org.eclipse.jetty.server.ssl
类 SslSelectChannelConnector

java.lang.Object
  org.eclipse.jetty.util.component.AbstractLifeCycle
      org.eclipse.jetty.util.component.AggregateLifeCycle
          org.eclipse.jetty.server.AbstractConnector
              org.eclipse.jetty.server.nio.AbstractNIOConnector
                  org.eclipse.jetty.server.nio.SelectChannelConnector
                      org.eclipse.jetty.server.ssl.SslSelectChannelConnector

所有已实现的接口：

HttpBuffers, Connector, NIOConnector, SslConnector, Destroyable, Dumpable, LifeCycle

public class SslSelectChannelConnector
extends SelectChannelConnector
implements SslConnector

SslSelectChannelConnector.

嵌套类摘要

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的嵌套类/接口

AbstractLifeCycle.AbstractLifeCycleListener

从接口 org.eclipse.jetty.util.component.LifeCycle 继承的嵌套类/接口

LifeCycle.Listener

字段摘要

从类 org.eclipse.jetty.server.nio.SelectChannelConnector 继承的字段

_acceptChannel

从类 org.eclipse.jetty.server.AbstractConnector 继承的字段

_buffers, _lowResourceMaxIdleTime, _maxIdleTime, _soLingerTime

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的字段

_listeners, FAILED, RUNNING, STARTED, STARTING, STOPPED, STOPPING

从接口 org.eclipse.jetty.server.ssl.SslConnector 继承的字段

DEFAULT_KEYSTORE, DEFAULT_KEYSTORE_ALGORITHM, DEFAULT_TRUSTSTORE_ALGORITHM, KEYPASSWORD_PROPERTY, PASSWORD_PROPERTY

构造方法摘要

SslSelectChannelConnector()

SslSelectChannelConnector(SslContextFactory sslContextFactory)
Construct with explicit SslContextFactory.

方法摘要

protected SSLEngine	createSSLEngine(SocketChannel channel)
void	customize(EndPoint endpoint, Request request) Allow the Listener a chance to customise the request. before the server does its stuff.
protected void	doStart() Start the managed lifecycle beans in the order they were added.
protected void	doStop() Stop the joined lifecycle beans in the reverse order they were added.
String	getAlgorithm() 已过时。
String[]	getExcludeCipherSuites() 已过时。
String[]	getIncludeCipherSuites() 已过时。
String	getKeystore() 已过时。
String	getKeystoreType() 已过时。
boolean	getNeedClientAuth() 已过时。
String	getProtocol() 已过时。
String	getProvider() 已过时。
String	getSecureRandomAlgorithm() 已过时。
Buffers	getSslBuffers()
SSLContext	getSslContext() 已过时。
SslContextFactory	getSslContextFactory()
String	getSslKeyManagerFactoryAlgorithm() 已过时。
String	getSslTrustManagerFactoryAlgorithm() 已过时。
String	getTruststore() 已过时。
String	getTruststoreType() 已过时。
boolean	getWantClientAuth() 已过时。
boolean	isAllowRenegotiate() 已过时。
boolean	isConfidential(Request request) By default, we're confidential, given we speak SSL.
boolean	isIntegral(Request request) By default, we're integral, given we speak SSL.
protected AsyncConnection	newConnection(SocketChannel channel, AsyncEndPoint endpoint)
protected AsyncConnection	newPlainConnection(SocketChannel channel, AsyncEndPoint endPoint)
protected SslConnection	newSslConnection(AsyncEndPoint endpoint, SSLEngine engine)
void	setAlgorithm(String algorithm) 已过时。
void	setAllowRenegotiate(boolean allowRenegotiate) 已过时。
void	setExcludeCipherSuites(String[] cipherSuites) 已过时。
void	setIncludeCipherSuites(String[] cipherSuites) 已过时。
void	setKeyPassword(String password) 已过时。
void	setKeystore(String keystore) 已过时。
void	setKeystoreType(String keystoreType) 已过时。
void	setNeedClientAuth(boolean needClientAuth) 已过时。
void	setPassword(String password) 已过时。
void	setProtocol(String protocol) 已过时。
void	setProvider(String provider) 已过时。
void	setSecureRandomAlgorithm(String algorithm) 已过时。
void	setSslContext(SSLContext sslContext) 已过时。
void	setSslKeyManagerFactoryAlgorithm(String algorithm) 已过时。
void	setSslTrustManagerFactoryAlgorithm(String algorithm) 已过时。
void	setTrustPassword(String password) 已过时。
void	setTruststore(String truststore) 已过时。
void	setTruststoreType(String truststoreType) 已过时。
void	setWantClientAuth(boolean wantClientAuth) 已过时。

