Package org.jivesoftware.openfire.http
Class HttpBindManager
- java.lang.Object
-
- org.jivesoftware.openfire.http.HttpBindManager
-
- All Implemented Interfaces:
CertificateEventListener
public final class HttpBindManager extends Object implements CertificateEventListener
Responsible for making available BOSH (functionality to the outside world, using an embedded web server.
-
-
Field Summary
Fields Modifier and Type Field Description static SystemProperty<Set<String>>
HTTP_BIND_ALLOWED_ORIGINS
The domain names that are accepted as values for the CORS 'Origin' header in the BOSH endpoint.static SystemProperty<String>
HTTP_BIND_AUTH_PER_CLIENTCERT_POLICY
The TLS 'mutual authentication' policy that is applied to the BOSH endpoint.static SystemProperty<Boolean>
HTTP_BIND_CONTENT_SECURITY_POLICY_ENABLED
Enable / Disable adding a 'Content-Security-Policy' HTTP header to the response to requests made against the BOSH endpoint.static SystemProperty<String>
HTTP_BIND_CONTENT_SECURITY_POLICY_RESPONSEVALUE
The header value when adding a 'Content-Security-Policy' HTTP header to the response to requests made against the BOSH endpoint.static SystemProperty<Set<String>>
HTTP_BIND_CORS_ALLOW_HEADERS
The name of HTTP headers that are accepted in requests to the BOSH endpoint.static SystemProperty<Set<String>>
HTTP_BIND_CORS_ALLOW_METHODS
The HTTP methods that are accepted in the BOSH endpoint.static String
HTTP_BIND_CORS_ALLOW_ORIGIN_ALL
The Cross-Origin Resource Sharing (CORS) header value that represents the 'allow all orgins' state.static SystemProperty<Boolean>
HTTP_BIND_CORS_ENABLED
Enable / Disable support for Cross-Origin Resource Sharing (CORS) headers in the BOSH endpoint.static SystemProperty<Duration>
HTTP_BIND_CORS_MAX_AGE
How long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.static SystemProperty<Boolean>
HTTP_BIND_ENABLED
Enable / disable BOSH (HTTP Binding) functionality.static SystemProperty<Boolean>
HTTP_BIND_FORWARDED
Enable / Disable parsing a 'X-Forwarded-For' style HTTP header of BOSH requests.static SystemProperty<String>
HTTP_BIND_FORWARDED_FOR
The HTTP header name for 'forwarded for'static SystemProperty<String>
HTTP_BIND_FORWARDED_HOST
The HTTP header name for 'forwarded hosts'.static SystemProperty<String>
HTTP_BIND_FORWARDED_HOST_NAME
Sets a forced valued for the host header.static SystemProperty<String>
HTTP_BIND_FORWARDED_SERVER
The HTTP header name for 'forwarded server'.static SystemProperty<Integer>
HTTP_BIND_PORT
TCP port on which the non-encrypted (HTTP) BOSH endpoint is exposed.static SystemProperty<Integer>
HTTP_BIND_REQUEST_HEADER_SIZE
the maximum size in bytes of request headers in the BOSH endpoint.static SystemProperty<Integer>
HTTP_BIND_SECURE_PORT
TCP port on which the encrypted (HTTPS) BOSH endpoint is exposed.static SystemProperty<Integer>
HTTP_BIND_THREADS
Maximum amount of threads in the thread pool to perform the network IO related to BOSH traffic.static SystemProperty<Integer>
HTTP_BIND_THREADS_MIN
Minimum amount of threads in the thread pool to perform the network IO related to BOSH traffic.static SystemProperty<Duration>
HTTP_BIND_THREADS_TIMEOUT
Amount of time after which idle, surplus threads are removed from the thread pool to perform the network IO related to BOSH traffic.static SystemProperty<Boolean>
LOG_HTTPBIND_ENABLED
Enable / disable logging of BOSH requests and responses.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addJettyHandler(org.eclipse.jetty.server.Handler handler)
Adds a Jetty handler to be added to the embedded web server that is used to expose BOSH (HTTP-bind) functionality.protected org.eclipse.jetty.server.Handler
createBoshHandler()
Creates a Jetty context handler that can be used to expose BOSH (HTTP-Bind) functionality.protected org.eclipse.jetty.server.Handler
