Jump to: navigation, search

Difference between revisions of "Jetty/Feature/NPN"

< Jetty‎ | Feature
Line 4: Line 4:
 
The Jetty project provides an implementation of the [http://technotes.googlecode.com/git/nextprotoneg.html Next Protocol Negotiation TLS Extension] (NPN) for OpenJDK 7 or greater.
 
The Jetty project provides an implementation of the [http://technotes.googlecode.com/git/nextprotoneg.html Next Protocol Negotiation TLS Extension] (NPN) for OpenJDK 7 or greater.
  
The NPN implementation, although hosted under the umbrella of the Jetty project, is independent of Jetty (the Servlet Container), and can be reused in any other Java network server.
+
Jetty's NPN implementation, although hosted under the umbrella of the Jetty project, is independent of Jetty (the Servlet Container), and can be reused in any other Java network server.
  
 
| body =
 
| body =
  
==Usage==
+
==JVM Startup Usage==
  
 
In order to enable NPN support, you need to start the JVM with:
 
In order to enable NPN support, you need to start the JVM with:
Line 16: Line 16:
 
</source>
 
</source>
  
where <code>path_to_npn_boot_jar</code> is the path on file system for the NPN Boot jar file, for example one at the following Maven coordinates [org.mortbay.jetty.npn:npn-boot http://repo2.maven.org/maven2/org/mortbay/jetty/npn/npn-boot].
+
where <code>path_to_npn_boot_jar</code> is the path on file system for the NPN Boot jar file, for example one at the following Maven coordinates [http://repo2.maven.org/maven2/org/mortbay/jetty/npn/npn-boot org.mortbay.jetty.npn:npn-boot].
 +
 
 +
==API Usage==
 +
 
 +
Applications needs to interact with the negotiation of the next protocol performed by the NPN TLS extension. For example, server applications need to know whether the client supports NPN, and client applications needs to know the list of protocols supported by the server, and so on.
 +
 
 +
In order to provide this interaction, Jetty's NPN implementation provides an API to applications, hosted at Maven coordinates <code>org.eclipse.jetty.npn:npn-api</code>.
 +
This dependency needs to be declared as "provided", because it is already included in the <code>npn-boot</code> jar (see section above) and therefore will be available in the boot classpath.
 +
 
 +
The API is composed by a single class, <code>org.eclipse.jetty.npn.NextProtoNego</code>, and applications need to register instances of <code>SSLSocket</code> or <code>SSLEngine</code> with a client or server provider (depending on whether the application is a client or server application).
 +
 
 +
===Client Example===
 +
<source lang="java">
 +
 
 +
</source>
 +
 
  
 
==Implementation Details==
 
==Implementation Details==
 +
  
  
  
 
}}
 
}}

Revision as of 03:58, 12 March 2012



Introduction

The Jetty project provides an implementation of the Next Protocol Negotiation TLS Extension (NPN) for OpenJDK 7 or greater.

Jetty's NPN implementation, although hosted under the umbrella of the Jetty project, is independent of Jetty (the Servlet Container), and can be reused in any other Java network server.

Feature

JVM Startup Usage

In order to enable NPN support, you need to start the JVM with:

java -Xbootclasspath/p:<path_to_npn_boot_jar> ...

where path_to_npn_boot_jar is the path on file system for the NPN Boot jar file, for example one at the following Maven coordinates org.mortbay.jetty.npn:npn-boot.

API Usage

Applications needs to interact with the negotiation of the next protocol performed by the NPN TLS extension. For example, server applications need to know whether the client supports NPN, and client applications needs to know the list of protocols supported by the server, and so on.

In order to provide this interaction, Jetty's NPN implementation provides an API to applications, hosted at Maven coordinates org.eclipse.jetty.npn:npn-api. This dependency needs to be declared as "provided", because it is already included in the npn-boot jar (see section above) and therefore will be available in the boot classpath.

The API is composed by a single class, org.eclipse.jetty.npn.NextProtoNego, and applications need to register instances of SSLSocket or SSLEngine with a client or server provider (depending on whether the application is a client or server application).

Client Example

 


Implementation Details