从类 org.eclipse.jetty.server.nio.SelectChannelConnector 继承的方法

accept, close, endPointClosed, getConnection, getLocalPort, getLowResourcesConnections, getLowResourcesMaxIdleTime, getSelectorManager, newEndPoint, open, persist, setLowResourcesConnections, setLowResourcesMaxIdleTime, setMaxIdleTime, setThreadPool

从类 org.eclipse.jetty.server.nio.AbstractNIOConnector 继承的方法

getUseDirectBuffers, setUseDirectBuffers

从类 org.eclipse.jetty.server.AbstractConnector 继承的方法

checkForwardedHeaders, configure, connectionClosed, connectionOpened, connectionUpgraded, getAcceptorPriorityOffset, getAcceptors, getAcceptQueueSize, getConfidentialPort, getConfidentialScheme, getConnections, getConnectionsDurationMax, getConnectionsDurationMean, getConnectionsDurationStdDev, getConnectionsDurationTotal, getConnectionsOpen, getConnectionsOpenMax, getConnectionsRequestsMax, getConnectionsRequestsMean, getConnectionsRequestsStdDev, getForwardedCipherSuiteHeader, getForwardedForHeader, getForwardedHostHeader, getForwardedProtoHeader, getForwardedServerHeader, getForwardedSslSessionIdHeader, getHost, getHostHeader, getIntegralPort, getIntegralScheme, getLeftMostFieldValue, getLowResourceMaxIdleTime, getMaxBuffers, getMaxIdleTime, getName, getPort, getRequestBuffers, getRequestBufferSize, getRequestBufferType, getRequestHeaderSize, getRequestHeaderType, getRequests, getResolveNames, getResponseBuffers, getResponseBufferSize, getResponseBufferType, getResponseHeaderSize, getResponseHeaderType, getReuseAddress, getServer, getSoLingerTime, getStatsOn, getStatsOnMs, getThreadPool, isForwarded, isLowResources, join, setAcceptorPriorityOffset, setAcceptors, setAcceptQueueSize, setConfidentialPort, setConfidentialScheme, setForwarded, setForwardedCipherSuiteHeader, setForwardedForHeader, setForwardedHostHeader, setForwardedProtoHeader, setForwardedServerHeader, setForwardedSslSessionIdHeader, setHost, setHostHeader, setIntegralPort, setIntegralScheme, setLowResourceMaxIdleTime, setMaxBuffers, setName, setPort, setRequestBuffers, setRequestBufferSize, setRequestHeaderSize, setResolveNames, setResponseBuffers, setResponseBufferSize, setResponseHeaderSize, setReuseAddress, setServer, setSoLingerTime, setStatsOn, statsReset, stopAccept, toString

从类 org.eclipse.jetty.util.component.AggregateLifeCycle 继承的方法

addBean, addBean, contains, destroy, dump, dump, dump, dump, dump, dumpObject, dumpStdErr, dumpThis, getBean, getBeans, getBeans, isManaged, manage, removeBean, removeBeans, unmanage

从类 org.eclipse.jetty.util.component.AbstractLifeCycle 继承的方法

addLifeCycleListener, getState, getState, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