createStaticContentHandler()
Creates a Jetty context handler that can be used to expose static files.protected org.eclipse.jetty.server.Handler
createWebsocketHandler()
Creates a Jetty context handler that can be used to expose Websocket functionality.String
getHttpBindSecureAddress()
String
getHttpBindUnsecureAddress()
static HttpBindManager
getInstance()
String
getJavaScriptUrl()
HttpSessionManager
getSessionManager()
String
getWebsocketSecureAddress()
String
getWebsocketUnsecureAddress()
boolean
isAllOriginsAllowed()
boolean
isHttpBindActive()
Returns true if a listener on the HTTP binding port is running.boolean
isHttpBindEnabled()
Returns true if the HTTP binding server is currently enabled.boolean
isHttpsBindActive()
Returns true if a listener on the HTTPS binding port is running.boolean
isScriptSyntaxEnabled()
Returns true if script syntax is enabled.boolean
isThisOriginAllowed(String origin)
void
removeJettyHandler(org.eclipse.jetty.server.Handler handler)
Removes a Jetty handler to be added to the embedded web server that is used to expose BOSH (HTTP-bind) functionality.static void
restart(Object ignored)
Static reference forrestartServer()
that can be used as a listener of aSystemProperty
.void
setScriptSyntaxEnabled(boolean isEnabled)
Enables or disables script syntax.void
start()
void
stop()
void
storeContentChanged(CertificateStore store)
Event triggered when the content of a certificate store was changed.
-
-
-
Field Detail
-
LOG_HTTPBIND_ENABLED
public static final SystemProperty<Boolean> LOG_HTTPBIND_ENABLED
Enable / disable logging of BOSH requests and responses.
-
HTTP_BIND_ENABLED
public static final SystemProperty<Boolean> HTTP_BIND_ENABLED
Enable / disable BOSH (HTTP Binding) functionality.
-
HTTP_BIND_PORT
public static final SystemProperty<Integer> HTTP_BIND_PORT
TCP port on which the non-encrypted (HTTP) BOSH endpoint is exposed.
-
HTTP_BIND_SECURE_PORT
public static final SystemProperty<Integer> HTTP_BIND_SECURE_PORT
TCP port on which the encrypted (HTTPS) BOSH endpoint is exposed.
-
HTTP_BIND_THREADS_MIN
public static final SystemProperty<Integer> HTTP_BIND_THREADS_MIN
Minimum amount of threads in the thread pool to perform the network IO related to BOSH traffic. Note: Apart from the network-IO threads configured in this property, the server also uses a thread pool for processing the inbound data (as configured in (HttpSessionManager.MAX_POOL_SIZE
). BOSH installations expecting heavy loads may want to allocate additional threads to this worker pool to ensure timely processing of data
-
HTTP_BIND_THREADS
public static final SystemProperty<Integer> HTTP_BIND_THREADS
Maximum amount of threads in the thread pool to perform the network IO related to BOSH traffic. Note: Apart from the network-IO threads configured in this property, the server also uses a thread pool for processing the inbound data (as configured in (HttpSessionManager.MAX_POOL_SIZE
). BOSH installations expecting heavy loads may want to allocate additional threads to this worker pool to ensure timely processing of data
-
HTTP_BIND_THREADS_TIMEOUT
public static final SystemProperty<Duration> HTTP_BIND_THREADS_TIMEOUT
Amount of time after which idle, surplus threads are removed from the thread pool to perform the network IO related to BOSH traffic. Note: Apart from the network-IO threads configured in this property, the server also uses a thread pool for processing the inbound data (as configured in (HttpSessionManager.INACTIVITY_TIMEOUT
). BOSH installations expecting heavy loads may want to allocate additional threads to this worker pool to ensure timely processing of data
-
HTTP_BIND_AUTH_PER_CLIENTCERT_POLICY
public static final SystemProperty<String> HTTP_BIND_AUTH_PER_CLIENTCERT_POLICY
The TLS 'mutual authentication' policy that is applied to the BOSH endpoint.
