Support HTTPS configuration sharing with embedded Tomcat

LabKey · Feb 19, 2024 · ade4c97 · ade4c97
1 parent 24d3443
commit ade4c97
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/server/embedded/src/org/labkey/embedded/LabKeyServer.java b/server/embedded/src/org/labkey/embedded/LabKeyServer.java
@@ -28,6 +28,7 @@ public class LabKeyServer
     private static final String JARS_TO_SCAN = "tomcat.util.scan.StandardJarScanFilter.jarsToScan";
     private static final String SERVER_GUID = "serverGUID";
     public static final String SERVER_GUID_PARAMETER_NAME = "org.labkey.mothership." + SERVER_GUID;
+    public static final String SERVER_SSL_KEYSTORE = "org.labkey.serverSslKeystore";
     static final String MAX_TOTAL_CONNECTIONS_DEFAULT = "50";
     static final String MAX_IDLE_DEFAULT = "10";
     static final String MAX_WAIT_MILLIS_DEFAULT = "120000";
@@ -76,6 +77,12 @@ public CSPFilterProperties cspSource()
         return new CSPFilterProperties();
     }
 
+    @Bean
+    public ServerSslProperties serverSslSource()
+    {
+        return new ServerSslProperties();
+    }
+
     @Bean
     public JsonAccessLog jsonAccessLog()
     {
@@ -610,4 +617,25 @@ public void setReport(String report)
         }
     }
 
+    /**
+     * Spring Boot doesn't propagate the keystore path into Tomcat's SSL config so we need to grab it and stash
+     * it for potential use via the Connectors module.
+     */
+    @Configuration
+    @ConfigurationProperties("server.ssl")
+    public static class ServerSslProperties
+    {
+        private String keyStore;
+
+        public String getKeyStore()
+        {
+            return keyStore;
+        }
+
+        public void setKeyStore(String keyStore)
+        {
+            this.keyStore = keyStore;
+        }
+    }
+
 }
diff --git a/server/embedded/src/org/labkey/embedded/LabKeyTomcatServletWebServerFactory.java b/server/embedded/src/org/labkey/embedded/LabKeyTomcatServletWebServerFactory.java
@@ -29,6 +29,7 @@
 import java.util.zip.ZipInputStream;
 
 import static org.labkey.embedded.LabKeyServer.SERVER_GUID_PARAMETER_NAME;
+import static org.labkey.embedded.LabKeyServer.SERVER_SSL_KEYSTORE;
 
 class LabKeyTomcatServletWebServerFactory extends TomcatServletWebServerFactory
 {
@@ -176,6 +177,12 @@ protected TomcatWebServer getTomcatWebServer(Tomcat tomcat)
                     context.addParameter(SERVER_GUID_PARAMETER_NAME, contextProperties.getServerGUID());
                 }
 
+                LabKeyServer.ServerSslProperties sslProps = _server.serverSslSource();
+                if (null != sslProps)
+                {
+                    context.addParameter(SERVER_SSL_KEYSTORE, sslProps.getKeyStore());
+                }
+
                 // Point at the special classloader with the hack for SLF4J
                 WebappLoader loader = new WebappLoader();
                 loader.setLoaderClass(LabKeySpringBootClassLoader.class.getName());