Java Code Examples for javax.ws.rs.client.ClientBuilder#hostnameVerifier()

The following examples show how to use javax.ws.rs.client.ClientBuilder#hostnameVerifier() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: RestClientUtil.java    From cloudbreak with Apache License 2.0 6 votes vote down vote up
public static Client createClient(SSLContext sslContext, boolean debug) {
    ClientConfig config = new ClientConfig();
    config.property(ClientProperties.FOLLOW_REDIRECTS, "false");
    config.property(ClientProperties.CONNECT_TIMEOUT, CONNECT_TIMEOUT_MS);
    config.register(MultiPartFeature.class);

    ClientBuilder builder = ClientBuilder.newBuilder().withConfig(config);
    builder.sslContext(sslContext);
    builder.hostnameVerifier(CertificateTrustManager.hostnameVerifier());
    if (debug) {
        builder = enableRestDebug(builder);
    }
    Client client = builder.build();
    LOGGER.debug("Jax rs client has been constructed: {}, sslContext: {}", client, sslContext);
    return client;
}
 
Example 2
Source File: ClientSetup.java    From component-runtime with Apache License 2.0 6 votes vote down vote up
private ClientBuilder createClient(final ExecutorService executor, final Optional<String> keystoreLocation,
        final Optional<String> keystoreType, final String keystorePassword, final Optional<String> truststoreType,
        final List<String> serverHostnames) {
    final ClientBuilder builder = ClientBuilder.newBuilder();
    builder.connectTimeout(connectTimeout, MILLISECONDS);
    builder.readTimeout(readTimeout, MILLISECONDS);
    builder.executorService(executor);
    if (acceptAnyCertificate) {
        builder.hostnameVerifier((host, session) -> true);
        builder.sslContext(createUnsafeSSLContext());
    } else if (keystoreLocation.isPresent()) {
        builder.hostnameVerifier((host, session) -> serverHostnames.contains(host));
        builder.sslContext(createSSLContext(keystoreLocation, keystoreType, keystorePassword, truststoreType));
    }
    providers.map(it -> Stream.of(it.split(",")).map(String::trim).filter(v -> !v.isEmpty()).map(fqn -> {
        try {
            return Thread.currentThread().getContextClassLoader().loadClass(fqn).getConstructor().newInstance();
        } catch (final Exception e) {
            log.warn("Can't add provider " + fqn + ": " + e.getMessage(), e);
            return null;
        }
    }).filter(Objects::nonNull)).ifPresent(it -> it.forEach(builder::register));
    return ClientTracingRegistrar.configure(builder);
}
 
Example 3
Source File: WebClient.java    From dremio-oss with Apache License 2.0 6 votes vote down vote up
private void setTrustStore(ClientBuilder clientBuilder, DACConfig dacConfig)
  throws IOException, GeneralSecurityException {
  Optional<KeyStore> trustStore = Optional.empty();

  if (checkCertificates) {
    trustStore = new SSLConfigurator(dacConfig.getConfig(), DremioConfig.WEB_SSL_PREFIX, "web").getTrustStore();
    if (trustStore.isPresent()) {
      clientBuilder.trustStore(trustStore.get());
    }
  } else {
    SSLContext sslContext = SSLHelper.newAllTrustingSSLContext("SSL");
    HostnameVerifier verifier = SSLHelper.newAllValidHostnameVerifier();
    clientBuilder.hostnameVerifier(verifier);
    clientBuilder.sslContext(sslContext);
  }
}
 
Example 4
Source File: JAXRS20HttpsBookTest.java    From cxf with Apache License 2.0 6 votes vote down vote up
@Test
public void testGetBook() throws Exception {

    ClientBuilder builder = ClientBuilder.newBuilder();

    try (InputStream keystore = ClassLoaderUtils.getResourceAsStream("keys/Truststore.jks", this.getClass())) {
        KeyStore trustStore = loadStore(keystore, "password");
        builder.trustStore(trustStore);
    }
    builder.hostnameVerifier(new AllowAllHostnameVerifier());

    try (InputStream keystore = ClassLoaderUtils.getResourceAsStream("keys/Morpit.jks", this.getClass())) {
        KeyStore keyStore = loadStore(keystore, "password");
        builder.keyStore(keyStore, "password");
    }

    Client client = builder.build();
    client.register(new LoggingFeature());

    WebTarget target = client.target("https://localhost:" + PORT + "/bookstore/securebooks/123");
    Book b = target.request().accept(MediaType.APPLICATION_XML_TYPE).get(Book.class);
    assertEquals(123, b.getId());
}
 
