javaxt-project
diff --git a/‎src/javaxt/http/Server.java
Lines changed: 40 additions & 35 deletions b/‎src/javaxt/http/Server.java
Lines changed: 40 additions & 35 deletions
diff --git a/‎src/javaxt/http/TODOs.txt
Lines changed: 10 additions & 2 deletions b/‎src/javaxt/http/TODOs.txt
Lines changed: 10 additions & 2 deletions
diff --git a/‎src/javaxt/http/servlet/HttpServlet.java
Lines changed: 25 additions & 50 deletions b/‎src/javaxt/http/servlet/HttpServlet.java
Lines changed: 25 additions & 50 deletions
@@ -204,42 +204,47 @@ public void run() {
       //Create a new SocketListener for each port/address
         for (InetSocketAddress address : addresses){
             String hostName = address.getHostName();
-            
-            HttpConnectionFactory http1 = new HttpConnectionFactory(httpConfig);            
-            //HTTP2ServerConnectionFactory http2 = new HTTP2ServerConnectionFactory(httpConfig);
-            //HTTP2ServerConnectionFactory http2c = new HTTP2ServerConnectionFactory(httpConfig);
-            
-            
-          //Create server connector
-            ServerConnector http;
-            javax.net.ssl.SSLContext sslContext = servlet.getSSLContext();
-            if (sslContext!=null){
-                SslContextFactory sslContextFactory = new SslContextFactory();
-                sslContextFactory.setExcludeCipherSuites( //For TLSv1 and TLSv1.1
-                    "SSL_RSA_WITH_DES_CBC_SHA",
-                    "SSL_DHE_RSA_WITH_DES_CBC_SHA",
-                    "SSL_DHE_DSS_WITH_DES_CBC_SHA",
-                    "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
-                    "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
-                    "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
-                    "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
-                );
-                sslContextFactory.setSslContext(sslContext); 
-                _SslConnectionFactory ssl = new _SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
-                HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
-                http = new ServerConnector(server, ssl, new HttpConnectionFactory(httpsConfig));
-            }      
-            else{
-                http = new ServerConnector(server, http1); // new ServerConnector(server, http1, http2, http2c)
+            try{
+                
+                HttpConnectionFactory http1 = new HttpConnectionFactory(httpConfig);            
+                //HTTP2ServerConnectionFactory http2 = new HTTP2ServerConnectionFactory(httpConfig);
+                //HTTP2ServerConnectionFactory http2c = new HTTP2ServerConnectionFactory(httpConfig);
+
+
+              //Create server connector
+                ServerConnector http;
+                javax.net.ssl.SSLContext sslContext = servlet.getSSLContext();
+                if (sslContext!=null){
+                    SslContextFactory sslContextFactory = new SslContextFactory();
+                    sslContextFactory.setExcludeCipherSuites( //For TLSv1 and TLSv1.1
+                        "SSL_RSA_WITH_DES_CBC_SHA",
+                        "SSL_DHE_RSA_WITH_DES_CBC_SHA",
+                        "SSL_DHE_DSS_WITH_DES_CBC_SHA",
+                        "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
+                        "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
+                        "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
+                        "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"
+                    );
+                    sslContextFactory.setSslContext(sslContext); 
+                    _SslConnectionFactory ssl = new _SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString());
+                    HttpConfiguration httpsConfig = new HttpConfiguration(httpConfig);
+                    http = new ServerConnector(server, ssl, new HttpConnectionFactory(httpsConfig));
+                }      
+                else{
+                    http = new ServerConnector(server, http1); // new ServerConnector(server, http1, http2, http2c)
+                }
+
+
+                http.setHost(hostName);
+                http.setPort(address.getPort());
+                http.setIdleTimeout(30000);
+                server.addConnector(http);
+
+                System.out.print("Accepting connections on " + hostName + ":" + address.getPort() + "\r\n");
+            }
+            catch(Exception e){
+                e.printStackTrace();
             }
-          
-            
-            http.setHost(hostName);
-            http.setPort(address.getPort());        
-            http.setIdleTimeout(30000);
-            server.addConnector(http);  
-            
-            System.out.print("Accepting connections on " + hostName + ":" + address.getPort() + "\r\n");
         }
 
 
 
@@ -1,7 +1,8 @@
 How to handle:
-- Sessions
+- Session
 - Cookies
 - Range requests
+- DoS Filter
 
 
 Changes to the Jetty source:
@@ -41,4 +42,11 @@ To circumvent this issue, I added a try/catch block in the org.eclipse.jetty.ser
     Commented out unused import for org.eclipse.jetty.server.handler.RequestLogHandler;
 
 (4) org.eclipse.jetty.util.log.Log
-    Made the getMutableLoggers() method public so I can replace/update loggers assigned at startup.
+    Made the getMutableLoggers() method public so I can replace/update loggers assigned at startup.
+    
+    
+  
+    
+ Bugs:
+    - HttpServletResponse.sendRedirect will cause the server to hang and log file to fill up. 
+    As a workaround the caller must return immediately after calling sendRedirect.
@@ -28,17 +28,13 @@
 public abstract class HttpServlet {
 
     private Authenticator authenticator;
-    private KeyStore keystore;
-    private KeyStore truststore;
-    private KeyManagerFactory kmf;
-    private TrustManagerFactory tmf;
+    private javax.net.ssl.KeyManager[] kms;
+    private javax.net.ssl.TrustManager[] tms;
     private String sslProvider;
     private ServletContext servletContext;
     private SessionDataStore sessionStore;
     private RequestHandler handler;
 
