Split session validity context between "www" and "secure"

[gigi.git] / src / org / cacert / gigi / Launcher.java

diff --git a/src/org/cacert/gigi/Launcher.java b/src/org/cacert/gigi/Launcher.java
index 6eb5976a6698e504aa3e249714821bfe3186e0df..f34a05e504a25178e3f9571b2887f83e535548d1 100644 (file)
--- a/src/org/cacert/gigi/Launcher.java
+++ b/src/org/cacert/gigi/Launcher.java
@@ -31,6 +31,7 @@ import org.eclipse.jetty.server.handler.ContextHandler;
 import org.eclipse.jetty.server.handler.HandlerList;
 import org.eclipse.jetty.server.handler.HandlerWrapper;
 import org.eclipse.jetty.server.handler.ResourceHandler;
+import org.eclipse.jetty.servlet.ErrorPageErrorHandler;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.util.log.Log;
@@ -57,7 +58,7 @@ public class Launcher {
                s.setConnectors(new Connector[] { connector });
 
                HandlerList hl = new HandlerList();
-               hl.setHandlers(new Handler[] { generateStaticContext(), generateGigiContext(conf.getMainProps()),
+               hl.setHandlers(new Handler[] { generateStaticContext(), generateGigiContexts(conf.getMainProps()),
                                generateAPIContext() });
                s.setHandler(hl);
                s.start();
@@ -73,7 +74,8 @@ public class Launcher {
                IOException {
                final SslContextFactory sslContextFactory = generateSSLContextFactory(conf, "www");
                final SslContextFactory secureContextFactory = generateSSLContextFactory(conf, "secure");
-               secureContextFactory.setNeedClientAuth(true);
+               secureContextFactory.setWantClientAuth(true);
+               secureContextFactory.setNeedClientAuth(false);
                final SslContextFactory staticContextFactory = generateSSLContextFactory(conf, "static");
                final SslContextFactory apiContextFactory = generateSSLContextFactory(conf, "api");
                try {
@@ -121,7 +123,20 @@ public class Launcher {
                };
        }
 
-       private static ContextHandler generateGigiContext(Properties conf) {
+       private static Handler generateGigiContexts(Properties conf) {
+               ServletHolder webAppServlet = new ServletHolder(new Gigi(conf));
+
+               ContextHandler ch = generateGigiServletContext(webAppServlet);
+               ch.setVirtualHosts(new String[] { ServerConstants.getWwwHostName() });
+               ContextHandler chSecure = generateGigiServletContext(webAppServlet);
+               chSecure.setVirtualHosts(new String[] { ServerConstants.getSecureHostName() });
+
+               HandlerList hl = new HandlerList();
+               hl.setHandlers(new Handler[] { ch, chSecure });
+               return hl;
+       }
+
+       private static ContextHandler generateGigiServletContext(ServletHolder webAppServlet) {
                final ResourceHandler rh = new ResourceHandler();
                rh.setResourceBase("static/www");
 
@@ -130,15 +145,16 @@ public class Launcher {
 
                ServletContextHandler servlet = new ServletContextHandler(ServletContextHandler.SESSIONS);
                servlet.setInitParameter(SessionManager.__SessionCookieProperty, "CACert-Session");
-               servlet.addServlet(new ServletHolder(new Gigi(conf)), "/*");
+               servlet.addServlet(webAppServlet, "/*");
+               ErrorPageErrorHandler epeh = new ErrorPageErrorHandler();
+               epeh.addErrorPage(404, "/error");
+               servlet.setErrorHandler(epeh);
 
                HandlerList hl = new HandlerList();
                hl.setHandlers(new Handler[] { hw, servlet });
 
                ContextHandler ch = new ContextHandler();
-               ch.setVirtualHosts(new String[] { ServerConstants.getWwwHostName(), ServerConstants.getSecureHostName() });
                ch.setHandler(hl);
-
                return ch;
        }