Example 5
Source File: IntegrationTestBase.java    From nifi-registry with Apache License 2.0 6 votes vote down vote up
private static Client createClientFromConfig(NiFiRegistryClientConfig registryClientConfig) {

        final ClientConfig clientConfig = new ClientConfig();
        clientConfig.register(jacksonJaxbJsonProvider());

        final ClientBuilder clientBuilder = ClientBuilder.newBuilder().withConfig(clientConfig);

        final SSLContext sslContext = registryClientConfig.getSslContext();
        if (sslContext != null) {
            clientBuilder.sslContext(sslContext);
        }

        final HostnameVerifier hostnameVerifier = registryClientConfig.getHostnameVerifier();
        if (hostnameVerifier != null) {
            clientBuilder.hostnameVerifier(hostnameVerifier);
        }

        return clientBuilder.build();
    }
 
Example 6
Source File: ConfigurationLoader.java    From openwebbeans-meecrowave with Apache License 2.0 6 votes vote down vote up
private Client createClient(final Routes.Route route) {
    final ClientBuilder clientBuilder = ClientBuilder.newBuilder();
    clientBuilder.executorService(route.executor);
    clientBuilder.readTimeout(route.clientConfiguration.timeouts.read, MILLISECONDS);
    clientBuilder.connectTimeout(route.clientConfiguration.timeouts.connect, MILLISECONDS);
    // clientBuilder.scheduledExecutorService(); // not used by cxf for instance so no need to overkill the conf

    if (route.clientConfiguration.sslConfiguration.acceptAnyCertificate) {
        clientBuilder.hostnameVerifier((host, session) -> true);
        clientBuilder.sslContext(createUnsafeSSLContext());
    } else if (route.clientConfiguration.sslConfiguration.keystoreLocation != null) {
        if (route.clientConfiguration.sslConfiguration.verifiedHostnames != null) {
            clientBuilder.hostnameVerifier((host, session) -> route.clientConfiguration.sslConfiguration.verifiedHostnames.contains(host));
        }
        clientBuilder.sslContext(createSSLContext(
                route.clientConfiguration.sslConfiguration.keystoreLocation,
                route.clientConfiguration.sslConfiguration.keystoreType,
                route.clientConfiguration.sslConfiguration.keystorePassword,
                route.clientConfiguration.sslConfiguration.truststoreType));
    }

    return clientBuilder.build();
}
 
Example 7
Source File: JerseyJaxRsClientFactory.java    From vespa with Apache License 2.0 6 votes vote down vote up
public JerseyJaxRsClientFactory(SSLContext sslContext, HostnameVerifier hostnameVerifier, String userAgent) {
    /*
     * Configure client with some workarounds for HTTP/JAX-RS/Jersey issues. See:
     *   https://jersey.java.net/apidocs/latest/jersey/org/glassfish/jersey/client/ClientProperties.html#SUPPRESS_HTTP_COMPLIANCE_VALIDATION
     *   https://jersey.java.net/apidocs/latest/jersey/org/glassfish/jersey/client/HttpUrlConnectorProvider.html#SET_METHOD_WORKAROUND
     */
    ClientBuilder builder = ClientBuilder.newBuilder()
                                         .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // Allow empty PUT. TODO: Fix API.
                                         .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) // Allow e.g. PATCH method.
                                         .property(ClientProperties.FOLLOW_REDIRECTS, true);
    if (sslContext != null) {
        builder.sslContext(sslContext);
    }
    if (hostnameVerifier != null) {
        builder.hostnameVerifier(hostnameVerifier);
    }
    if (userAgent != null) {
        builder.register((ClientRequestFilter) context -> context.getHeaders().put(HttpHeaders.USER_AGENT, Collections.singletonList(userAgent)));
    }
    this.client = builder.build();
}
 
Example 8
Source File: VespaClientBuilderFactory.java    From vespa with Apache License 2.0 5 votes vote down vote up
private void setSslConfiguration(ClientBuilder builder) {
    if (tlsContext != null) {
        builder.sslContext(tlsContext.context());
        builder.hostnameVerifier((hostname, sslSession) -> true); // disable hostname verification
        if (mixedMode != MixedMode.PLAINTEXT_CLIENT_MIXED_SERVER) {
            builder.register(new UriRewritingRequestFilter());
        }
    }
}
 