从类 java.lang.Object 继承的方法

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

从接口 org.eclipse.jetty.server.Connector 继承的方法

close, getConfidentialPort, getConfidentialScheme, getConnection, getConnections, getConnectionsDurationMax, getConnectionsDurationMean, getConnectionsDurationStdDev, getConnectionsDurationTotal, getConnectionsOpen, getConnectionsOpenMax, getConnectionsRequestsMax, getConnectionsRequestsMean, getConnectionsRequestsStdDev, getHost, getIntegralPort, getIntegralScheme, getLocalPort, getLowResourceMaxIdleTime, getMaxIdleTime, getName, getPort, getRequestBuffers, getRequestBufferSize, getRequestHeaderSize, getRequests, getResolveNames, getResponseBuffers, getResponseBufferSize, getResponseHeaderSize, getServer, getStatsOn, getStatsOnMs, isLowResources, open, persist, setHost, setLowResourceMaxIdleTime, setMaxIdleTime, setPort, setRequestBufferSize, setRequestHeaderSize, setResponseBufferSize, setResponseHeaderSize, setServer, setStatsOn, statsReset

从接口 org.eclipse.jetty.util.component.LifeCycle 继承的方法

addLifeCycleListener, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop

从接口 org.eclipse.jetty.util.component.Dumpable 继承的方法

dump, dump

构造方法详细信息

SslSelectChannelConnector

public SslSelectChannelConnector()

SslSelectChannelConnector

public SslSelectChannelConnector(SslContextFactory sslContextFactory)

Construct with explicit SslContextFactory. The SslContextFactory passed is added via AggregateLifeCycle.addBean(Object) so that it's lifecycle may be managed with AggregateLifeCycle.

参数：

sslContextFactory -

方法详细信息

customize

public void customize(EndPoint endpoint,
                      Request request)
               throws IOException

Allow the Listener a chance to customise the request. before the server does its stuff.
This allows the required attributes to be set for SSL requests.
The requirements of the Servlet specs are:

• an attribute named "javax.servlet.request.ssl_session_id" of type String (since Servlet Spec 3.0).
• an attribute named "javax.servlet.request.cipher_suite" of type String.
• an attribute named "javax.servlet.request.key_size" of type Integer.
• an attribute named "javax.servlet.request.X509Certificate" of type java.security.cert.X509Certificate[]. This is an array of objects of type X509Certificate, the order of this array is defined as being in ascending order of trust. The first certificate in the chain is the one set by the client, the next is the one used to authenticate the first, and so on.

指定者：

接口 Connector 中的 customize

覆盖：

类 SelectChannelConnector 中的 customize

参数：

endpoint - The Socket the request arrived on. This should be a SocketEndPoint wrapping a SSLSocket.

request - HttpRequest to be customised.

抛出：

IOException

isAllowRenegotiate

@Deprecated
public boolean isAllowRenegotiate()

已过时。

指定者：

接口 SslConnector 中的 isAllowRenegotiate

返回：

True if SSL re-negotiation is allowed (default false)

setAllowRenegotiate

@Deprecated
public void setAllowRenegotiate(boolean allowRenegotiate)

已过时。

Set if SSL re-negotiation is allowed. CVE-2009-3555 discovered a vulnerability in SSL/TLS with re-negotiation. If your JVM does not have CVE-2009-3555 fixed, then re-negotiation should not be allowed. CVE-2009-3555 was fixed in Sun java 1.6 with a ban of renegotiate in u19 and with RFC5746 in u22.

指定者：

接口 SslConnector 中的 setAllowRenegotiate

参数：

allowRenegotiate - true if re-negotiation is allowed (default false)

getExcludeCipherSuites

@Deprecated
public String[] getExcludeCipherSuites()

已过时。

指定者：

接口 SslConnector 中的 getExcludeCipherSuites

返回：

The array of Ciphersuite names to exclude from SSLEngine.setEnabledCipherSuites(String[])

另请参见：

SslConnector.getExcludeCipherSuites()

setExcludeCipherSuites

@Deprecated
public void setExcludeCipherSuites(String[] cipherSuites)

已过时。

指定者：

接口 SslConnector 中的 setExcludeCipherSuites

参数：

cipherSuites - The array of Ciphersuite names to exclude from SSLEngine.setEnabledCipherSuites(String[])

