web-socket-howto.xml

markt Sat, 07 Dec 2013 12:12:05 -0800

Author: markt
Date: Sat Dec  7 20:10:59 2013
New Revision: 1548961

URL: http://svn.apache.org/r1548961
Log:
Fix https://issues.apache.org/bugzilla/show_bug.cgi?id=55801
Add the ability to use a custom SSLContext when creating client wss connections.
Patch provided by Maciej Lypik.


Modified:
    tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
    tomcat/trunk/webapps/docs/web-socket-howto.xml

Modified: 
tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java?rev=1548961&r1=1548960&r2=1548961&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java 
(original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/WsWebSocketContainer.java Sat 
Dec  7 20:10:59 2013
@@ -87,6 +87,13 @@ public class WsWebSocketContainer
     public static final String SSL_TRUSTSTORE_PWD_PROPERTY =
             "org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD";
     public static final String SSL_TRUSTSTORE_PWD_DEFAULT = "changeit";
+    /**
+     * Property name to set to configure used SSLContext. The value should be 
an
+     * instance of SSLContext. If this property is present, the SSL_TRUSTSTORE*
+     * properties are ignored.
+     */
+    public static final String SSL_CONTEXT_PROPERTY =
+            "org.apache.tomcat.websocket.SSL_CONTEXT";
 
     /**
      * Property name to set to configure the timeout (in milliseconds) when
@@ -649,32 +656,38 @@ public class WsWebSocketContainer
             throws DeploymentException {
 
         try {
-            // Create the SSL Context
-            SSLContext sslContext = SSLContext.getInstance("TLS");
-
-            // Trust store
-            String sslTrustStoreValue =
-                    (String) userProperties.get(SSL_TRUSTSTORE_PROPERTY);
-            if (sslTrustStoreValue != null) {
-                String sslTrustStorePwdValue = (String) userProperties.get(
-                        SSL_TRUSTSTORE_PWD_PROPERTY);
-                if (sslTrustStorePwdValue == null) {
-                    sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT;
-                }
+            // See if a custom SSLContext has been provided
+            SSLContext sslContext =
+                    (SSLContext) userProperties.get(SSL_CONTEXT_PROPERTY);
+
+            if (sslContext == null) {
+                // Create the SSL Context
+                sslContext = SSLContext.getInstance("TLS");
+
+                // Trust store
+                String sslTrustStoreValue =
+                        (String) userProperties.get(SSL_TRUSTSTORE_PROPERTY);
+                if (sslTrustStoreValue != null) {
+                    String sslTrustStorePwdValue = (String) userProperties.get(
+                            SSL_TRUSTSTORE_PWD_PROPERTY);
+                    if (sslTrustStorePwdValue == null) {
+                        sslTrustStorePwdValue = SSL_TRUSTSTORE_PWD_DEFAULT;
+                    }
 
-                File keyStoreFile = new File(sslTrustStoreValue);
-                KeyStore ks = KeyStore.getInstance("JKS");
-                try (InputStream is = new FileInputStream(keyStoreFile)) {
-                    ks.load(is, sslTrustStorePwdValue.toCharArray());
-                }
+                    File keyStoreFile = new File(sslTrustStoreValue);
+                    KeyStore ks = KeyStore.getInstance("JKS");
+                    try (InputStream is = new FileInputStream(keyStoreFile)) {
+                        ks.load(is, sslTrustStorePwdValue.toCharArray());
+                    }
 
-                TrustManagerFactory tmf = TrustManagerFactory.getInstance(
-                        TrustManagerFactory.getDefaultAlgorithm());
-                tmf.init(ks);
+                    TrustManagerFactory tmf = TrustManagerFactory.getInstance(
+                            TrustManagerFactory.getDefaultAlgorithm());
+                    tmf.init(ks);
 
-                sslContext.init(null, tmf.getTrustManagers(), null);
-            } else {
-                sslContext.init(null, null, null);
+                    sslContext.init(null, tmf.getTrustManagers(), null);
+                } else {
+                    sslContext.init(null, null, null);
+                }
             }
 
             SSLEngine engine = sslContext.createSSLEngine();

Modified: tomcat/trunk/webapps/docs/web-socket-howto.xml
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/web-socket-howto.xml?rev=1548961&r1=1548960&r2=1548961&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/web-socket-howto.xml (original)
+++ tomcat/trunk/webapps/docs/web-socket-howto.xml Sat Dec  7 20:10:59 2013
@@ -122,11 +122,16 @@
    of the provided <code>javax.websocket.ClientEndpointConfig</code>. The
    following user properties are supported:</p>
    <ul>
+     <li><code>org.apache.tomcat.websocket.SSL_CONTEXT</code></li>
      <li><code>org.apache.tomcat.websocket.SSL_PROTOCOLS</code></li>
      <li><code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code></li>
      <li><code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code></li>
    </ul>
    <p>The default truststore password is <code>changeit</code>.</p>
+   <p>If the <code>org.apache.tomcat.websocket.SSL_CONTEXT</code> property is
+      set then the <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE</code> and
+      <code>org.apache.tomcat.websocket.SSL_TRUSTSTORE_PWD</code> properties
+      will be ignored.</p>
 </section>
 
 </body>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1548961 - in /tomcat/trunk: java/org/apache/tomcat/websocket/WsWebSocketContainer.java webapps/docs/web-socket-howto.xml

Reply via email to