Example 9
Source File: BatchEEJAXRS2Client.java    From incubator-batchee with Apache License 2.0 5 votes vote down vote up
public BatchEEJAXRS2Client(final ClientConfiguration configuration) {
    final String url;
    if (configuration.getBaseUrl().endsWith("/")) {
        url = configuration.getBaseUrl() + BATCHEE_PATH;
    } else {
        url = configuration.getBaseUrl() + "/" + BATCHEE_PATH;
    }

    ClientBuilder builder = ClientBuilder.newBuilder();
    final ClientSslConfiguration ssl = configuration.getSsl();
    if (ssl != null) {
        if (ssl.getHostnameVerifier() != null) {
            builder = builder.hostnameVerifier(ssl.getHostnameVerifier());
        }
        if (ssl.getSslContext() != null) {
            builder = builder.sslContext(ssl.getSslContext());
        }
        if (ssl.getKeystore() != null) {
            builder.keyStore(ssl.getKeystore(), ssl.getKeystorePassword());
        }
    }

    WebTarget target = builder.build().target(url);
    if (configuration.getJsonProvider() != null) {
        target = target.register(configuration.getJsonProvider());
    }

    final ClientSecurity security = configuration.getSecurity();
    if (security != null) {
        if ("Basic".equalsIgnoreCase(security.getType())) {
            target = target.register(new Base64Filter(security.getUsername(), security.getPassword()));
        } else {
            throw new IllegalArgumentException("Security not supported: " + security.getType());
        }
    }

    this.target = target;
}
 
Example 10
Source File: JerseyHttpClient.java    From karate with MIT License 5 votes vote down vote up
@Override
public void configure(Config config, ScenarioContext context) {
    ClientConfig cc = new ClientConfig();
    // support request body for DELETE (non-standard)
    cc.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true);
    charset = config.getCharset();
    if (!config.isFollowRedirects()) {
        cc.property(ClientProperties.FOLLOW_REDIRECTS, false);
    }
    ClientBuilder clientBuilder = ClientBuilder.newBuilder()
            .withConfig(cc)
            .register(new LoggingInterceptor(context)) // must be first
            .register(MultiPartFeature.class);
    if (config.isSslEnabled()) {
        String algorithm = config.getSslAlgorithm(); // could be null
        KeyStore trustStore = HttpUtils.getKeyStore(context,
                config.getSslTrustStore(), config.getSslTrustStorePassword(), config.getSslTrustStoreType());
        KeyStore keyStore = HttpUtils.getKeyStore(context,
                config.getSslKeyStore(), config.getSslKeyStorePassword(), config.getSslKeyStoreType());
        SSLContext sslContext = SslConfigurator.newInstance()
                .securityProtocol(algorithm) // will default to TLS if null
                .trustStore(trustStore)
                .keyStore(keyStore)
                .createSSLContext();
        HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
        clientBuilder.sslContext(sslContext);
        clientBuilder.hostnameVerifier((host, session) -> true);
    }
    client = clientBuilder.build();
    client.property(ClientProperties.CONNECT_TIMEOUT, config.getConnectTimeout());
    client.property(ClientProperties.READ_TIMEOUT, config.getReadTimeout());
    if (config.getProxyUri() != null) {
        client.property(ClientProperties.PROXY_URI, config.getProxyUri());
        if (config.getProxyUsername() != null && config.getProxyPassword() != null) {
            client.property(ClientProperties.PROXY_USERNAME, config.getProxyUsername());
            client.property(ClientProperties.PROXY_PASSWORD, config.getProxyPassword());
        }
    }
}
 
Example 11
Source File: HttpClient.java    From pandaria with MIT License 5 votes vote down vote up
private HttpClient(HttpContext context) {
    ClientBuilder builder = ClientBuilder.newBuilder()
            .property(SET_METHOD_WORKAROUND, true)
            .property(SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true)
            .register(MultiPartFeature.class)
            .register(logAny())
            .sslContext(context.isHttpSslVerify() ? getDefaultContext() : emptyContext());

    if (!context.isHttpSslVerify()) {
        builder.hostnameVerifier(trustAll());
    }

    this.client = builder.build();
    this.context = context;
}
 
Example 12
Source File: FHIRClientImpl.java    From FHIR with Apache License 2.0 4 votes vote down vote up
/**
 * Retrieves a jax-rs Client from the ClientBuilder object. The Client instance is created if necessary.
 */
protected synchronized Client getClient() throws Exception {
    if (client == null) {
        ClientBuilder cb = ClientBuilder.newBuilder()
                .register(new FHIRProvider(RuntimeType.CLIENT))
                .register(new FHIRJsonProvider(RuntimeType.CLIENT))
                .register(new FHIRJsonPatchProvider(RuntimeType.CLIENT));

