Add support for `server.ssl.enabled` property

Fixes gh-2241
10 years ago · 4ad5c52dd7
parent f9c3baed33
commit 4ad5c52dd7
6 changed files with 46 additions and 12 deletions
--- a/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
+++ b/spring-boot-docs/src/main/asciidoc/appendix-application-properties.adoc
@ -58,6 +58,7 @@ content into your application; rather pick only the properties that you need.
 	server.context-parameters.*= # Servlet context init parameters, e.g. server.context-parameters.a=alpha
 	server.context-path= # the context path, defaults to '/'
 	server.servlet-path= # the servlet path, defaults to '/'
 	server.ssl.enabled=true # if SSL support is enabled
 	server.ssl.client-auth= # want or need
 	server.ssl.key-alias=
 	server.ssl.ciphers= # supported SSL ciphers
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/Ssl.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/Ssl.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -25,6 +25,11 @@ package org.springframework.boot.context.embedded;
 */
 public class Ssl {
 	/**
 	 * If SSL support is enabled.
 	 */
 	private boolean enabled = true;
 	/**
 	 * Whether client authentication is wanted ("want") or needed ("need"). Requires a
 	 * trust store.
@ -91,6 +96,14 @@ public class Ssl {
 	 */
 	private String protocol = "TLS";
 	public boolean isEnabled() {
 		return this.enabled;
 	}
 	public void setEnabled(boolean enabled) {
 		this.enabled = enabled;
 	}
 	public ClientAuth getClientAuth() {
 		return this.clientAuth;
 	}
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/jetty/JettyEmbeddedServletContainerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -121,7 +121,7 @@ public class JettyEmbeddedServletContainerFactory extends
 		configureWebAppContext(context, initializers);
 		server.setHandler(context);
 		this.logger.info("Server initialized with port: " + port);
-		if (getSsl() != null) {
+		if (getSsl() != null && getSsl().isEnabled()) {
 			SslContextFactory sslContextFactory = new SslContextFactory();
 			configureSsl(sslContextFactory, getSsl());
 			AbstractConnector connector = getSslServerConnectorFactory().getConnector(
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/tomcat/TomcatEmbeddedServletContainerFactory.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/tomcat/TomcatEmbeddedServletContainerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -240,7 +240,7 @@ public class TomcatEmbeddedServletContainerFactory extends
 		// prematurely...
 		connector.setProperty("bindOnInit", "false");
-		if (getSsl() != null) {
+		if (getSsl() != null && getSsl().isEnabled()) {
 			Assert.state(
 					connector.getProtocolHandler() instanceof AbstractHttp11JsseProtocol,
 					"To use SSL, the connector's protocol handler must be an "
--- a/spring-boot/src/main/java/org/springframework/boot/context/embedded/undertow/UndertowEmbeddedServletContainerFactory.java
+++ b/spring-boot/src/main/java/org/springframework/boot/context/embedded/undertow/UndertowEmbeddedServletContainerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -229,11 +229,11 @@ public class UndertowEmbeddedServletContainerFactory extends
 		if (this.directBuffers != null) {
 			builder.setDirectBuffers(this.directBuffers);
 		}
-		if (getSsl() == null) {
+		if (getSsl() != null && getSsl().isEnabled()) {
-			builder.addHttpListener(port, getListenAddress());
+			configureSsl(getSsl(), port, builder);
 		}
 		else {
-			configureSsl(port, builder);
+			builder.addHttpListener(port, getListenAddress());
 		}
 		for (UndertowBuilderCustomizer customizer : this.builderCustomizers) {
 			customizer.customize(builder);
@ -241,9 +241,8 @@ public class UndertowEmbeddedServletContainerFactory extends
 		return builder;
 	}
-	private void configureSsl(int port, Builder builder) {
+	private void configureSsl(Ssl ssl, int port, Builder builder) {
 		try {
 			Ssl ssl = getSsl();
 			SSLContext sslContext = SSLContext.getInstance(ssl.getProtocol());
 			sslContext.init(getKeyManagers(), getTrustManagers(), null);
 			builder.addHttpsListener(port, getListenAddress(), sslContext);
--- a/spring-boot/src/test/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactoryTests.java
+++ b/spring-boot/src/test/java/org/springframework/boot/context/embedded/AbstractEmbeddedServletContainerFactoryTests.java
@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2014 the original author or authors.
+ * Copyright 2012-2015 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@ -28,6 +28,7 @@ import java.util.Arrays;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
 import javax.net.ssl.SSLException;
 import javax.servlet.GenericServlet;
 import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
@ -314,6 +315,26 @@ public abstract class AbstractEmbeddedServletContainerFactoryTests {
 		testBasicSslWithKeyStore("src/test/resources/test.jks");
 	}
 	@Test
 	public void sslDisabled() throws Exception {
 		AbstractEmbeddedServletContainerFactory factory = getFactory();
 		Ssl ssl = getSsl(null, "password", "src/test/resources/test.jks");
 		ssl.setEnabled(false);
 		factory.setSsl(ssl);
 		this.container = factory.getEmbeddedServletContainer(new ServletRegistrationBean(
 				new ExampleServlet(true), "/hello"));
 		this.container.start();
 		SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
 				new SSLContextBuilder().loadTrustMaterial(null,
 						new TrustSelfSignedStrategy()).build());
 		HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory)
 				.build();
 		HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(
 				httpClient);
 		this.thrown.expect(SSLException.class);
 		getResponse(getLocalUrl("https", "/hello"), requestFactory);
 	}
 	@Test
 	public void sslGetScheme() throws Exception { // gh-2232
 		AbstractEmbeddedServletContainerFactory factory = getFactory();