List of usage examples for javax.net.ssl SSLContext init
public final void init(KeyManager[] km, TrustManager[] tm, SecureRandom random) throws KeyManagementException
From source file:co.cask.cdap.security.server.ExternalAuthenticationServerSSLTest.java
@Override protected HttpClient getHTTPClient() throws Exception { SSLContext sslContext = SSLContext.getInstance("SSL"); // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override// w w w .j a va 2 s. c o m public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws CertificateException { // } } }, new SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sslContext); Scheme httpsScheme = new Scheme("https", getAuthServerPort(), sf); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(httpsScheme); // apache HttpClient version >4.2 should use BasicClientConnectionManager ClientConnectionManager cm = new BasicClientConnectionManager(schemeRegistry); return new DefaultHttpClient(cm); }
From source file:org.wso2.carbon.identity.thrift.authentication.client.internal.pool.SecureClientPoolFactory.java
@Override public AuthenticatorService.Client makeObject(Object key) throws ThriftAuthenticationException, TTransportException { String[] keyElements = constructKeyElements((String) key); if (keyElements[0].equals(ThriftAuthenticationClient.Protocol.SSL.toString())) { if (params == null) { if (trustStore == null) { trustStore = System.getProperty("javax.net.ssl.trustStore"); if (trustStore == null) { throw new ThriftAuthenticationException("No trustStore found"); }// w w w. j a va2 s . c om } if (trustStorePassword == null) { trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); if (trustStorePassword == null) { throw new ThriftAuthenticationException("No trustStore password found"); } //trustStorePassword = "wso2carbon"; } params = new TSSLTransportFactory.TSSLTransportParameters(); params.setTrustStore(trustStore, trustStorePassword); } TTransport receiverTransport = TSSLTransportFactory.getClientSocket(keyElements[1], Integer.parseInt(keyElements[2]), 0, params); TProtocol protocol = new TBinaryProtocol(receiverTransport); return new AuthenticatorService.Client(protocol); } else { try { TrustManager easyTrustManager = new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; // String[] hostNameAndPort = keyElements[3].split(ThriftAuthenticationClientConstants.HOSTNAME_AND_PORT_SEPARATOR); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslContext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", sf, Integer.parseInt(keyElements[2])); DefaultHttpClient client = new DefaultHttpClient(); client.getConnectionManager().getSchemeRegistry().register(httpsScheme); THttpClient tclient = new THttpClient( "https://" + keyElements[1] + ":" + keyElements[2] + "/thriftAuthenticator", client); TProtocol protocol = new TCompactProtocol(tclient); AuthenticatorService.Client authClient = new AuthenticatorService.Client(protocol); tclient.open(); return authClient; } catch (Exception e) { throw new ThriftAuthenticationException( "Cannot create Secure client for " + keyElements[1] + ":" + keyElements[2], e); } } }
From source file:com.foundationdb.http.HttpMonitorVerifySSLIT.java
/** * This code sets up the httpclient to accept any SSL certificate. The * SSL certificate generated by the instructions above is not correctly * signed, so we need ignore the problem. * This code should not, under any circumstances, be allowed anywhere * the production code. // w ww . j a va 2 s . c om * @param base * @return */ private HttpClient wrapClient(HttpClient base) { try { SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { getTrustManager() }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx); ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 8091)); return new DefaultHttpClient(ccm, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }
From source file:com.vmware.photon.controller.common.auth.AuthOIDCClient.java
private IdmClient createIdmClient(String domainControllerFQDN, int domainControllerPort, String user, String password) throws AuthException { try {// w ww. jav a 2 s.co m TrustManagerFactory trustManagerFactory = TrustManagerFactory .getInstance(TrustManagerFactory.getDefaultAlgorithm()); trustManagerFactory.init(certificateStore.getKeyStore()); SSLContext sslContext = SSLContext.getInstance("SSL"); sslContext.init(null, trustManagerFactory.getTrustManagers(), null); IdmClient idmClient = new IdmClient(domainControllerFQDN, domainControllerPort, new DefaultHostnameVerifier(), sslContext); com.vmware.identity.openidconnect.client.AccessToken accessToken = getTokenHandler() .getAdminServerAccessToken(user, password).getAccessToken(); com.vmware.identity.rest.core.client.AccessToken restAccessToken = new com.vmware.identity.rest.core.client.AccessToken( accessToken.getValue(), com.vmware.identity.rest.core.client.AccessToken.Type.JWT); idmClient.setToken(restAccessToken); return idmClient; } catch (NoSuchAlgorithmException | KeyStoreException | KeyManagementException e) { throw new AuthException("Failed to createIdmClient", e); } }
From source file:fr.wseduc.webdav.WebDav.java