另请参见：

SslConnector.setExcludeCipherSuites(java.lang.String[])

getIncludeCipherSuites

@Deprecated
public String[] getIncludeCipherSuites()

已过时。

指定者：

接口 SslConnector 中的 getIncludeCipherSuites

返回：

The array of Ciphersuite names to include in SSLEngine.setEnabledCipherSuites(String[])

另请参见：

SslConnector.getExcludeCipherSuites()

setIncludeCipherSuites

@Deprecated
public void setIncludeCipherSuites(String[] cipherSuites)

已过时。

指定者：

接口 SslConnector 中的 setIncludeCipherSuites

参数：

cipherSuites - The array of Ciphersuite names to include in SSLEngine.setEnabledCipherSuites(String[])

另请参见：

SslConnector.setExcludeCipherSuites(java.lang.String[])

setPassword

@Deprecated
public void setPassword(String password)

已过时。

指定者：

接口 SslConnector 中的 setPassword

参数：

password - The password for the key store

另请参见：

SslConnector.setPassword(java.lang.String)

setTrustPassword

@Deprecated
public void setTrustPassword(String password)

已过时。

指定者：

接口 SslConnector 中的 setTrustPassword

参数：

password - The password for the trust store

另请参见：

SslConnector.setTrustPassword(java.lang.String)

setKeyPassword

@Deprecated
public void setKeyPassword(String password)

已过时。

指定者：

接口 SslConnector 中的 setKeyPassword

参数：

password - The password (if any) for the specific key within the key store

另请参见：

SslConnector.setKeyPassword(java.lang.String)

getAlgorithm

@Deprecated
public String getAlgorithm()

已过时。

Unsupported. TODO: we should remove this as it is no longer an overridden method from SslConnector (like it was in the past)

setAlgorithm

@Deprecated
public void setAlgorithm(String algorithm)

已过时。

Unsupported. TODO: we should remove this as it is no longer an overridden method from SslConnector (like it was in the past)

getProtocol

@Deprecated
public String getProtocol()

已过时。

指定者：

接口 SslConnector 中的 getProtocol

返回：

The SSL protocol (default "TLS") passed to SSLContext.getInstance(String, String)

另请参见：

SslConnector.getProtocol()

setProtocol

@Deprecated
public void setProtocol(String protocol)

已过时。

指定者：

接口 SslConnector 中的 setProtocol

参数：

protocol - The SSL protocol (default "TLS") passed to SSLContext.getInstance(String, String)

另请参见：

SslConnector.setProtocol(java.lang.String)

setKeystore

@Deprecated
public void setKeystore(String keystore)

已过时。

指定者：

接口 SslConnector 中的 setKeystore

参数：

keystore - The file or URL of the SSL Key store.

另请参见：

SslConnector.setKeystore(java.lang.String)

getKeystore

@Deprecated
public String getKeystore()

已过时。

指定者：

接口 SslConnector 中的 getKeystore

返回：

The file or URL of the SSL Key store.

另请参见：

SslConnector.getKeystore()

getKeystoreType

@Deprecated
public String getKeystoreType()

已过时。

指定者：

接口 SslConnector 中的 getKeystoreType

返回：

The type of the key store (default "JKS")

另请参见：

SslConnector.getKeystoreType()

getNeedClientAuth

@Deprecated
public boolean getNeedClientAuth()

已过时。

指定者：

接口 SslConnector 中的 getNeedClientAuth

返回：

True if SSL needs client authentication.

另请参见：

SslConnector.getNeedClientAuth()

getWantClientAuth

@Deprecated
public boolean getWantClientAuth()

已过时。

指定者：

接口 SslConnector 中的 getWantClientAuth

返回：

True if SSL wants client authentication.

另请参见：

SslConnector.getWantClientAuth()

setNeedClientAuth

@Deprecated
public void setNeedClientAuth(boolean needClientAuth)

已过时。

指定者：

接口 SslConnector 中的 setNeedClientAuth

参数：

needClientAuth - True if SSL needs client authentication.

