org.apache.http.conn.ssl.X509HostnameVerifier Java Examples

The following examples show how to use org.apache.http.conn.ssl.X509HostnameVerifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AbstractRestTemplateClient.java    From documentum-rest-client-java with Apache License 2.0 6 votes vote down vote up
public AbstractRestTemplateClient ignoreAuthenticateServer() {
    //backward compatible with android httpclient 4.3.x
    if(restTemplate.getRequestFactory() instanceof HttpComponentsClientHttpRequestFactory) {
        try {
            SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build();
            X509HostnameVerifier verifier = ignoreSslWarning ? new AllowAllHostnameVerifier() : new BrowserCompatHostnameVerifier();
            SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(sslContext, verifier);
            HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
            ((HttpComponentsClientHttpRequestFactory)restTemplate.getRequestFactory()).setHttpClient(httpClient);
        } catch (Exception e) {
            e.printStackTrace();
        }
    } else {
        Debug.error("the request factory " + restTemplate.getRequestFactory().getClass().getName() + " does not support ignoreAuthenticateServer");
    }
    return this;
}
 
Example #2
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 5 votes vote down vote up
/**
 * @since 4.1
 */
public SSLSocketFactory(
        String algorithm,
        final KeyStore keystore,
        final String keystorePassword,
        final KeyStore truststore,
        final SecureRandom random,
        final TrustStrategy trustStrategy,
        final X509HostnameVerifier hostnameVerifier)
            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    this(createSSLContext(
            algorithm, keystore, keystorePassword, truststore, random, trustStrategy),
            hostnameVerifier);
}
 
Example #3
Source File: KeyStoreAwareSocketFactory.java    From ribbon with Apache License 2.0 5 votes vote down vote up
public KeyStoreAwareSocketFactory(final AbstractSslContextFactory abstractFactory, X509HostnameVerifier hostnameVerifier) throws ClientSslSocketFactoryException, NoSuchAlgorithmException{
	super(abstractFactory == null ? SSLContext.getDefault() : abstractFactory.getSSLContext(), hostnameVerifier);

	if(abstractFactory == null){
		this.keyStore = null;
		this.trustStore = null;
	}else{
		this.keyStore = abstractFactory.getKeyStore();
		this.trustStore = abstractFactory.getTrustStore();
	}
}
 
Example #4
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 5 votes vote down vote up
@Deprecated
public void setHostnameVerifier(X509HostnameVerifier hostnameVerifier) {
    if ( hostnameVerifier == null ) {
        throw new IllegalArgumentException("Hostname verifier may not be null");
    }
    this.hostnameVerifier = hostnameVerifier;
}
 
Example #5
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 5 votes vote down vote up
/**
 * @since 4.1
 */
public SSLSocketFactory(
        final SSLContext sslContext, final X509HostnameVerifier hostnameVerifier) {
    super();
    this.socketfactory = sslContext.getSocketFactory();
    this.hostnameVerifier = hostnameVerifier;
    this.nameResolver = null;
}
 
Example #6
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 5 votes vote down vote up
/**
 * @since 4.1
 */
public SSLSocketFactory(
        final TrustStrategy trustStrategy,
        final X509HostnameVerifier hostnameVerifier)
            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    this(TLS, null, null, null, null, trustStrategy, hostnameVerifier);
}
 
Example #7
Source File: SSLSocketFactory.java    From Popeens-DSub with GNU General Public License v3.0 5 votes vote down vote up
/**
 * @since 4.1
 */
public SSLSocketFactory(
        String algorithm,
        final KeyStore keystore,
        final String keystorePassword,
        final KeyStore truststore,
        final SecureRandom random,
        final X509HostnameVerifier hostnameVerifier)
            throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    this(createSSLContext(
            algorithm, keystore, keystorePassword, truststore, random, null),
            hostnameVerifier);
}
 
Example #8
Source File: HttpClientBuilderTest.java    From scheduling with GNU Affero General Public License v3.0 5 votes vote down vote up
@Test
public void testUseSystemPropertiesFalse2() throws Exception {
    WebProperties.WEB_HTTPS_ALLOW_ANY_CERTIFICATE.updateProperty("tRuE");
    WebProperties.WEB_HTTPS_ALLOW_ANY_HOSTNAME.updateProperty("FalsE");
    WebProperties.storeInSystemProperties();

    httpClientBuilder.useSystemProperties(false);
    httpClientBuilder.build();

