List of usage examples for javax.net.ssl SSLSession getPeerCertificateChain
@SuppressWarnings("removal") @Deprecated(since = "9", forRemoval = true) public javax.security.cert.X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException;
From source file:hello.MyPostHTTP.java
@Override public void onTrigger(final ProcessContext context, final ProcessSession session) { final RequestConfig.Builder requestConfigBuilder = RequestConfig.custom(); requestConfigBuilder.setConnectionRequestTimeout( context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setConnectTimeout( context.getProperty(CONNECTION_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setRedirectsEnabled(false); requestConfigBuilder// w ww. ja v a2s . c o m .setSocketTimeout(context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); final RequestConfig requestConfig = requestConfigBuilder.build(); final StreamThrottler throttler = throttlerRef.get(); final ProcessorLog logger = getLogger(); String lastUrl = null; long bytesToSend = 0L; final List<FlowFile> toSend = new ArrayList<>(); CloseableHttpClient client = null; final String transactionId = UUID.randomUUID().toString(); final ObjectHolder<String> dnHolder = new ObjectHolder<>("none"); while (true) { FlowFile flowFile = session.get(); if (flowFile == null) { break; } final String url = context.getProperty(URL).evaluateAttributeExpressions(flowFile).getValue(); try { new java.net.URL(url); } catch (final MalformedURLException e) { logger.error( "After substituting attribute values for {}, URL is {}; this is not a valid URL, so routing to failure", new Object[] { flowFile, url }); flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); continue; } // If this FlowFile doesn't have the same url, throw it back on the queue and stop grabbing FlowFiles if (lastUrl != null && !lastUrl.equals(url)) { session.transfer(flowFile); break; } lastUrl = url; toSend.add(flowFile); if (client == null) { final Config config = getConfig(url, context); final HttpClientConnectionManager conMan = config.getConnectionManager(); final HttpClientBuilder clientBuilder = HttpClientBuilder.create(); clientBuilder.setConnectionManager(conMan); clientBuilder.addInterceptorFirst(new HttpResponseInterceptor() { @Override public void process(final HttpResponse response, final HttpContext httpContext) throws HttpException, IOException { final HttpCoreContext coreContext = HttpCoreContext.adapt(httpContext); final ManagedHttpClientConnection conn = coreContext .getConnection(ManagedHttpClientConnection.class); if (!conn.isOpen()) { return; } final SSLSession sslSession = conn.getSSLSession(); if (sslSession != null) { final X509Certificate[] certChain = sslSession.getPeerCertificateChain(); if (certChain == null || certChain.length == 0) { throw new SSLPeerUnverifiedException("No certificates found"); } final X509Certificate cert = certChain[0]; dnHolder.set(cert.getSubjectDN().getName().trim()); } } }); clientBuilder.disableAutomaticRetries(); clientBuilder.disableContentCompression(); client = clientBuilder.build(); } bytesToSend += flowFile.getSize(); break; } if (toSend.isEmpty()) { return; } final String url = lastUrl; final HttpPost post = new HttpPost(url); final List<FlowFile> flowFileList = toSend; String userName = "Chris"; String password = "password"; final MultipartEntityBuilder builder = MultipartEntityBuilder.create(); builder.addTextBody("userName", userName); builder.addTextBody("password", password); for (final FlowFile flowFile : flowFileList) { session.read(flowFile, new InputStreamCallback() { @Override public void process(final InputStream rawIn) throws IOException { InputStream in = new ByteArrayInputStream(IOUtils.toByteArray(rawIn)); builder.addBinaryBody("file", in, ContentType.DEFAULT_BINARY, "filename"); } }); } final HttpEntity entity2 = builder.build(); post.setEntity(entity2); post.setConfig(requestConfig); final String contentType; contentType = DEFAULT_CONTENT_TYPE; post.setHeader(CONTENT_TYPE_HEADER, contentType); post.setHeader(FLOWFILE_CONFIRMATION_HEADER, "true"); post.setHeader(PROTOCOL_VERSION_HEADER, PROTOCOL_VERSION); post.setHeader(TRANSACTION_ID_HEADER, transactionId); // Do the actual POST final String flowFileDescription = toSend.size() <= 10 ? toSend.toString() : toSend.size() + " FlowFiles"; final String uploadDataRate; final long uploadMillis; CloseableHttpResponse response = null; try { final StopWatch stopWatch = new StopWatch(true); response = client.execute(post); // consume