另请参见：

SslConnector.setNeedClientAuth(boolean)

setWantClientAuth

@Deprecated
public void setWantClientAuth(boolean wantClientAuth)

已过时。

指定者：

接口 SslConnector 中的 setWantClientAuth

参数：

wantClientAuth - True if SSL wants client authentication.

另请参见：

SslConnector.setWantClientAuth(boolean)

setKeystoreType

@Deprecated
public void setKeystoreType(String keystoreType)

已过时。

指定者：

接口 SslConnector 中的 setKeystoreType

参数：

keystoreType - The type of the key store (default "JKS")

另请参见：

SslConnector.setKeystoreType(java.lang.String)

getProvider

@Deprecated
public String getProvider()

已过时。

指定者：

接口 SslConnector 中的 getProvider

返回：

The SSL provider name, which if set is passed to SSLContext.getInstance(String, String)

另请参见：

SslConnector.getProvider()

getSecureRandomAlgorithm

@Deprecated
public String getSecureRandomAlgorithm()

已过时。

指定者：

接口 SslConnector 中的 getSecureRandomAlgorithm

返回：

The algorithm name, which if set is passed to SecureRandom.getInstance(String) to obtain the SecureRandom instance passed to SSLContext.init(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], SecureRandom)

另请参见：

SslConnector.getSecureRandomAlgorithm()

getSslKeyManagerFactoryAlgorithm

@Deprecated
public String getSslKeyManagerFactoryAlgorithm()

已过时。

指定者：

接口 SslConnector 中的 getSslKeyManagerFactoryAlgorithm

返回：

The algorithm name (default "SunX509") used by the KeyManagerFactory

另请参见：

SslConnector.getSslKeyManagerFactoryAlgorithm()

getSslTrustManagerFactoryAlgorithm

@Deprecated
public String getSslTrustManagerFactoryAlgorithm()

已过时。

指定者：

接口 SslConnector 中的 getSslTrustManagerFactoryAlgorithm

返回：

The algorithm name (default "SunX509") used by the TrustManagerFactory

另请参见：

SslConnector.getSslTrustManagerFactoryAlgorithm()

getTruststore

@Deprecated
public String getTruststore()

已过时。

指定者：

接口 SslConnector 中的 getTruststore

返回：

The file name or URL of the trust store location

另请参见：

SslConnector.getTruststore()

getTruststoreType

@Deprecated
public String getTruststoreType()

已过时。

指定者：

接口 SslConnector 中的 getTruststoreType

返回：

The type of the trust store (default "JKS")

另请参见：

SslConnector.getTruststoreType()

setProvider

@Deprecated
public void setProvider(String provider)

已过时。

指定者：

接口 SslConnector 中的 setProvider

参数：

provider - The SSL provider name, which if set is passed to SSLContext.getInstance(String, String)

另请参见：

SslConnector.setProvider(java.lang.String)

setSecureRandomAlgorithm

@Deprecated
public void setSecureRandomAlgorithm(String algorithm)

已过时。

指定者：

接口 SslConnector 中的 setSecureRandomAlgorithm

参数：

algorithm - The algorithm name, which if set is passed to SecureRandom.getInstance(String) to obtain the SecureRandom instance passed to SSLContext.init(javax.net.ssl.KeyManager[], javax.net.ssl.TrustManager[], SecureRandom)

另请参见：

SslConnector.setSecureRandomAlgorithm(java.lang.String)

setSslKeyManagerFactoryAlgorithm

@Deprecated
public void setSslKeyManagerFactoryAlgorithm(String algorithm)

已过时。

指定者：

接口 SslConnector 中的 setSslKeyManagerFactoryAlgorithm

参数：

algorithm - The algorithm name (default "SunX509") used by the KeyManagerFactory

另请参见：

SslConnector.setSslKeyManagerFactoryAlgorithm(java.lang.String)

setSslTrustManagerFactoryAlgorithm

@Deprecated
public void setSslTrustManagerFactoryAlgorithm(String algorithm)

已过时。

指定者：

接口 SslConnector 中的 setSslTrustManagerFactoryAlgorithm

参数：

algorithm - The algorithm name (default "SunX509") used by the TrustManagerFactory