        // Add support for basic auth if enabled.
        if (isBasicAuthEnabled()) {
            cb = cb.register(new FHIRBasicAuthenticator(getBasicAuthUsername(), getBasicAuthPassword()));
        }

        // Add support for OAuth 2.0 if enabled.
        if (isOAuth2Enabled()) {
            cb = cb.register(new FHIROAuth2Authenticator(getOAuth2AccessToken()));
        }

        // If using oAuth 2.0 or clientauth, then we need to attach our Keystore.
        if (isOAuth2Enabled() || isClientAuthEnabled()) {
            cb = cb.keyStore(getKeyStore(), getKeyStoreKeyPassword());
        }

        // If using oAuth 2.0 or clientauth or an https endpoint, then we need to attach our Truststore.
        KeyStore ks = getTrustStore();
        if (ks != null) {
            cb = cb.trustStore(ks);
        }

        // Add a hostname verifier if we're using an ssl transport.
        if (usingSSLTransport() && !isHostnameVerificationEnabled()) {
            cb = cb.hostnameVerifier(new HostnameVerifier() {

                @Override
                public boolean verify(String s, SSLSession sslSession) {
                    return true;
                }
            });
        }

        // Set the http client's receive timeout setting
        cb.property("http.receive.timeout", getHttpTimeout()); // defaults to 60s

        // true: If need, tell Apache CXF to use the Async HTTP conduit for PATCH operation as the
        // default HTTP conduit does not support PATCH
        // false(default): To avoid the http async client time out issue (http://mail-archives.apache.org
        // /mod_mbox/hc-dev/201909.mbox/%3CJIRA.13256372.1568301069000.62179.1568450580088@Atlassian.JIRA%3E),
        // please set this to false.
        cb.property("use.async.http.conduit", false);

        // Add request/response logging if enabled.
        if (isLoggingEnabled()) {
            cb.register(LoggingFeature.class);
        }

        // Save off our cached Client instance.
        client = cb.build();
    }
    return client;
}
 
Example 13
Source File: JerseyNiFiRegistryClient.java    From nifi-registry with Apache License 2.0 4 votes vote down vote up
private JerseyNiFiRegistryClient(final NiFiRegistryClient.Builder builder) {
    final NiFiRegistryClientConfig registryClientConfig = builder.getConfig();
    if (registryClientConfig == null) {
        throw new IllegalArgumentException("NiFiRegistryClientConfig cannot be null");
    }

    String baseUrl = registryClientConfig.getBaseUrl();
    if (StringUtils.isBlank(baseUrl)) {
        throw new IllegalArgumentException("Base URL cannot be blank");
    }

    if (baseUrl.endsWith("/")) {
        baseUrl = baseUrl.substring(0, baseUrl.length() - 1);
    }

    if (!baseUrl.endsWith(NIFI_REGISTRY_CONTEXT)) {
        baseUrl = baseUrl + "/" + NIFI_REGISTRY_CONTEXT;
    }

    try {
        new URI(baseUrl);
    } catch (final Exception e) {
        throw new IllegalArgumentException("Invalid base URL: " + e.getMessage(), e);
    }

    final SSLContext sslContext = registryClientConfig.getSslContext();
    final HostnameVerifier hostnameVerifier = registryClientConfig.getHostnameVerifier();

    final ClientBuilder clientBuilder = ClientBuilder.newBuilder();
    if (sslContext != null) {
        clientBuilder.sslContext(sslContext);
    }
    if (hostnameVerifier != null) {
        clientBuilder.hostnameVerifier(hostnameVerifier);
    }

    final int connectTimeout = registryClientConfig.getConnectTimeout() == null ? DEFAULT_CONNECT_TIMEOUT : registryClientConfig.getConnectTimeout();
    final int readTimeout = registryClientConfig.getReadTimeout() == null ? DEFAULT_READ_TIMEOUT : registryClientConfig.getReadTimeout();

    final ClientConfig clientConfig = new ClientConfig();
    clientConfig.property(ClientProperties.CONNECT_TIMEOUT, connectTimeout);
    clientConfig.property(ClientProperties.READ_TIMEOUT, readTimeout);
    clientConfig.property(ClientProperties.REQUEST_ENTITY_PROCESSING, RequestEntityProcessing.CHUNKED);
    clientConfig.register(jacksonJaxbJsonProvider());
    clientBuilder.withConfig(clientConfig);

    this.client = clientBuilder
            .register(MultiPartFeature.class)
            .build();

    this.baseTarget = client.target(baseUrl);
    this.bucketClient = new JerseyBucketClient(baseTarget);
    this.flowClient = new JerseyFlowClient(baseTarget);
    this.flowSnapshotClient = new JerseyFlowSnapshotClient(baseTarget);
    this.itemsClient = new JerseyItemsClient(baseTarget);
}
 
