diff --git a/jams-server/src/main/java/net/jami/jams/server/core/TomcatConnectorFactory.java b/jams-server/src/main/java/net/jami/jams/server/core/TomcatConnectorFactory.java
index 107408c3eb84ef807c8a5f01de191a288f58adad..ee9bbe8dcfc51be5e6c7e6f4479e147fa9e1fe8d 100644
--- a/jams-server/src/main/java/net/jami/jams/server/core/TomcatConnectorFactory.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/TomcatConnectorFactory.java
@@ -33,15 +33,11 @@ import java.nio.file.Paths;
public class TomcatConnectorFactory {
public static Connector getSSLConnectorWithTrustStore(String certificateFile, String keyFile, int port) {
+ log.info(System.getProperty("user.dir") + File.separator + "keystore.jks");
Connector connector = getSSLConnectorWithoutTrustStore(certificateFile, keyFile, port);
- if (Files.exists(Paths.get(System.getProperty("user.dir") + File.separator + "keystore.jks"))) {
- connector.setAttribute("truststoreFile", System.getProperty("user.dir") + File.separator + "keystore.jks");
- connector.setAttribute("clientAuth", "optional");
- connector.setAttribute("truststorePassword", "changeit");
- } else {
- log.error("Could not find a keystore for the SSL Connector - this is critical as client auth will not be available!");
- log.error("Proceeding to boot tomcat with just SSL parameters...");
- }
+ connector.setAttribute("truststoreFile", System.getProperty("user.dir") + File.separator + "keystore.jks");
+ connector.setAttribute("clientAuth", "optional");
+ connector.setAttribute("truststorePassword", "changeit");
return connector;
}
@@ -55,7 +51,7 @@ public class TomcatConnectorFactory {
connector.setAttribute("SSLCertificateFile", System.getProperty("user.dir") + File.separator + certificateFile);
connector.setAttribute("SSLCertificateKeyFile", System.getProperty("user.dir") + File.separator + keyFile);
connector.setAttribute("protocol", "HTTP/1.1");
- connector.setAttribute("sslProtocol", "TLSv1.3");
+ connector.setAttribute("sslProtocol", "TLS");
connector.setAttribute("maxThreads", "200");
connector.setAttribute("SSLEnabled", "true");
return connector;
diff --git a/jams-server/src/main/java/net/jami/jams/server/core/TomcatLauncher.java b/jams-server/src/main/java/net/jami/jams/server/core/TomcatLauncher.java
index 82e7a693b8558962221f07fa57a6473862310712..effbf826e066c8d329e13dce07a2d1d7ebba6e86 100644
--- a/jams-server/src/main/java/net/jami/jams/server/core/TomcatLauncher.java
+++ b/jams-server/src/main/java/net/jami/jams/server/core/TomcatLauncher.java
@@ -24,15 +24,20 @@ package net.jami.jams.server.core;
import lombok.extern.slf4j.Slf4j;
import org.apache.catalina.WebResourceRoot;
+import org.apache.catalina.connector.Connector;
import org.apache.catalina.core.StandardContext;
import org.apache.catalina.startup.Tomcat;
import org.apache.catalina.webresources.DirResourceSet;
import org.apache.catalina.webresources.JarResourceSet;
import org.apache.catalina.webresources.StandardRoot;
+import org.apache.coyote.http11.Http11NioProtocol;
+import org.apache.tomcat.util.descriptor.web.ErrorPage;
import java.awt.*;
import java.io.File;
import java.net.URI;
+import java.nio.file.Files;
+import java.nio.file.Paths;
//This class boots the tomcat server which provides the subsystem
@@ -40,10 +45,11 @@ import java.net.URI;
@Slf4j
public class TomcatLauncher {
- private Tomcat tomcat = null;
+ private Tomcat tomcat = new Tomcat();
+ private static Connector connector;
+ private static StandardContext context;
public TomcatLauncher(int port) {
- tomcat = new Tomcat();
tomcat.getService().addConnector(TomcatConnectorFactory.getNoSSLConnector(port));
this.startServer();
}
@@ -51,17 +57,25 @@ public class TomcatLauncher {
public TomcatLauncher(int port, String certificateFile, String keyFile) {
//If running in SSL mode, we need a trusts store in order to let clients authenticate.
//In this case this is a bit of a dirty hack...