-
HTTP_BIND_FORWARDED
public static final SystemProperty<Boolean> HTTP_BIND_FORWARDED
Enable / Disable parsing a 'X-Forwarded-For' style HTTP header of BOSH requests.
-
HTTP_BIND_FORWARDED_FOR
public static final SystemProperty<String> HTTP_BIND_FORWARDED_FOR
The HTTP header name for 'forwarded for'
-
HTTP_BIND_FORWARDED_SERVER
public static final SystemProperty<String> HTTP_BIND_FORWARDED_SERVER
The HTTP header name for 'forwarded server'.
-
HTTP_BIND_FORWARDED_HOST
public static final SystemProperty<String> HTTP_BIND_FORWARDED_HOST
The HTTP header name for 'forwarded hosts'.
-
HTTP_BIND_FORWARDED_HOST_NAME
public static final SystemProperty<String> HTTP_BIND_FORWARDED_HOST_NAME
Sets a forced valued for the host header.
-
HTTP_BIND_CORS_ENABLED
public static final SystemProperty<Boolean> HTTP_BIND_CORS_ENABLED
Enable / Disable support for Cross-Origin Resource Sharing (CORS) headers in the BOSH endpoint.
-
HTTP_BIND_CORS_ALLOW_ORIGIN_ALL
public static final String HTTP_BIND_CORS_ALLOW_ORIGIN_ALL
The Cross-Origin Resource Sharing (CORS) header value that represents the 'allow all orgins' state.- See Also:
- Constant Field Values
-
HTTP_BIND_ALLOWED_ORIGINS
public static final SystemProperty<Set<String>> HTTP_BIND_ALLOWED_ORIGINS
The domain names that are accepted as values for the CORS 'Origin' header in the BOSH endpoint.
-
HTTP_BIND_CONTENT_SECURITY_POLICY_ENABLED
public static final SystemProperty<Boolean> HTTP_BIND_CONTENT_SECURITY_POLICY_ENABLED
Enable / Disable adding a 'Content-Security-Policy' HTTP header to the response to requests made against the BOSH endpoint.
-
HTTP_BIND_CONTENT_SECURITY_POLICY_RESPONSEVALUE
public static final SystemProperty<String> HTTP_BIND_CONTENT_SECURITY_POLICY_RESPONSEVALUE
The header value when adding a 'Content-Security-Policy' HTTP header to the response to requests made against the BOSH endpoint.
-
HTTP_BIND_CORS_ALLOW_METHODS
public static final SystemProperty<Set<String>> HTTP_BIND_CORS_ALLOW_METHODS
The HTTP methods that are accepted in the BOSH endpoint.
-
HTTP_BIND_CORS_ALLOW_HEADERS
public static final SystemProperty<Set<String>> HTTP_BIND_CORS_ALLOW_HEADERS
The name of HTTP headers that are accepted in requests to the BOSH endpoint.
-
HTTP_BIND_CORS_MAX_AGE
public static final SystemProperty<Duration> HTTP_BIND_CORS_MAX_AGE
How long the results of a preflight request (that is the information contained in the Access-Control-Allow-Methods and Access-Control-Allow-Headers headers) can be cached.
-
HTTP_BIND_REQUEST_HEADER_SIZE
public static final SystemProperty<Integer> HTTP_BIND_REQUEST_HEADER_SIZE
the maximum size in bytes of request headers in the BOSH endpoint. Larger headers will allow for more and/or larger cookies plus larger form content encoded in a URL. However, larger headers consume more memory and can make a server more vulnerable to denial of service attacks.
-
-
Method Detail
-
getInstance
public static HttpBindManager getInstance()
-
start
public void start()
-
stop
public void stop()
-
getSessionManager
public HttpSessionManager getSessionManager()
-
isHttpBindEnabled
public boolean isHttpBindEnabled()
Returns true if the HTTP binding server is currently enabled.- Returns:
- true if the HTTP binding server is currently enabled.