    Mockito.verify(internalHttpClientBuilder).build();
    Mockito.verify(internalHttpClientBuilder, never()).useSystemProperties();
    Mockito.verify(internalHttpClientBuilder, never()).setSslcontext(Mockito.<SSLContext> any());
    Mockito.verify(internalHttpClientBuilder, never()).setHostnameVerifier(Mockito.<X509HostnameVerifier> any());
}
 
Example #9
Source File: HttpClientBuilderTest.java    From scheduling with GNU Affero General Public License v3.0 5 votes vote down vote up
@Test
public void testUseSystemPropertiesTrue2() throws Exception {
    httpClientBuilder.useSystemProperties(true);
    httpClientBuilder.build();

    Mockito.verify(internalHttpClientBuilder).build();
    Mockito.verify(internalHttpClientBuilder).useSystemProperties();
    Mockito.verify(internalHttpClientBuilder, never()).setHostnameVerifier(Mockito.<X509HostnameVerifier> any());
    Mockito.verify(internalHttpClientBuilder, never()).setSslcontext(Mockito.<SSLContext> any());
}
 
Example #10
Source File: HttpClientBuilderTest.java    From scheduling with GNU Affero General Public License v3.0 5 votes vote down vote up
@Test
public void testInsecureFalse() throws Exception {
    httpClientBuilder.insecure(false);
    httpClientBuilder.build();

    Mockito.verify(httpClientBuilder).allowAnyHostname(false);
    Mockito.verify(httpClientBuilder).allowAnyCertificate(false);

    Mockito.verify(internalHttpClientBuilder).build();
    Mockito.verify(internalHttpClientBuilder, never()).setHostnameVerifier(Mockito.<X509HostnameVerifier> any());
    Mockito.verify(internalHttpClientBuilder, never()).setSslcontext(Mockito.<SSLContext> any());
}
 
Example #11
Source File: HttpClientBuilderTest.java    From scheduling with GNU Affero General Public License v3.0 5 votes vote down vote up
@Test
public void testAllowAnyHostnameFalse() throws Exception {
    httpClientBuilder.allowAnyHostname(false);
    httpClientBuilder.build();

    Mockito.verify(internalHttpClientBuilder).build();
    Mockito.verify(internalHttpClientBuilder, never()).setHostnameVerifier(Mockito.<X509HostnameVerifier> any());
}
 
Example #12
Source File: Curl.java    From UAF with Apache License 2.0 5 votes vote down vote up
private static HttpClient createHttpsClient() {
	HostnameVerifier hostnameVerifier = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
	SchemeRegistry registry = new SchemeRegistry();
	SSLSocketFactory socketFactory = SSLSocketFactory.getSocketFactory();
	socketFactory
			.setHostnameVerifier((X509HostnameVerifier) hostnameVerifier);
	registry.register(new Scheme("https", socketFactory, 443));
	HttpClient client = new DefaultHttpClient();
	SingleClientConnManager mgr = new SingleClientConnManager(
			client.getParams(), registry);
	DefaultHttpClient httpClient = new DefaultHttpClient(mgr,
			client.getParams());
	return httpClient;
}
 
Example #13
Source File: HttpCache.java    From openid4java with Apache License 2.0 5 votes vote down vote up
/**
 * Constructs a new HttpCache object, that will be initialized with the
 * default set of HttpRequestOptions.
 *
 * @see HttpRequestOptions
 */
public HttpCache(SSLContext sslContext, X509HostnameVerifier hostnameVerifier)
{
    super();
    _client = HttpClientFactory.getInstance(
            getDefaultRequestOptions().getMaxRedirects(),
            getDefaultRequestOptions().getAllowCircularRedirects(),
            getDefaultRequestOptions().getSocketTimeout(),
            getDefaultRequestOptions().getConnTimeout(),
            null, sslContext, hostnameVerifier);
}
 
Example #14
Source File: ConfirmingHostnameVerifier.java    From consulo with Apache License 2.0 4 votes vote down vote up
public ConfirmingHostnameVerifier(@Nonnull X509HostnameVerifier verifier) {
  myVerifier = verifier;
}
 
Example #15
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory, String[] supportedProtocols, String[] supportedCipherSuites, X509HostnameVerifier hostnameVerifier) {
    super(socketfactory, supportedProtocols, supportedCipherSuites, hostnameVerifier);
}
 
Example #16
Source File: WebUtil.java    From dal with Apache License 2.0 4 votes vote down vote up
private static HttpClient initWeakSSLClient() {
    HttpClientBuilder b = HttpClientBuilder.create();
    // setup a Trust Strategy that allows all certificates.
    //
    SSLContext sslContext = null;
    try {
        sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
            public boolean isTrusted(X509Certificate[] arg0, String arg1) {
                return true;
            }
        }).build();
    } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException e) {
        // do nothing, has been handled outside
    }
    b.setSslcontext(sslContext);

    // don't check Hostnames, either.
    // -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
    X509HostnameVerifier hostnameVerifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

    // here's the special part:
    // -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
    // -- and create a Registry, to register it.
    //
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
            .register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory)
            .build();

    // now, we create connection-manager using our Registry.
    // -- allows multi-threaded use
    PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    b.setConnectionManager(connMgr);

    /**
     * Set timeout option
     */
    RequestConfig.Builder configBuilder = RequestConfig.custom();
    configBuilder.setConnectTimeout(TIMEOUT);
    configBuilder.setSocketTimeout(TIMEOUT);
    b.setDefaultRequestConfig(configBuilder.build());

    // finally, build the HttpClient;
    // -- done!
    HttpClient sslClient = b.build();
    return sslClient;
}
 
Example #17
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory, X509HostnameVerifier hostnameVerifier) {
    super(socketfactory, hostnameVerifier);
}
 
Example #18
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(SSLContext sslContext, String[] supportedProtocols, String[] supportedCipherSuites, X509HostnameVerifier hostnameVerifier) {
    super(sslContext, supportedProtocols, supportedCipherSuites, hostnameVerifier);
}
 
Example #19
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(SSLContext sslContext, X509HostnameVerifier hostnameVerifier) {
    super(sslContext, hostnameVerifier);
}
 
Example #20
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(TrustStrategy trustStrategy, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(trustStrategy, hostnameVerifier);
}
 
Example #21
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(String algorithm, KeyStore keystore, String keyPassword, KeyStore truststore, SecureRandom random, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(algorithm, keystore, keyPassword, truststore, random, hostnameVerifier);
}
 
Example #22
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(String algorithm, KeyStore keystore, String keyPassword, KeyStore truststore, SecureRandom random, TrustStrategy trustStrategy, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(algorithm, keystore, keyPassword, truststore, random, trustStrategy, hostnameVerifier);
}
 
Example #23
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory, String[] supportedProtocols, String[] supportedCipherSuites, X509HostnameVerifier hostnameVerifier) {
    super(socketfactory, supportedProtocols, supportedCipherSuites, hostnameVerifier);
}
 
Example #24
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(javax.net.ssl.SSLSocketFactory socketfactory, X509HostnameVerifier hostnameVerifier) {
    super(socketfactory, hostnameVerifier);
}
 
Example #25
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(SSLContext sslContext, String[] supportedProtocols, String[] supportedCipherSuites, X509HostnameVerifier hostnameVerifier) {
    super(sslContext, supportedProtocols, supportedCipherSuites, hostnameVerifier);
}
 
Example #26
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(SSLContext sslContext, X509HostnameVerifier hostnameVerifier) {
    super(sslContext, hostnameVerifier);
}
 
Example #27
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(TrustStrategy trustStrategy, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(trustStrategy, hostnameVerifier);
}
 
Example #28
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(String algorithm, KeyStore keystore, String keyPassword, KeyStore truststore, SecureRandom random, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(algorithm, keystore, keyPassword, truststore, random, hostnameVerifier);
}
 
Example #29
Source File: SniSSLSocketFactory.java    From keycloak with Apache License 2.0 4 votes vote down vote up
public SniSSLSocketFactory(String algorithm, KeyStore keystore, String keyPassword, KeyStore truststore, SecureRandom random, TrustStrategy trustStrategy, X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
    super(algorithm, keystore, keyPassword, truststore, random, trustStrategy, hostnameVerifier);
}
 
Example #30
Source File: KeyStoreAwareSocketFactory.java    From ribbon with Apache License 2.0 4 votes vote down vote up
public KeyStoreAwareSocketFactory(X509HostnameVerifier hostnameVerifier) throws NoSuchAlgorithmException, KeyStoreException{
	super(SSLContext.getDefault(), hostnameVerifier);

	this.keyStore = null;
	this.trustStore = null;
}