassword("curist3c");
	124	+// sslContextFactory.setTrustStorePath("/Users/rob/.ssh/keys/keystore");
	125	+// sslContextFactory.setTrustStorePassword("curist3c");
	126	+ sslContextFactory.checkKeyStore();
	127	+ sslContextFactory.setNeedClientAuth(false);
	128	+ LOG.info("Protocol: {}", sslContextFactory.getProtocol());
	129	+
	130	+ ServerConnector sslConnector = new ServerConnector(server, new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(https_config));
	131	+ sslConnector.setPort(8443);
	132	+ sslConnector.setHost("securis.curistec.com");
	133	+ server.addConnector( sslConnector );
93	134
94	135	server.setHandler(context);
	136	+ server.setStopAtShutdown(true);
95	137	server.start();
96	138	server.join();
	139	+
97	140	LOG.info("Started server in: http://127.0.0.1:9997/");
98	141	}
99	142