-
isHttpBindActive
public boolean isHttpBindActive()
Returns true if a listener on the HTTP binding port is running.- Returns:
- true if a listener on the HTTP binding port is running.
-
isHttpsBindActive
public boolean isHttpsBindActive()
Returns true if a listener on the HTTPS binding port is running.- Returns:
- true if a listener on the HTTPS binding port is running.
-
getWebsocketUnsecureAddress
public String getWebsocketUnsecureAddress()
-
getWebsocketSecureAddress
public String getWebsocketSecureAddress()
-
getHttpBindUnsecureAddress
public String getHttpBindUnsecureAddress()
-
getHttpBindSecureAddress
public String getHttpBindSecureAddress()
-
getJavaScriptUrl
public String getJavaScriptUrl()
-
isAllOriginsAllowed
public boolean isAllOriginsAllowed()
-
isThisOriginAllowed
public boolean isThisOriginAllowed(String origin)
-
createBoshHandler
protected org.eclipse.jetty.server.Handler createBoshHandler()
Creates a Jetty context handler that can be used to expose BOSH (HTTP-Bind) functionality. Note that an invocation of this method will not register the handler (and thus make the related functionality available to the end user). Instead, the created handler is returned by this method, and will need to be registered with the embedded Jetty webserver by the caller.- Returns:
- A Jetty context handler (never null).
-
createWebsocketHandler
protected org.eclipse.jetty.server.Handler createWebsocketHandler()
Creates a Jetty context handler that can be used to expose Websocket functionality. Note that an invocation of this method will not register the handler (and thus make the related functionality available to the end user). Instead, the created handler is returned by this method, and will need to be registered with the embedded Jetty webserver by the caller.- Returns:
- A Jetty context handler (never null).
-
createStaticContentHandler
protected org.eclipse.jetty.server.Handler createStaticContentHandler()
Creates a Jetty context handler that can be used to expose static files. Note that an invocation of this method will not register the handler (and thus make the related functionality available to the end user). Instead, the created handler is returned by this method, and will need to be registered with the embedded Jetty webserver by the caller.- Returns:
- A Jetty context handler, or null when the static content could not be accessed.
-
addJettyHandler
public void addJettyHandler(org.eclipse.jetty.server.Handler handler)
Adds a Jetty handler to be added to the embedded web server that is used to expose BOSH (HTTP-bind) functionality.- Parameters:
handler
- The handler (cannot be null).
-
removeJettyHandler
public void removeJettyHandler(org.eclipse.jetty.server.Handler handler)
Removes a Jetty handler to be added to the embedded web server that is used to expose BOSH (HTTP-bind) functionality. Removing a handler, even when null, or non-existing, might have side-effects as introduced by the Jetty implementation. At the time of writing, Jetty will re- Parameters:
handler
- The handler (should not be null).
-
isScriptSyntaxEnabled
public boolean isScriptSyntaxEnabled()
Returns true if script syntax is enabled. Script syntax allows BOSH to be used in environments where clients may be restricted to using a particular server. Instead of using standard HTTP Post requests to transmit data, HTTP Get requests are used.- Returns:
- true if script syntax is enabled.
- See Also:
- BOSH: Alternative Script Syntax
-
setScriptSyntaxEnabled
public void setScriptSyntaxEnabled(boolean isEnabled)
Enables or disables script syntax.- Parameters:
isEnabled
- true to enable script syntax and false to disable it.- See Also:
isScriptSyntaxEnabled()
, BOSH: Alternative Script Syntax
-
restart
public static void restart(Object ignored)
Static reference forrestartServer()
that can be used as a listener of aSystemProperty
. The provided argument is ignored.
-
storeContentChanged
public void storeContentChanged(CertificateStore store)
Description copied from interface:CertificateEventListener
Event triggered when the content of a certificate store was changed.- Specified by:
storeContentChanged
in interfaceCertificateEventListener
- Parameters:
store
- The store for which the content was changed.
-
-