- log.error("This functionality is not yet implemented!");
+
+ log.info(System.getProperty("user.dir") + File.separator + "keystore.jks");
+
+ if(Files.exists(Paths.get(System.getProperty("user.dir") + File.separator + "keystore.jks")))
+ tomcat.getService().addConnector(TomcatConnectorFactory.getSSLConnectorWithTrustStore(certificateFile, keyFile, port));
+ else{
+ connector = TomcatConnectorFactory.getSSLConnectorWithoutTrustStore(certificateFile, keyFile, port);
+ tomcat.getService().addConnector(connector);
+ }
+ this.startServer();
}
public void startServer() {
String jarName = System.getProperty("user.dir") + File.separator + "jams-server.jar";
log.info("JAR Resource File = " + jarName);
- StandardContext context = (StandardContext) tomcat.addWebapp("", new File(System.getProperty("user.dir")).getAbsolutePath());
- //Hack to prevent useless verbose messages.
+ context = (StandardContext) tomcat.addWebapp("", new File(System.getProperty("user.dir")).getAbsolutePath());
+ log.info("Serving application from: " + new File(System.getProperty("user.dir")).getAbsolutePath());
- context.getJarScanner().setJarScanFilter((jarScanType, s) -> false);
WebResourceRoot resources = new StandardRoot(context);
if (jarName.contains(".jar")) {
resources.addPreResources(new JarResourceSet(resources, "/WEB-INF/classes", jarName, "/net/jami/jams/server/servlets"));
@@ -80,18 +94,12 @@ public class TomcatLauncher {
}
context.setResources(resources);
//We always go to login by default.
- context.addWelcomeFile("web/login");
- try {
- tomcat.start();
- //Try to pop-up Web-UI
- if (Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
- Desktop.getDesktop().browse(new URI("https://localhost:8080"));
- }
- else log.info("There is no graphical interface on this system - please connect remotely!");
- } catch
- (Exception e) {
- log.error("Web-server has failed to start - this is critical, error {}",e.getMessage());
- }
+ context.addWelcomeFile("index");
+ ErrorPage errorPage = new ErrorPage();
+ errorPage.setErrorCode(404);
+ errorPage.setLocation("/index");
+ context.addErrorPage(errorPage);
+ try{tomcat.start();}catch (Exception e){ log.error("Could not start web-server!");}
}
public void stopTomcat(){
diff --git a/server.key b/server.key
new file mode 100644
index 0000000000000000000000000000000000000000..6cd1eba71265f1a899bc9329a73c501e10e6733a
--- /dev/null
+++ b/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC3YPxyascSByOp
+oLVs64yyFW3WY95bd6JgVWltDwGD/Q0ByzVCk4cxLZuNcxJoAuzUOB125X/LHh1F
+H44h9NRCR+2J7Lm4nRmeYfLsmKDz5pD+oT83YtwO38G+BVC2vA6Cehr1BVGMLtDc
+qctuoorKhkXFjL8ShblC/hHdn2yIGAtVrWazqSFsuxGBiXTcswq6H2j2BwYm3aLV
+p0kgAnRocg3GIqCKf6muTjqffG2dG8XHgcG1zI1bXKLMGXlqcE+bQ55rLNLYtZRV
+fdkJA9IsKPy3ZTh5xJvtWGVdrFMSpZDMvzFiM6Lzs+O3ui7V58zMppGCTZ9pltZZ
+67QI+KOtAgMBAAECggEASU9knPlDDFn+T9oHrbudS7R1bLgQNNDnAUwkEY1mNbX8
+dTMf37XK3kY1YZ8XRK2msFCetuGY7ULkwLWUxM5z7OuEcxdISB3GGCNgUmXSMq+C
+V8lu1F2ZS/j4I1dMpUEZK+BU1o+BwmEU7qKSyXABvGVhj1BtMqJzJe0ch1Ustlr4
+25353CAeVjRfNKyUY3yd34XBBWgi+bb1ULCJ1668iYfUq8PZDi9AW8Bb32wQ3B72
+vcYIVm2WmlCRJelCApEG2w1yDlsrG3dpYQzyoianiNv2lt1VhemD5ORKey5LitWV
+encgTrlA4C+6gQfQ5y1hXx8YEQUgIX74leHsDeisAQKBgQDmcH0woTrIQ4fGb//N
+5DMYRYRYlFNqTtSdzMN7kw3Rm4gaaoWusqZd3Kdl4ZshKhV7zDHG7uXdvmyDdVFZ
+vtTH2LRd6BkO6v+2dQ7voPQ3zVKPk6+H0yh4AkLpN8VHLunFDppvA5vn+59Juf1S
+m/qOVvpaHmNpzy9F9RummebXzQKBgQDLuCzL5j8wX6gt+tT+6LM2Q8shyD8iglgi
+le0Ag5HeXJ89WQdIvv0IfK0Wj670qjZ9mrp2eSTvyjSQTnjwu3IqYzsX59zgjSX9
+h7qe19QZyfi/WDNDVx9d2zbKZjomxLCdY4CAVq63M/OCnI1kt6M2rVLg23YKY8Yg
+fPEtP/dbYQKBgFLxaE4pqkPM8sD9LSDJo4537yQG92NLToIh4rbG/nFUvw9rCgUQ
+botYUbR9GN4+DI+Lttr4wCopUVubzZU099ea64jlcqeI9FOTHLYpw92V/MKLEOId
+ofJYNgdFuK9fdmskT3fn36UHT5U06bZjSDMVoXTwfS3nkgdnKvWzbYB9AoGAMQht
+T85lWyFK+3YqGgisSd1bYRAvkgDJcdmgJ8WDMIAem8d351yAzrAjgRCoTZ9Cakz5
+oFZcO5Lxv+IDXf3f5q/no0NdeHbAtBsdIepU1Lg2NOfnvseTdyWyNFkSmg4xbFBs
+t3clqlbIv6Eqrxk8IYbqMdDgwnNtVph7/CYvRUECgYEAtcL7Sontba0kg0p/v3Ce
+PajsbSSPcT0sUfMbxFo20OY/knq74uarUrlvWKkR4nbNG8jHzBCe3qg9eZXN51da
+GDRed44Um6PAy7itQh/Ak0qv1FsKhBvXQ6DMhoFeMQvbj9H/3w5JOCceAITHTw/O
+FeuOOnairNrVyJ0Dx2hGn+U=
+-----END PRIVATE KEY-----
diff --git a/server.pem b/server.pem
new file mode 100644
index 0000000000000000000000000000000000000000..90ad7c962367e23aa85aac73fdd2bb5b960e7a50
--- /dev/null
+++ b/server.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDlzCCAn+gAwIBAgIUS+MahayfvPw6t8UPeN8mmbo9rpswDQYJKoZIhvcNAQEL
+BQAwWzELMAkGA1UEBhMCQ0ExCjAIBgNVBAgMATExCjAIBgNVBAcMATExCjAIBgNV
+BAoMATExCjAIBgNVBAsMATExCjAIBgNVBAMMATExEDAOBgkqhkiG9w0BCQEWATEw
+HhcNMTkxMDI1MDAzNDA0WhcNMjAxMDI0MDAzNDA0WjBbMQswCQYDVQQGEwJDQTEK
+MAgGA1UECAwBMTEKMAgGA1UEBwwBMTEKMAgGA1UECgwBMTEKMAgGA1UECwwBMTEK
+MAgGA1UEAwwBMTEQMA4GCSqGSIb3DQEJARYBMTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALdg/HJqxxIHI6mgtWzrjLIVbdZj3lt3omBVaW0PAYP9DQHL
+NUKThzEtm41zEmgC7NQ4HXblf8seHUUfjiH01EJH7YnsubidGZ5h8uyYoPPmkP6h
+Pzdi3A7fwb4FULa8DoJ6GvUFUYwu0Nypy26iisqGRcWMvxKFuUL+Ed2fbIgYC1Wt
+ZrOpIWy7EYGJdNyzCrofaPYHBibdotWnSSACdGhyDcYioIp/qa5OOp98bZ0bxceB
+wbXMjVtcoswZeWpwT5tDnmss0ti1lFV92QkD0iwo/LdlOHnEm+1YZV2sUxKlkMy/
+MWIzovOz47e6LtXnzMymkYJNn2mW1lnrtAj4o60CAwEAAaNTMFEwHQYDVR0OBBYE
+FHYVoTymVeBDFSU+OkpojP8aiScLMB8GA1UdIwQYMBaAFHYVoTymVeBDFSU+Okpo
+jP8aiScLMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAEvuNCKx
+VqZlQbpwESZIP7Q4KtZ2v0B9yF4LvE/UOdcklcHymkdxhqFKnxEt0UkRH/E9VQdU
+1cVbxf+fvX+h7HaOKJIldwCIxb+FnEWU78Z3OvFAVZsfsZ8A0ouyixnP7UdZ/3Dn
+UJAdrbRHk/yWWb6GcNopusi1rZ6GYGJfjhUH+TLcm9Plfcs9E3zS1ETlmt5yT1PN
+QUPfHTEyjYkWEVhBeKBcfDVmsKIcrMlBoNhxApC/AwIZQYBY0PeGkZKHMYyXt6JL
+qB/z0VJye2Co02sdJjSVbkUkyEmHP4mnD1lb1Oe+qeYmNutsK5llmzCUi+YBhzP7
+yxyhJjHf157BmCs=
+-----END CERTIFICATE-----
diff --git a/webapp/index.php b/webapp/index.php
new file mode 100644
index 0000000000000000000000000000000000000000..c37615a1e2b655936681e31d1c0aad0bda6164a6
--- /dev/null
+++ b/webapp/index.php
@@ -0,0 +1,4 @@
+<?php
+
+phpinfo();
+?>