grizzly
  1. grizzly
  2. GRIZZLY-486

Allow SSLImplementation and Client WANT support when SSL enabled

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.8
    • Fix Version/s: 1.9.9
    • Component/s: http
    • Labels:
      None
    • Environment:

      Operating System: All
      Platform: All

    • Issuezilla Id:
      486

      Activity

      Hide
      bblfish added a comment -

      Jean Francois, I think the properties are being passed along to Grizzly. You can
      add the properties using either

      $ bin/asadmin create-system-properties
      com.sun.grizzly.ssl.sslImplementation=org.jsslutils.extra.grizzly.JSSLutilsImplementation

      (see mail: https://glassfish.dev.java.net/servlets/ReadMsg?list=dev&msgNo=11373 )
      (also see delete-system-property and list-system-properties)

      or

      $ bin/asadmin create-jvm-options
      -Dcom.sun.grizzly.ssl.sslImplementation=org.jsslutils.extra.grizzly.JSSLutilsImplementation

      (also see delete-jvm-options and list-jvm-options)
      (see mail: https://glassfish.dev.java.net/servlets/ReadMsg?list=dev&msgNo=11375 )

      Both of these seem to work. Putting a non existent class name throws an
      exception. So I think the jars are also picked up, because the constructor for
      the class is loaded. It is just that none of the other methods get called.

      Show
      bblfish added a comment - Jean Francois, I think the properties are being passed along to Grizzly. You can add the properties using either $ bin/asadmin create-system-properties com.sun.grizzly.ssl.sslImplementation=org.jsslutils.extra.grizzly.JSSLutilsImplementation (see mail: https://glassfish.dev.java.net/servlets/ReadMsg?list=dev&msgNo=11373 ) (also see delete-system-property and list-system-properties) or $ bin/asadmin create-jvm-options -Dcom.sun.grizzly.ssl.sslImplementation=org.jsslutils.extra.grizzly.JSSLutilsImplementation (also see delete-jvm-options and list-jvm-options) (see mail: https://glassfish.dev.java.net/servlets/ReadMsg?list=dev&msgNo=11375 ) Both of these seem to work. Putting a non existent class name throws an exception. So I think the jars are also picked up, because the constructor for the class is loaded. It is just that none of the other methods get called.
      Hide
      bblfish added a comment -

      I had a bit of fun debugging this, and so I found the following behavior that is
      a little suspicious. In com.sun.grizzly.http.SelectorThreadConfig

      When the following piece of code gets called

      if (System.getProperty(SSL_CONFIGURATION_SSLIMPL) != null) {
      SSLImplementation sslImplementation = (SSLImplementation)
      ClassLoaderUtil.load(System.getProperty(SSL_CONFIGURATION_SSLIMPL));
      if (selectorThread instanceof SSLSelectorThread)

      { ((SSLSelectorThread)selectorThread).setSSLImplementation(sslImplementation); }

      }

      The second if () { } is skipped, suggesting that the selectorThread is not an
      instance of SSLSelectorThread. I printed out the object and it is

      com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttp@c63fcb6

      which ideed does not implement SSLSelectorThread.

      Show
      bblfish added a comment - I had a bit of fun debugging this, and so I found the following behavior that is a little suspicious. In com.sun.grizzly.http.SelectorThreadConfig When the following piece of code gets called if (System.getProperty(SSL_CONFIGURATION_SSLIMPL) != null) { SSLImplementation sslImplementation = (SSLImplementation) ClassLoaderUtil.load(System.getProperty(SSL_CONFIGURATION_SSLIMPL)); if (selectorThread instanceof SSLSelectorThread) { ((SSLSelectorThread)selectorThread).setSSLImplementation(sslImplementation); } } The second if () { } is skipped, suggesting that the selectorThread is not an instance of SSLSelectorThread. I printed out the object and it is com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttp@c63fcb6 which ideed does not implement SSLSelectorThread.
      Hide
      bblfish added a comment -

      Well of course, there was not just one thread created but a couple in which the
      SelectorThreadConfig gets called.

      (
      https://grizzly.dev.java.net/svn/grizzly/tags/1_9_10/code/modules/http/src/main/java/com/sun/grizzly/http/SelectorThreadConfig.java
      revision 2762 )

      These are:

      • com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttp
      • com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttps

      But neither of them are accepted. GrizzlyEmbeddedHttps extends
      GrizzlyEmbeddedHttp . Now interesting question, ... why I am using an embedded
      https listener? Perhaps that is something I can change through some setting...

      Show
      bblfish added a comment - Well of course, there was not just one thread created but a couple in which the SelectorThreadConfig gets called. ( https://grizzly.dev.java.net/svn/grizzly/tags/1_9_10/code/modules/http/src/main/java/com/sun/grizzly/http/SelectorThreadConfig.java revision 2762 ) These are: com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttp com.sun.enterprise.v3.services.impl.GrizzlyEmbeddedHttps But neither of them are accepted. GrizzlyEmbeddedHttps extends GrizzlyEmbeddedHttp . Now interesting question, ... why I am using an embedded https listener? Perhaps that is something I can change through some setting...
      Hide
      jfarcand added a comment -

      I see. I still don't like the fact that I'm forced to use asadmin to create a _d
      property...but I will let the GF team decide. I will test using your class and
      see what I can find.

      Show
      jfarcand added a comment - I see. I still don't like the fact that I'm forced to use asadmin to create a _d property...but I will let the GF team decide. I will test using your class and see what I can find.
      Hide
      jfarcand added a comment -

      ah! In GF we aren't using SSLSelectorThread like you have found! So we need to
      implement the support directly in GF instead. I will close this issue and
      instead fix it directly in GF.

      Show
      jfarcand added a comment - ah! In GF we aren't using SSLSelectorThread like you have found! So we need to implement the support directly in GF instead. I will close this issue and instead fix it directly in GF.

        People

        • Assignee:
          jfarcand
          Reporter:
          jfarcand
        • Votes:
          0 Vote for this issue
          Watchers:
          1 Start watching this issue

          Dates

          • Created:
            Updated:
            Resolved: