com.sun.jersey.client.urlconnection.HTTPSProperties Java Examples

The following examples show how to use com.sun.jersey.client.urlconnection.HTTPSProperties. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: WebServiceClient.java    From nextreports-server with Apache License 2.0 6 votes vote down vote up 
private void initSSL(ClientConfig config) throws Exception {
	
	log("* Init SSL connection ...");		
	sslContext = SSLContext.getInstance("SSL");
	tm = createTrustManager();
	sslContext.init(null, new TrustManager[] {tm}, null);
	config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
			new HTTPSProperties(createHostnameVerifier(), sslContext));		
	
	SSLSocketFactory factory = sslContext.getSocketFactory();

	URL url = new URL(server);
	String host = url.getHost();
	int port = url.getPort();
	log("  -> Opening connection to " + host + ":" + port + "...");
	SSLSocket socket = (SSLSocket) factory.createSocket(host, port);
	socket.setSoTimeout(10000);

	log("  -> Starting SSL handshake...");
	socket.startHandshake();
	socket.close();		
	log("  -> No errors, certificate is already trusted");		
}
Example #2
Source File: ClientConfig.java    From mutual-tls-ssl with Apache License 2.0 5 votes vote down vote up 
@Bean
public com.sun.jersey.api.client.Client oldJerseyClient(@Autowired(required = false) SSLFactory sslFactory) {
    if (nonNull(sslFactory)) {
        HttpsURLConnection.setDefaultSSLSocketFactory(sslFactory.getSslContext().getSocketFactory());
        DefaultClientConfig clientConfig = new DefaultClientConfig();
        clientConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(sslFactory.getHostnameVerifier(), sslFactory.getSslContext()));
        return com.sun.jersey.api.client.Client.create(clientConfig);
    } else {
        return com.sun.jersey.api.client.Client.create();
    }
}
Example #3
Source File: WebUtils.java    From localization_nifi with Apache License 2.0 5 votes vote down vote up 
/**
 * A helper method for creating clients. The client will be created using
 * the given configuration and security context. Additionally, the client
 * will be automatically configured for JSON serialization/deserialization.
 *
 * @param config client configuration
 * @param ctx security context, which may be null for non-secure client
 * creation
 *
 * @return a Client instance
 */
private static Client createClientHelper(final ClientConfig config, final SSLContext ctx) {

    final ClientConfig finalConfig = (config == null) ? new DefaultClientConfig() : config;

    if (ctx != null && StringUtils.isBlank((String) finalConfig.getProperty(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES))) {

        // custom hostname verifier that checks subject alternative names against the hostname of the URI
        final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
            @Override
            public boolean verify(final String hostname, final SSLSession ssls) {

                try {
                    for (final Certificate peerCertificate : ssls.getPeerCertificates()) {
                        if (peerCertificate instanceof X509Certificate) {
                            final X509Certificate x509Cert = (X509Certificate) peerCertificate;
                            final List<String> subjectAltNames = CertificateUtils.getSubjectAlternativeNames(x509Cert);
                            if (subjectAltNames.contains(hostname.toLowerCase())) {
                                return true;
                            }
                        }
                    }
                } catch (final SSLPeerUnverifiedException | CertificateParsingException ex) {
                    logger.warn("Hostname Verification encountered exception verifying hostname due to: " + ex, ex);
                }

                return false;
            }
        };

        finalConfig.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(hostnameVerifier, ctx));
    }

    finalConfig.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE);
    finalConfig.getClasses().add(ObjectMapperResolver.class);

    // web client for restful request
    return Client.create(finalConfig);

}
Example #4
Source File: NiFiRegistryClient.java    From ranger with Apache License 2.0 5 votes vote down vote up 
protected WebResource getWebResource() {
    final ClientConfig config = new DefaultClientConfig();
    if (sslContext != null) {
        config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
                new HTTPSProperties(hostnameVerifier, sslContext));
    }

    final Client client = Client.create(config);
    return client.resource(url);
}
Example #5
Source File: NiFiClient.java    From ranger with Apache License 2.0 5 votes vote down vote up 
protected WebResource getWebResource() {
    final ClientConfig config = new DefaultClientConfig();
    if (sslContext != null) {
        config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
                new HTTPSProperties(hostnameVerifier, sslContext));
    }

    final Client client = Client.create(config);
    return client.resource(url);
}
Example #6
Source File: RangerUgSyncRESTClient.java    From ranger with Apache License 2.0 5 votes vote down vote up 
public RangerUgSyncRESTClient(String policyMgrBaseUrls, String ugKeyStoreFile, String ugKeyStoreFilepwd,
		String ugKeyStoreType, String ugTrustStoreFile, String ugTrustStoreFilepwd, String ugTrustStoreType,
		String authenticationType, String principal, String keytab, String polMgrUsername, String polMgrPassword) {

	super(policyMgrBaseUrls, "", UserGroupSyncConfig.getInstance().getConfig());
	if (!(authenticationType != null && AUTH_KERBEROS.equalsIgnoreCase(authenticationType)
			&& SecureClientLogin.isKerberosCredentialExists(principal, keytab))) {
		setBasicAuthInfo(polMgrUsername, polMgrPassword);
	}

	if (isSSL()) {
		setKeyStoreType(ugKeyStoreType);
		setTrustStoreType(ugTrustStoreType);
		KeyManager[] kmList = getKeyManagers(ugKeyStoreFile, ugKeyStoreFilepwd);
		TrustManager[] tmList = getTrustManagers(ugTrustStoreFile, ugTrustStoreFilepwd);
		SSLContext sslContext = getSSLContext(kmList, tmList);
		ClientConfig config = new DefaultClientConfig();

		config.getClasses().add(JacksonJsonProvider.class); // to handle List<> unmarshalling
		HostnameVerifier hv = new HostnameVerifier() {
			public boolean verify(String urlHostName, SSLSession session) {
				return session.getPeerHost().equals(urlHostName);
			}
		};
		config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, new HTTPSProperties(hv, sslContext));

		setClient(Client.create(config));
		if (StringUtils.isNotEmpty(getUsername()) && StringUtils.isNotEmpty(getPassword())) {
			getClient().addFilter(new HTTPBasicAuthFilter(getUsername(), getPassword()));
		}
	}
}
Example #7
Source File: RestSource.java    From ingestion with Apache License 2.0 5 votes vote down vote up 
private Client initClient(Context context) {
    final Boolean skipSsl = context.getBoolean(CONF_SKIP_SSL, Boolean.FALSE);
    if (skipSsl) {
        ClientConfig config = new DefaultClientConfig(); // SSL configuration
        // SSL configuration
        config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES,
                new com.sun.jersey.client.urlconnection.HTTPSProperties(getHostnameVerifier(), getSSLContext()));
        return Client.create(config);
    } else {
        return new Client();
    }
}