private Sardine getSardine(String uri, Message<JsonObject> message) { String host;/*from w w w . ja v a 2 s . c om*/ try { host = new URI(uri).getHost(); } catch (URISyntaxException e) { sendError(message, e.getMessage(), e); return null; } JsonObject credential = credentials.getJsonObject(host); Sardine sardine; if (credential != null) { if (credential.getBoolean("insecure", false)) { sardine = new SardineImpl() { @Override protected ConnectionSocketFactory createDefaultSecureSocketFactory() { SSLConnectionSocketFactory sf = null; TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; try { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, trustAllCerts, null); sf = new SSLConnectionSocketFactory(context, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); } catch (NoSuchAlgorithmException | KeyManagementException e) { logger.error(e.getMessage(), e); } return sf; } }; sardine.setCredentials(credential.getString("username"), credential.getString("password")); } else { sardine = SardineFactory.begin(credential.getString("username"), credential.getString("password")); } sardine.enablePreemptiveAuthentication(host); } else { sardine = SardineFactory.begin(); } return sardine; }
From source file:org.sakuli.services.forwarder.icinga2.Icinga2RestCient.java
private SSLContext getTrustEverythingSSLContext() { try {//from w ww . j ava 2s . co m final SSLContext sslContext = SSLContext.getInstance("SSL"); // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }, new SecureRandom()); return sslContext; } catch (Exception e) { throw new SakuliRuntimeException("Unable to create SSL-Context", e); } }
From source file:org.wso2.carbon.databridge.agent.internal.endpoint.thrift.client.ThriftSecureClientPoolFactory.java
@Override public Object createClient(String protocol, String hostName, int port) throws DataEndpointAgentSecurityException { String trustStore, trustStorePw; if (protocol.equalsIgnoreCase(DataEndpointConfiguration.Protocol.TCP.toString())) { if (params == null) { if (getTrustStore() == null) { trustStore = System.getProperty("javax.net.ssl.trustStore"); if (trustStore == null) { throw new DataEndpointAgentSecurityException("No trustStore found"); } else { setTrustStore(trustStore); }//from w w w .j av a 2 s .c o m } if (getTrustStorePassword() == null) { trustStorePw = System.getProperty("javax.net.ssl.trustStorePassword"); if (trustStorePw == null) { throw new DataEndpointAgentSecurityException("No trustStore password found"); } else { setTrustStorePassword(trustStorePw); } } params = new TSSLTransportFactory.TSSLTransportParameters(); params.setTrustStore(getTrustStore(), getTrustStorePassword()); } TTransport receiverTransport = null; try { receiverTransport = TSSLTransportFactory.getClientSocket(hostName, port, 0, params); TProtocol tProtocol = new TBinaryProtocol(receiverTransport); return new ThriftSecureEventTransmissionService.Client(tProtocol); } catch (TTransportException e) { throw new DataEndpointAgentSecurityException( "Error while trying to connect to " + protocol + "://" + hostName + ":" + port, e); } } else { //TODO:Error thrown when connecting in http in tests... try { TrustManager easyTrustManager = new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslContext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", sf, port); DefaultHttpClient client = new DefaultHttpClient(); client.getConnectionManager().getSchemeRegistry().register(httpsScheme); THttpClient tclient = new THttpClient("https://" + hostName + ":" + port + "/securedThriftReceiver", client); TProtocol tProtocol = new TCompactProtocol(tclient); ThriftSecureEventTransmissionService.Client authClient = new ThriftSecureEventTransmissionService.Client( tProtocol); tclient.open(); return authClient; } catch (Exception e) { throw new DataEndpointAgentSecurityException("Cannot create Secure client for " + "https://" + hostName + ":" + port + "/securedThriftReceiver", e); } } }
From source file:br.com.ararati.operacoes.SocketFactory.java
private SSLContext createSSLContext() { try {//from ww w .j av a 2 s . c o m KeyManager[] keyManagers = createKeyManagers(); TrustManager[] trustManagers = createTrustManagers(); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, trustManagers, null); return sslContext; } catch (KeyManagementException e) { error(e.toString()); } catch (KeyStoreException e) { error(e.toString()); } catch (NoSuchAlgorithmException e) { error(e.toString()); } catch (CertificateException e) { error(e.toString()); } catch (IOException e) { error(e.toString()); } return null; }
From source file:com.strato.hidrive.api.connection.httpgateway.HTTPGateway.java
/** * wrap an httpclient with this stub for prevent ssl unverified exceptions (for testing purposes) *///w ww . ja v a 2 s . c o m public DefaultHttpClient sslStubClient(HttpClient client) { try { X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new StubSSLSocketFactory(ctx); ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = client.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 443)); return new DefaultHttpClient(ccm, client.getParams()); } catch (Exception ex) { return null; } }
From source file:ucar.httpservices.CustomSSLProtocolSocketFactory.java
private SSLContext stdauthentication() throws Exception { SSLContext context = SSLContext.getInstance("TLS"); context.init(null, new TrustManager[] { new CustomX509TrustManager(null) }, null); return context; }