java - How to access TLS certificates in Jetty Websocket -


i have tls secured connection, on top of communication on web sockets performed. want check attributes contained in certificate used tls connection.

jetty used http communication, , protocol going run karaf component.

i tried dig layers deep possible. hoped find in websocketcomponentservlet. there servletupgraderequest @ least:

public class websocketcomponentservlet extends websocketservlet {     @override     public void configure(websocketservletfactory factory) {         factory.setcreator(new websocketcreator() {         @override         public object createwebsocket(servletupgraderequest req,    servletupgraderesponse resp)                          ...

i tried dig httpsession or servletupgraderequest, not able find certificate information there. if go down further, websocketcomponent, contains @ least sslcontextparameters. besides key store password, correctly set, fields empty. heading in right direction or entirely missing point here?

edit: guess need more specific. answer below (thank that) points usual way of deploying , configuring jetty. try access certicate data inside of tests. included source code:

public class wssproducerconsumertest extends cameltestsupport {     protected static final string test_message = "hello world!";     protected static final int port = availableportfinder.getnextavailable();     protected server server;     private process tpm2dclient = null;     private process tpm2dserver = null;     private process ttp = null;     private file socketserver;     private file socketclient;     protected list<object> messages;     private static string pwd = "password";      public void starttestserver() throws exception {         // start simple websocket echo service         server = new server(port);         connector connector = new serverconnector(server);         server.addconnector(connector);          servletcontexthandler ctx = new servletcontexthandler();         ctx.setcontextpath("/");         ctx.addservlet(testservletfactory.class.getname(), "/*");          server.sethandler(ctx);          server.start();         asserttrue(server.isstarted());           }      public void stoptestserver() throws exception {         server.stop();         server.destroy();     }      @override     public void setup() throws exception {          classloader classloader = getclass().getclassloader();         url truststoreurl = classloader.getresource("jsse/client-truststore.jks");         system.setproperty("javax.net.ssl.truststore", truststoreurl.getfile());         system.setproperty("javax.net.ssl.truststorepassword", "password");         starttestserver();         super.setup();     }      @override     public void teardown() throws exception {         super.teardown();         stoptestserver();     }      @test     public void testtworoutes() throws exception {         mockendpoint mock = getmockendpoint("mock:result");         mock.expectedbodiesreceived(test_message);          template.sendbody("direct:input", test_message);          mock.assertissatisfied();     }       private static sslcontextparameters defineclientsslcontextclientparameters() {          keystoreparameters ksp = new keystoreparameters();         ksp.setresource(thread.currentthread().getcontextclassloader().getresource("jsse/client-keystore.jks").tostring());         ksp.setpassword(pwd);          keymanagersparameters kmp = new keymanagersparameters();         kmp.setkeypassword(pwd);         kmp.setkeystore(ksp);          keystoreparameters tsp = new keystoreparameters();         tsp.setresource(thread.currentthread().getcontextclassloader().getresource("jsse/client-truststore.jks").tostring());          tsp.setpassword(pwd);          trustmanagersparameters tmp = new trustmanagersparameters();         tmp.setkeystore(tsp);          sslcontextserverparameters scsp = new sslcontextserverparameters();         //scsp.setclientauthentication(clientauthentication.require.name());         scsp.setclientauthentication(clientauthentication.none.name());          sslcontextparameters sslcontextparameters = new sslcontextparameters();         sslcontextparameters.setkeymanagers(kmp);         sslcontextparameters.settrustmanagers(tmp);         sslcontextparameters.setserverparameters(scsp);           return sslcontextparameters;     }      private static sslcontextparameters defineserversslcontextparameters() {         keystoreparameters ksp = new keystoreparameters();         ksp.setresource(thread.currentthread().getcontextclassloader().getresource("jsse/server-keystore.jks").tostring());         ksp.setpassword(pwd);          keymanagersparameters kmp = new keymanagersparameters();         kmp.setkeypassword(pwd);         kmp.setkeystore(ksp);          keystoreparameters tsp = new keystoreparameters();         tsp.setresource(thread.currentthread().getcontextclassloader().getresource("jsse/server-truststore.jks").tostring());         tsp.setpassword(pwd);          trustmanagersparameters tmp = new trustmanagersparameters();         tmp.setkeystore(tsp);          sslcontextserverparameters scsp = new sslcontextserverparameters();         //scsp.setclientauthentication(clientauthentication.require.name());         scsp.setclientauthentication(clientauthentication.none.name());          sslcontextparameters sslcontextparameters = new sslcontextparameters();         sslcontextparameters.setkeymanagers(kmp);         sslcontextparameters.settrustmanagers(tmp);         sslcontextparameters.setserverparameters(scsp);          return sslcontextparameters;     }      @override     protected routebuilder[] createroutebuilders() throws exception {         routebuilder[] rbs = new routebuilder[2];          // ips consumer         rbs[0] = new routebuilder() {             public void configure() {                  // needed configure tls on client side                 wscomponent wscomponent = (wscomponent) context.getcomponent("ipsclient");                 wscomponent.setsslcontextparameters(defineclientsslcontextclientparameters());                  from("direct:input").routeid("foo")                     .log(">>> message direct websocket client : ${body}")                     .to("ipsclient://localhost:9292/echo")                     .log(">>> message websocket client server: ${body}");                 }         };          // ips provider         rbs[1] = new routebuilder() {             public void configure() {                      // needed configure tls on server side                     websocketcomponent websocketcomponent = (websocketcomponent) context.getcomponent("ipsserver");                     websocketcomponent.setsslcontextparameters(defineserversslcontextparameters());                      // route set use tls, referring parameters set above                     from("ipsserver:localhost:9292/echo")                     .log(">>> message websocket server mock: ${body}")                     .to("mock:result");             }         };         return rbs;     } }

note: following answer work under following conditions

  1. the serverconnector has https/ssl/tls support.
  2. the serverconnector has appropriate httpconfiguration specifies traffic secure
  3. the serverconnector has securerequestcustomizer added httpconfiguration (this things such populating httpservletrequest attributes various servlet spec details secure connection)
  4. the request received on serverconnector
  5. you terminate ssl/tls @ jetty (if terminate ssl/tls before jetty, jetty not have access certificate information)

you have few options in org.eclipse.jetty.websocket.servlet.servletupgraderequest


-

Comments

Post a Comment

Popular posts from this blog

python - How to insert QWidgets in the middle of a Layout? -

Image
i'm using qt framework build graphical user interface. use qgridlayout position qwidgets neatly. gui looks this: my application regularly adds new widgets gui @ runtime. these new widgets not added @ end of qlayout, somewhere in middle. the procedure bit cumbersome. applied on figure above, need take out widg_c , widg_d , ... qgridlayout. next, add widg_x and widg_y , , put other widgets again. how remove widgets qgridlayout: for in reversed(range(mygridlayout.count())): self.itemat(i).widget().setparent(none) ### as long you're dealing small amount of widgets, procedure not disaster. in application display lot of small widgets - perhaps 50 or more! application freezes second while procedure ongoing, annoying user. there way insert widgets somewhere in qlayout, without need take out other widgets? edit: apparently solution qvboxlayout simple. use function insertwidget(..) instead of addwidget(..) . docs can found link: http://doc.qt.io/qt-5/qboxlayou
Read more

python - serve multiple gunicorn django instances under nginx ubuntu -

i need serve 2 webs apps (django) on gunicorn under different domain names using nginx on ubuntu. started using tutorial: https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04 it worked fine 1 using that. tried same thing second gives me 502 gateway second domain. tried following tutorial: http://michal.karzynski.pl/blog/2013/10/29/serving-multiple-django-applications-with-nginx-gunicorn-supervisor/ i'm @ part run gunicorn start script: sudo bin/gunicorn_start i response: starting webuildblack root traceback (most recent call last): file "/home/devin/webuildblack/bin/gunicorn", line 7, in <module> gunicorn.app.wsgiapp import run importerror: no module named 'gunicorn.app'; 'gunicorn' not package you have named program gunicorn.py gunicorn -package. rename file , remove gunicorn.pyc file.
Read more

module - Prestashop displayPaymentReturn hook url -

i new prestashop developer , trying create paymentmodule. have got show payment method can not proceed purchase because not know hot works. does know should redirect run hooddisplaypaymentreturn method? i happy if explain me complete navigation map make purchase. anyway, can find relation between hooks , pages? when have new module payment rely on simplest provided prestashop: bankwire. inside can find 3 hooks. hookpayment: public function hookpayment($params) { if (!$this->active) return; if (!$this->checkcurrency($params['cart'])) return; $this->smarty->assign(array( 'this_path' => $this->_path, 'this_path_bw' => $this->_path, 'this_path_ssl' => tools::getshopdomainssl(true, true).__ps_base_uri__.'modules/'.$this->name.'/' )); return $this->display(__file__, 'payment.tpl'); } hookdisplaypaymenteu: public fun
Read more