jetty.xml revision 41b8a41890ba8f4574304c7ef42effe818413348
<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//
DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd">
<Configure class="org.eclipse.jetty.server.Server">
<!-- =========================================================== -->
<!-- Set connectors -->
<!-- =========================================================== -->
<!-- One of each type! -->
<!-- =========================================================== -->
<Set name="connectors">
<Array type="org.eclipse.jetty.server.Connector">
<Item>
<!-- Use this connector for many frequently idle connections
and for threadless continuations.
-->
<New class="org.eclipse.jetty.server.nio.SelectChannelConnector">
<Set name="host"><Property name="jetty.host" /></Set>
<Set name="port">8080</Set>
<Set name="maxIdleTime">300000</Set>
<Set name="Acceptors">2</Set>
<Set name="statsOn">false</Set>
<Set name="confidentialPort">8443</Set>
<Set name="lowResourcesConnections">20000</Set>
<Set name="lowResourcesMaxIdleTime">5000</Set>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Set name="Port">8443</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="keystoreType"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreType"/></Set>
<Set name="keystore"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreLocation"/></Set>
<Set name="password"><Get class="org.forgerock.openidm.jetty.Param" name="keystorePassword"/></Set>
<Set name="keyPassword"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreKeyPassword"/></Set>
<Set name="truststore"><Get class="org.forgerock.openidm.jetty.Param" name="truststoreLocation"/></Set>
<Set name="trustPassword"><Get class="org.forgerock.openidm.jetty.Param" name="truststorePassword"/></Set>
<Set name="wantClientAuth">true</Set>
<Set name="needClientAuth">false</Set>
</New>
</Item>
<!-- Port set up to require SSL mutual authentication only -->
<Item>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector" id="MutualAuthPort">
<Set name="Port">8444</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="keystoreType"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreType"/></Set>
<Set name="keystore"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreLocation"/></Set>
<Set name="password"><Get class="org.forgerock.openidm.jetty.Param" name="keystorePassword"/></Set>
<Set name="keyPassword"><Get class="org.forgerock.openidm.jetty.Param" name="keystoreKeyPassword"/></Set>
<Set name="truststore"><Get class="org.forgerock.openidm.jetty.Param" name="truststoreLocation"/></Set>
<Set name="trustPassword"><Get class="org.forgerock.openidm.jetty.Param" name="truststorePassword"/></Set>
<Set name="wantClientAuth">true</Set>
<Set name="needClientAuth">true</Set>
<Call class="org.forgerock.openidm.jetty.DisableOpenIDMAuth" name="add"><Arg><Ref id="MutualAuthPort"/></Arg></Call>
</New>
</Item>
</Array>
</Set>
<!-- =========================================================== -->
<!-- Configure Authentication Realms -->
<!-- Realms may be configured for the entire server here, or -->
<!-- they can be configured for a specific web app in a context -->
<!-- configuration. -->
<!-- =========================================================== -->
<Call name="addBean">
<Arg>
<New class="org.eclipse.jetty.security.HashLoginService">
<Set name="name">openidm2</Set>
<Set name="config"><SystemProperty name="jetty.home" default="."/>/security/realm.properties</Set>
<Set name="refreshInterval">0</Set>
</New>
</Arg>
</Call>
<Call name="addBean">
<Arg>
<New class="org.forgerock.openidm.jetty.jaas.OsgiJAASLoginService">
<Set name="Name">openidm</Set>
<Set name="LoginModuleName">repo</Set>
</New>
</Arg>
</Call>
</Configure>