Example 14
Source File: ElasticConnectionPool.java    From dremio-oss with Apache License 2.0 4 votes vote down vote up
public void connect() throws IOException {
  final ClientConfig configuration = new ClientConfig();
  configuration.property(ClientProperties.READ_TIMEOUT, readTimeoutMillis);
  final AWSCredentialsProvider awsCredentialsProvider = elasticsearchAuthentication.getAwsCredentialsProvider();
  if (awsCredentialsProvider != null) {
    configuration.property(REGION_NAME, elasticsearchAuthentication.getRegionName());
    configuration.register(ElasticsearchRequestClientFilter.class);
    configuration.register(new InjectableAWSCredentialsProvider(awsCredentialsProvider), InjectableAWSCredentialsProvider.class);
  }

  final ClientBuilder builder = ClientBuilder.newBuilder()
      .withConfig(configuration);

  switch(sslMode) {
  case UNSECURE:
    builder.sslContext(SSLHelper.newAllTrustingSSLContext("SSL"));
    // fall-through
  case VERIFY_CA:
    builder.hostnameVerifier(SSLHelper.newAllValidHostnameVerifier());
    // fall-through
  case STRICT:
    break;

  case OFF:
    // no TLS/SSL configuration
  }

  client = builder.build();
  client.register(GZipEncoder.class);
  client.register(DeflateEncoder.class);
  client.register(EncodingFilter.class);

  if (REQUEST_LOGGER.isDebugEnabled()) {
    java.util.logging.Logger julLogger = java.util.logging.Logger.getLogger(REQUEST_LOGGER_NAME);
    client.register(new LoggingFeature(
        julLogger,
        Level.FINE,
        REQUEST_LOGGER.isTraceEnabled() ? LoggingFeature.Verbosity.PAYLOAD_TEXT : LoggingFeature.Verbosity.HEADERS_ONLY,
        65536));
  }

  final JacksonJaxbJsonProvider provider = new JacksonJaxbJsonProvider();
  provider.setMapper(ElasticMappingSet.MAPPER);

  // Disable other JSON providers.
  client.property(
    PropertiesHelper.getPropertyNameForRuntime(InternalProperties.JSON_FEATURE, client.getConfiguration().getRuntimeType()),
    JacksonJaxbJsonProvider.class.getSimpleName());

  client.register(provider);

  HttpAuthenticationFeature httpAuthenticationFeature = elasticsearchAuthentication.getHttpAuthenticationFeature();
  if (httpAuthenticationFeature != null) {
    client.register(httpAuthenticationFeature);
  }

  updateClients();
}
 
Example 15
Source File: JAXRS20HttpsBookTest.java    From cxf with Apache License 2.0 4 votes vote down vote up
@Test
public void testGetBookSslContext() throws Exception {

    ClientBuilder builder = ClientBuilder.newBuilder();

    SSLContext sslContext = createSSLContext();
    builder.sslContext(sslContext);

    builder.hostnameVerifier(new AllowAllHostnameVerifier());


    Client client = builder.build();

    WebTarget target = client.target("https://localhost:" + PORT + "/bookstore/securebooks/123");
    Book b = target.request().accept(MediaType.APPLICATION_XML_TYPE).get(Book.class);
    assertEquals(123, b.getId());
}
 
Example 16
Source File: JerseyNiFiClient.java    From nifi with Apache License 2.0 4 votes vote down vote up
private JerseyNiFiClient(final Builder builder) {
    final NiFiClientConfig clientConfig = builder.getConfig();
    if (clientConfig == null) {
        throw new IllegalArgumentException("NiFiClientConfig cannot be null");
    }

