All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.github.jhipster.security.ssl.UndertowSSLConfiguration Maven / Gradle / Ivy

Go to download

Server-side library used by applications created with the JHipster generator, see https://www.jhipster.tech/ for more information on JHipster

There is a newer version: 3.9.1
Show newest version
/*
 * Copyright 2016-2018 the original author or authors from the JHipster project.
 *
 * This file is part of the JHipster project, see https://www.jhipster.tech/
 * for more information.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package io.github.jhipster.security.ssl;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.web.embedded.undertow.UndertowServletWebServerFactory;
import org.springframework.context.annotation.Configuration;

import io.github.jhipster.config.JHipsterProperties;
import io.undertow.UndertowOptions;

/**
 * SSL configuration for Undertow.
 * 

* SSL_USER_CIPHER_SUITES_ORDER : It will force the cipher suite defined by the user, * allowing to achieve perfect forward secrecy. * This can only be activated with HTTPS and a cipher suite defined by the user (server.ssl.ciphers). *

* Please note that when using JHipster, you can use the `server.ssl.ciphers` property that is commented out * in your `application-prod.yml` file, and which is ready to work with this configuration. * * @see * More explanation on perfect forward secrecy */ @Configuration @ConditionalOnClass({ UndertowServletWebServerFactory.class }) @ConditionalOnProperty({ "server.ssl.ciphers", "server.ssl.key-store" }) public class UndertowSSLConfiguration { private final UndertowServletWebServerFactory factory; private final JHipsterProperties jHipsterProperties; private final Logger log = LoggerFactory.getLogger(UndertowSSLConfiguration.class); public UndertowSSLConfiguration(UndertowServletWebServerFactory undertowServletWebServerFactory, JHipsterProperties jHipsterProperties) { this.factory = undertowServletWebServerFactory; this.jHipsterProperties = jHipsterProperties; configuringUserCipherSuiteOrder(); } private void configuringUserCipherSuiteOrder() { log.info("Configuring Undertow"); if (jHipsterProperties.getHttp().isUseUndertowUserCipherSuitesOrder()) { log.info("Setting user cipher suite order to true"); factory.addBuilderCustomizers(builder -> builder.setSocketOption(UndertowOptions .SSL_USER_CIPHER_SUITES_ORDER, Boolean.TRUE)); } } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy