Enhancement for Jetty SslSocket

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Enhancement for Jetty SslSocket

Jiang, Tony

Hello,

 

To compare with Tomcat, Jetty doesn’t support cipher suites through the configuration file of Jetty.xml.

 

I enhanced the source code of org.mortbay.http.SslListener in our project. But I don’t know how to contribute back to the community. It is a minor enhancement. After the enhancement, you can set the cipher suites thru the configuration file and force the SslListener to use the specific cipher suites to level the higher standard of security.

 

Hereunder is an example of the configuration file snippet.  

 

My question is how I can contribute back the enhancement to the community. The procedure on the website or Readme is not so clear.

 

Thanks,

 

Tony Jiang

Software Developer, Avocent Mobile Solutions

Direct: 403.355.2598

Company: 403.269.2540

TOLL FREE: 866.602.2002

Email:  [hidden email]

Address: Avocent Corp. 202-110, 12th Avenue S.W., Calgary Alberta, Canada T2R 0G7

 

 

  <!-- =============================================================== -->

  <!-- Configure the Request Listeners                                 -->

  <!-- =============================================================== -->

  <Call name="addListener">

    <Arg>

      <New class="org.mortbay.http.SslListener ">

        <Set name="Port">443</Set>

        <Set name="PoolName">P1</Set>

        <Set name="MinThreads">20</Set>

        <Set name="MaxThreads">200</Set>

        <Set name="MaxIdleTimeMs">60000</Set>

        <Set name="lowResources">30</Set>

        <Set name="LowResourcePersistTimeMs">2000</Set>

 

        <Set name="Keystore"><SystemProperty name="jetty.home" default="."/>/config/demokeystore</Set>

        <Set name="Password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>

        <Set name="KeyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g</Set>

 

        <Set name="HttpHandler">

           <New class="org.mortbay.http.handler.MsieSslHandler">

            <Set name="UserAgentSubString">MSIE 5</Set>

            </New>

       </Set>

       

       <Set name="CipherSuites">

         <Array type ="java.lang.String">       

             <Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>

             <Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</Item>

             <Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</Item>

         </Array>

       </Set>

      </New>

    </Arg>

  </Call>