    String baseUrl = clientConfig.getBaseUrl();
    if (StringUtils.isBlank(baseUrl)) {
        throw new IllegalArgumentException("Base URL cannot be blank");
    }

    if (baseUrl.endsWith("/")) {
        baseUrl = baseUrl.substring(0, baseUrl.length() - 1);
    }

    if (!baseUrl.endsWith(NIFI_CONTEXT)) {
        baseUrl = baseUrl + "/" + NIFI_CONTEXT;
    }

    try {
        new URI(baseUrl);
    } catch (final Exception e) {
        throw new IllegalArgumentException("Invalid base URL: " + e.getMessage(), e);
    }

    final SSLContext sslContext = clientConfig.getSslContext();
    final HostnameVerifier hostnameVerifier = clientConfig.getHostnameVerifier();

    final ClientBuilder clientBuilder = ClientBuilder.newBuilder();
    if (sslContext != null) {
        clientBuilder.sslContext(sslContext);
    }
    if (hostnameVerifier != null) {
        clientBuilder.hostnameVerifier(hostnameVerifier);
    }

    final int connectTimeout = clientConfig.getConnectTimeout() == null ? DEFAULT_CONNECT_TIMEOUT : clientConfig.getConnectTimeout();
    final int readTimeout = clientConfig.getReadTimeout() == null ? DEFAULT_READ_TIMEOUT : clientConfig.getReadTimeout();

    final ClientConfig jerseyClientConfig = new ClientConfig();
    jerseyClientConfig.property(ClientProperties.CONNECT_TIMEOUT, connectTimeout);
    jerseyClientConfig.property(ClientProperties.READ_TIMEOUT, readTimeout);
    jerseyClientConfig.register(jacksonJaxbJsonProvider());
    clientBuilder.withConfig(jerseyClientConfig);
    this.client = clientBuilder.build();

    this.baseTarget = client.target(baseUrl);
}
 
Example 17
Source File: JerseyExtendedNiFiRegistryClient.java    From nifi with Apache License 2.0 4 votes vote down vote up
public JerseyExtendedNiFiRegistryClient(final NiFiRegistryClient delegate, final NiFiRegistryClientConfig registryClientConfig) {
    this.delegate = delegate;

    // Copied from JerseyNiFiRegistryClient!
    if (registryClientConfig == null) {
        throw new IllegalArgumentException("NiFiRegistryClientConfig cannot be null");
    }

    String baseUrl = registryClientConfig.getBaseUrl();
    if (StringUtils.isBlank(baseUrl)) {
        throw new IllegalArgumentException("Base URL cannot be blank");
    }

    if (baseUrl.endsWith("/")) {
        baseUrl = baseUrl.substring(0, baseUrl.length() - 1);
    }

    if (!baseUrl.endsWith(NIFI_REGISTRY_CONTEXT)) {
        baseUrl = baseUrl + "/" + NIFI_REGISTRY_CONTEXT;
    }

    try {
        new URI(baseUrl);
    } catch (final Exception e) {
        throw new IllegalArgumentException("Invalid base URL: " + e.getMessage(), e);
    }

    final SSLContext sslContext = registryClientConfig.getSslContext();
    final HostnameVerifier hostnameVerifier = registryClientConfig.getHostnameVerifier();

    final ClientBuilder clientBuilder = ClientBuilder.newBuilder();
    if (sslContext != null) {
        clientBuilder.sslContext(sslContext);
    }
    if (hostnameVerifier != null) {
        clientBuilder.hostnameVerifier(hostnameVerifier);
    }

    final int connectTimeout = registryClientConfig.getConnectTimeout() == null ? DEFAULT_CONNECT_TIMEOUT : registryClientConfig.getConnectTimeout();
    final int readTimeout = registryClientConfig.getReadTimeout() == null ? DEFAULT_READ_TIMEOUT : registryClientConfig.getReadTimeout();

    final ClientConfig clientConfig = new ClientConfig();
    clientConfig.property(ClientProperties.CONNECT_TIMEOUT, connectTimeout);
    clientConfig.property(ClientProperties.READ_TIMEOUT, readTimeout);
    clientConfig.property(ClientProperties.REQUEST_ENTITY_PROCESSING, RequestEntityProcessing.CHUNKED);
    clientConfig.register(jacksonJaxbJsonProvider());
    clientBuilder.withConfig(clientConfig);

    this.client = clientBuilder
            .register(MultiPartFeature.class)
            .build();

    this.baseTarget = client.target(baseUrl);

    this.tenantsClient = new JerseyTenantsClient(baseTarget);
    this.policiesClient = new JerseyPoliciesClient(baseTarget);
}