另请参见：

SslConnector.setSslTrustManagerFactoryAlgorithm(java.lang.String)

setTruststore

@Deprecated
public void setTruststore(String truststore)

已过时。

指定者：

接口 SslConnector 中的 setTruststore

参数：

truststore - The file name or URL of the trust store location

另请参见：

SslConnector.setTruststore(java.lang.String)

setTruststoreType

@Deprecated
public void setTruststoreType(String truststoreType)

已过时。

指定者：

接口 SslConnector 中的 setTruststoreType

参数：

truststoreType - The type of the trust store (default "JKS")

另请参见：

SslConnector.setTruststoreType(java.lang.String)

setSslContext

@Deprecated
public void setSslContext(SSLContext sslContext)

已过时。

指定者：

接口 SslConnector 中的 setSslContext

参数：

sslContext - Set a preconfigured SSLContext

另请参见：

SslConnector.setSslContext(javax.net.ssl.SSLContext)

getSslContext

@Deprecated
public SSLContext getSslContext()

已过时。

指定者：

接口 SslConnector 中的 getSslContext

返回：

The SSLContext

另请参见：

SslConnector.setSslContext(javax.net.ssl.SSLContext)

getSslContextFactory

public SslContextFactory getSslContextFactory()

指定者：

接口 SslConnector 中的 getSslContextFactory

返回：

the instance of SslContextFactory associated with the connector

另请参见：

SslConnector.getSslContextFactory()

isConfidential

public boolean isConfidential(Request request)

By default, we're confidential, given we speak SSL. But, if we've been told about an confidential port, and said port is not our port, then we're not. This allows separation of listeners providing INTEGRAL versus CONFIDENTIAL constraints, such as one SSL listener configured to require client certs providing CONFIDENTIAL, whereas another SSL listener not requiring client certs providing mere INTEGRAL constraints.

指定者：

接口 Connector 中的 isConfidential

覆盖：

类 AbstractConnector 中的 isConfidential

参数：

request - A request

返回：

true if the request is confidential. This normally means the https schema has been used.

isIntegral

public boolean isIntegral(Request request)

By default, we're integral, given we speak SSL. But, if we've been told about an integral port, and said port is not our port, then we're not. This allows separation of listeners providing INTEGRAL versus CONFIDENTIAL constraints, such as one SSL listener configured to require client certs providing CONFIDENTIAL, whereas another SSL listener not requiring client certs providing mere INTEGRAL constraints.

指定者：

接口 Connector 中的 isIntegral

覆盖：

类 AbstractConnector 中的 isIntegral

参数：

request - A request

返回：

true if the request is integral. This normally means the https schema has been used.

newConnection

protected AsyncConnection newConnection(SocketChannel channel,
                                        AsyncEndPoint endpoint)

覆盖：

类 SelectChannelConnector 中的 newConnection

newPlainConnection

protected AsyncConnection newPlainConnection(SocketChannel channel,
                                             AsyncEndPoint endPoint)

newSslConnection

protected SslConnection newSslConnection(AsyncEndPoint endpoint,
                                         SSLEngine engine)

createSSLEngine

protected SSLEngine createSSLEngine(SocketChannel channel)
                             throws IOException

参数：

channel - A channel which if passed is used as to extract remote host and port for the purposes of SSL session caching

返回：

A SSLEngine for a new or cached SSL Session

抛出：

IOException - if the SSLEngine cannot be created

doStart

protected void doStart()
                throws Exception

从类 AggregateLifeCycle 复制的描述

Start the managed lifecycle beans in the order they were added.

覆盖：

类 SelectChannelConnector 中的 doStart

抛出：

Exception

另请参见：

SelectChannelConnector.doStart()

doStop

protected void doStop()
               throws Exception

从类 AggregateLifeCycle 复制的描述

Stop the joined lifecycle beans in the reverse order they were added.

覆盖：

类 AbstractConnector 中的 doStop

抛出：

Exception

另请参见：

AbstractConnector.doStop()

getSslBuffers

public Buffers getSslBuffers()

返回：

SSL buffers