-  //This variable are used in the HttpServletRequest class.
-    //protected String servletPath = "";
 
 
   //**************************************************************************
@@ -125,25 +121,21 @@ protected Authenticator getAuthenticator(HttpServletRequest request){
   //**************************************************************************
   //** setKeyStore
   //**************************************************************************
-  /** Used to set the KeyStore and initialize the KeyManagerFactory. The
-   *  KeyStore is used to store keys and certificates for SSL.
+  /** Used to specify a KeyStore. The KeyStore is used to store keys and 
+   *  certificates for SSL.
    */
     public void setKeyStore(KeyStore keystore, String passphrase) throws Exception {
-
-      //Update class variable
-        this.keystore = keystore;
-
-      //Initialize the KeyManagerFactory
-        kmf = KeyManagerFactory.getInstance("SunX509");
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
         kmf.init(keystore, passphrase.toCharArray());
+        kms = kmf.getKeyManagers();
     }
 
 
   //**************************************************************************
   //** setKeyStore
   //**************************************************************************
-  /** Used to set the KeyStore and initialize the KeyManagerFactory. The
-   *  KeyStore is used to store keys and certificates for SSL.
+  /** Used to specify a KeyStore. The KeyStore is used to store keys and 
+   *  certificates for SSL.
    */
     public void setKeyStore(java.io.File keyStoreFile, String passphrase) throws Exception {
         char[] pw = passphrase.toCharArray();
@@ -154,12 +146,16 @@ public void setKeyStore(java.io.File keyStoreFile, String passphrase) throws Exc
 
 
   //**************************************************************************
-  //** getKeyStore
+  //** setKeyManager
   //**************************************************************************
-  /** Returns the the KeyStore associated with this Servlet.
+  /** Used to specify a KeyManager. The KeyManager is responsible for managing 
+   *  keys and certificates found in a KeyStore. Typically, you are not 
+   *  required to specify a KeyManager. Instead, a KeyManager is selected when
+   *  you call the setKeyStore method. This method is intended for users who 
+   *  require more fine grained control over the SSLEngine. 
    */
-    public KeyStore getKeyStore(){
-        return keystore;
+    public void setKeyManager(javax.net.ssl.KeyManager keyManager) throws Exception {
+        kms = new javax.net.ssl.KeyManager[]{keyManager};
     }
 
 
@@ -170,13 +166,9 @@ public KeyStore getKeyStore(){
    *  TrustStore is used to store public keys and certificates for SSL.
    */
     public void setTrustStore(KeyStore truststore) throws Exception {
-
-      //Update class variable
-        this.truststore = truststore;
-
-      //Initialize the TrustManagerFactory
-        tmf = TrustManagerFactory.getInstance("SunX509");
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
         tmf.init(truststore);
+        tms = tmf.getTrustManagers();
     }
 
 
@@ -194,16 +186,6 @@ public void setTrustStore(java.io.File trustStoreFile, String passphrase) throws
     }
 
 
-  //**************************************************************************
-  //** getTrustStore
-  //**************************************************************************
-  /** Returns the the TrustStore associated with this Servlet.
-   */
-    public KeyStore getTrustStore(){
-        return truststore;
-    }
-
-
   //**************************************************************************
   //** setSSLProvider
   //**************************************************************************
@@ -229,12 +211,12 @@ public void setSSLProvider(String provider){
 
 
   //**************************************************************************
-  //** SSLContext
+  //** getSSLContext
   //**************************************************************************
-  /** Used to instantiate an SSLEngine used to decrypt SSL/TLS messages.
+  /** Used to instantiate an SSLContext which, in turn is used by an SSLEngine 
+   *  decrypt SSL/TLS messages.
    */
-    public SSLContext getSSLContext() {
-
+    public SSLContext getSSLContext() throws ServletException {
 
         /*//Debug use only!
         java.security.Provider provider = new SSLProvider();
@@ -243,23 +225,16 @@ public SSLContext getSSLContext() {
         */
 
 
-        javax.net.ssl.KeyManager[] km = null;
-        javax.net.ssl.TrustManager[] tm = null;
-
-        if (kmf!=null) km = kmf.getKeyManagers();
-        if (tmf!=null) tm = tmf.getTrustManagers();
-
-
         SSLContext sslContext = null;
         try{
             if (sslProvider==null) sslContext = SSLContext.getInstance("TLS");
             else sslContext = SSLContext.getInstance("TLS", sslProvider);
-            sslContext.init(km, tm, null);
+            sslContext.init(kms, tms, null);
         }
         catch(Exception e){
-            ServletException se = new ServletException("Failed to instantiate SSLEngine.");
+            ServletException se = new ServletException("Failed to initialize SSLContext.");
             se.initCause(e);
-            //throw se;
+            throw se;
         }
 
         return sslContext;