input stream entirely, ignoring its contents. If we // don't do this, the Connection will not be returned to the pool EntityUtils.consume(response.getEntity()); stopWatch.stop(); uploadDataRate = stopWatch.calculateDataRate(bytesToSend); uploadMillis = stopWatch.getDuration(TimeUnit.MILLISECONDS); } catch (final IOException e) { logger.error("Failed to Post {} due to {}; transferring to failure", new Object[] { flowFileDescription, e }); context.yield(); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } finally { if (response != null) { try { response.close(); } catch (final IOException e) { getLogger().warn("Failed to close HTTP Response due to {}", new Object[] { e }); } } } // If we get a 'SEE OTHER' status code and an HTTP header that indicates that the intent // of the Location URI is a flowfile hold, we will store this holdUri. This prevents us // from posting to some other webservice and then attempting to delete some resource to which // we are redirected final int responseCode = response.getStatusLine().getStatusCode(); final String responseReason = response.getStatusLine().getReasonPhrase(); String holdUri = null; if (responseCode == HttpServletResponse.SC_SEE_OTHER) { final Header locationUriHeader = response.getFirstHeader(LOCATION_URI_INTENT_NAME); if (locationUriHeader != null) { if (LOCATION_URI_INTENT_VALUE.equals(locationUriHeader.getValue())) { final Header holdUriHeader = response.getFirstHeader(LOCATION_HEADER_NAME); if (holdUriHeader != null) { holdUri = holdUriHeader.getValue(); } } } if (holdUri == null) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: sent content and received status code {}:{} but no Hold URI", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } } if (holdUri == null) { if (responseCode == HttpServletResponse.SC_SERVICE_UNAVAILABLE) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: response code was {}:{}; will yield processing, " + "since the destination is temporarily unavailable", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } context.yield(); return; } if (responseCode >= 300) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error("Failed to Post {} to {}: response code was {}:{}", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} at a rate of {}", new Object[] { flowFileDescription, url, FormatUtils.formatMinutesSeconds(uploadMillis, TimeUnit.MILLISECONDS), uploadDataRate }); for (final FlowFile flowFile : toSend) { session.getProvenanceReporter().send(flowFile, url, "Remote DN=" + dnHolder.get(), uploadMillis, true); session.transfer(flowFile, REL_SUCCESS); } return; } // // the response indicated a Hold URI; delete the Hold. // // determine the full URI of the Flow File's Hold; Unfortunately, the responses that are returned have // changed over the past, so we have to take into account a few different possibilities. String fullHoldUri = holdUri; if (holdUri.startsWith("/contentListener")) { // If the Hold URI that we get starts with /contentListener, it may not really be /contentListener, // as this really indicates that it should be whatever we posted to -- if posting directly to the // ListenHTTP component, it will be /contentListener, but if posting to a proxy/load balancer, we may // be posting to some other URL. fullHoldUri = url + holdUri.substring(16); } else if (holdUri.startsWith("/")) { // URL indicates the full path but not hostname or port; use the same hostname & port that we posted // to but use the full path indicated by the response. int firstSlash = url.indexOf("/", 8); if (firstSlash < 0) { firstSlash = url.length(); } final String beforeSlash = url.substring(0, firstSlash); fullHoldUri = beforeSlash + holdUri; } else if (!holdUri.startsWith("http")) { // Absolute URL fullHoldUri = url + (url.endsWith("/") ? "" : "/") + holdUri; } final HttpDelete delete = new HttpDelete(fullHoldUri); delete.setHeader(TRANSACTION_ID_HEADER, transactionId); while (true) { try { final HttpResponse holdResponse = client.execute(delete); EntityUtils.consume(holdResponse.getEntity()); final int holdStatusCode = holdResponse.getStatusLine().getStatusCode(); final String holdReason = holdResponse.getStatusLine().getReasonPhrase(); if (holdStatusCode >= 300) { logger.error( "Failed to delete Hold that destination placed on {}: got response code {}:{}; routing to failure", new Object[] { flowFileDescription, holdStatusCode, holdReason }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} milliseconds at a rate of {}", new Object[] { flowFileDescription, url, uploadMillis, uploadDataRate }); for (final FlowFile flowFile : toSend) { session.getProvenanceReporter().send(flowFile, url); session.transfer(flowFile, REL_SUCCESS); } return; } catch (final IOException e) { logger.warn("Failed to delete Hold that destination placed on {} due to {}", new Object[] { flowFileDescription, e }); } if (!isScheduled()) { context.yield(); logger.warn( "Failed to delete Hold that destination placed on {}; Processor has been stopped so routing FlowFile(s) to failure", new Object[] { flowFileDescription }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } } }
From source file:com.cognitivemedicine.nifi.http.PostHTTP2.java
@Override public void onTrigger(final ProcessContext context, final ProcessSession session) { final boolean sendAsFlowFile = context.getProperty(SEND_AS_FLOWFILE).asBoolean(); final int compressionLevel = context.getProperty(COMPRESSION_LEVEL).asInteger(); final String userAgent = context.getProperty(USER_AGENT).getValue(); final RequestConfig.Builder requestConfigBuilder = RequestConfig.custom(); requestConfigBuilder.setConnectionRequestTimeout( context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setConnectTimeout( context.getProperty(CONNECTION_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setRedirectsEnabled(false); requestConfigBuilder/*w ww . j a va 2s . c o m*/ .setSocketTimeout(context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); final RequestConfig requestConfig = requestConfigBuilder.build(); final StreamThrottler throttler = throttlerRef.get(); final ProcessorLog logger = getLogger(); final Double maxBatchBytes = context.getProperty(MAX_BATCH_SIZE).asDataSize(DataUnit.B); String lastUrl = null; long bytesToSend = 0L; final List<FlowFile> toSend = new ArrayList<>(); DestinationAccepts destinationAccepts = null; CloseableHttpClient client = null; final String transactionId = UUID.randomUUID().toString(); final ObjectHolder<String> dnHolder = new ObjectHolder<>("none"); while (true) { FlowFile flowFile = session.get(); if (flowFile == null) { break; } final String url = context.getProperty(URL).evaluateAttributeExpressions(flowFile).getValue(); try { new java.net.URL(url); } catch (final MalformedURLException e) { logger.error( "After substituting attribute values for {}, URL is {}; this is not a valid URL, so routing to failure", new Object[] { flowFile, url }); flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); continue; } // If this FlowFile doesn't have the same url, throw it back on the queue and stop grabbing FlowFiles if (lastUrl != null && !lastUrl.equals(url)) { session.transfer(flowFile); break; } lastUrl = url; toSend.add(flowFile); if (client == null || destinationAccepts == null) { final Config config = getConfig(url, context); final HttpClientConnectionManager conMan = config.getConnectionManager(); final HttpClientBuilder clientBuilder = HttpClientBuilder.create(); clientBuilder.setConnectionManager(conMan); clientBuilder.setUserAgent(userAgent); clientBuilder.addInterceptorFirst(new HttpResponseInterceptor() { @Override public void process(final HttpResponse response, final HttpContext httpContext) throws HttpException, IOException { HttpCoreContext coreContext = HttpCoreContext.adapt(httpContext); ManagedHttpClientConnection conn = coreContext .getConnection(ManagedHttpClientConnection.class); if (!conn.isOpen()) { return; } SSLSession sslSession = conn.getSSLSession(); if (sslSession != null) { final X509Certificate[] certChain = sslSession.getPeerCertificateChain(); if (certChain == null || certChain.length == 0) { throw new SSLPeerUnverifiedException("No certificates found"); } final X509Certificate cert = certChain[0]; dnHolder.set(cert.getSubjectDN().getName().trim()); } } }); clientBuilder.disableAutomaticRetries(); clientBuilder.disableContentCompression(); final String username = context.getProperty(USERNAME).getValue(); final String password = context.getProperty(PASSWORD).getValue(); // set the credentials if appropriate if (username != null) { final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); if (password == null) { credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username)); } else { credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password)); } ; clientBuilder.setDefaultCredentialsProvider(credentialsProvider); } client = clientBuilder.build(); // determine whether or not destination accepts flowfile/gzip destinationAccepts = config.getDestinationAccepts(); if (destinationAccepts == null) { try { if (sendAsFlowFile) { destinationAccepts = getDestinationAcceptance(client, url, getLogger(), transactionId); } else { destinationAccepts = new DestinationAccepts(false, false, false, false, null); } config.setDestinationAccepts(destinationAccepts); } catch (IOException e) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); logger.error( "Unable to communicate with destination {} to determine whether or not it can accept flowfiles/gzip; routing {} to failure due to {}", new Object[] { url, flowFile, e }); context.yield(); return; } } } // if we are not sending as flowfile, or if the destination doesn't accept V3 or V2 (streaming) format, // then only use a single FlowFile if (!sendAsFlowFile || (!destinationAccepts.isFlowFileV3Accepted() && !destinationAccepts.isFlowFileV2Accepted())) { break; } bytesToSend += flowFile.getSize(); if (bytesToSend > maxBatchBytes.longValue()) { break; } } if (toSend.isEmpty()) { return; } final String url = lastUrl; final HttpPost post = new HttpPost(url); final List<FlowFile> flowFileList = toSend; final DestinationAccepts accepts = destinationAccepts; final boolean isDestinationLegacyNiFi = accepts.getProtocolVersion() == null; final EntityTemplate entity = new EntityTemplate(new ContentProducer() { @Override public void writeTo(final OutputStream rawOut) throws IOException { final OutputStream throttled = (throttler == null) ? rawOut : throttler.newThrottledOutputStream(rawOut); OutputStream wrappedOut = new BufferedOutputStream(throttled); if (compressionLevel > 0 && accepts.isGzipAccepted()) { wrappedOut = new GZIPOutputStream(wrappedOut, compressionLevel); } try (final OutputStream out = wrappedOut) { for (final FlowFile flowFile : flowFileList) { session.read(flowFile, new InputStreamCallback() { @Override public void process(final InputStream rawIn) throws IOException { try (final InputStream in = new BufferedInputStream(rawIn)) { FlowFilePackager packager = null; if (!sendAsFlowFile) { packager = null; } else if (accepts.isFlowFileV3Accepted()) { packager = new FlowFilePackagerV3(); } else if (accepts.isFlowFileV2Accepted()) { packager = new FlowFilePackagerV2(); } else if (accepts.isFlowFileV1Accepted()) { packager = new FlowFilePackagerV1(); } // if none of the above conditions is met, we should never get here, because // we will have already verified that at least 1 of the FlowFile packaging // formats is acceptable if sending as FlowFile. if (packager == null) { StreamUtils.copy(in, out); } else { final Map<String, String> flowFileAttributes; if (isDestinationLegacyNiFi) { // Old versions of NiFi expect nf.file.name and nf.file.path to indicate filename & path; // in order to maintain backward compatibility, we copy the filename & path to those attribute keys. flowFileAttributes = new HashMap<>(flowFile.getAttributes()); flowFileAttributes.put("nf.file.name", flowFile.getAttribute(CoreAttributes.FILENAME.key())); flowFileAttributes.put("nf.file.path", flowFile.getAttribute(CoreAttributes.PATH.key())); } else { flowFileAttributes = flowFile.getAttributes(); } packager.packageFlowFile(in, out, flowFileAttributes, flowFile.getSize()); } } } }); } out.flush(); } } }); entity.setChunked(context.getProperty(CHUNKED_ENCODING).asBoolean()); post.setEntity(entity); post.setConfig(requestConfig); final String contentType; if (sendAsFlowFile) { if (accepts.isFlowFileV3Accepted()) { contentType = APPLICATION_FLOW_FILE_V3; } else if (accepts.isFlowFileV2Accepted()) { contentType = APPLICATION_FLOW_FILE_V2; } else if (accepts.isFlowFileV1Accepted()) { contentType = APPLICATION_FLOW_FILE_V1; } else { logger.error( "Cannot send data to {} because the destination does not accept FlowFiles and this processor is configured to deliver FlowFiles; rolling back session", new Object[] { url }); session.rollback(); context.yield(); return; } } else { final String attributeValue = toSend.get(0).getAttribute(CoreAttributes.MIME_TYPE.key()); contentType = (attributeValue == null) ? DEFAULT_CONTENT_TYPE : attributeValue; } final String attributeHeaderRegex = context.getProperty(ATTRIBUTES_AS_HEADERS_REGEX).getValue(); if (attributeHeaderRegex != null && !sendAsFlowFile && flowFileList.size() == 1) { final Pattern pattern = Pattern.compile(attributeHeaderRegex); final Map<String, String> attributes = flowFileList.get(0).getAttributes(); for (final Map.Entry<String, String> entry : attributes.entrySet()) { final String key = entry.getKey(); if (pattern.matcher(key).matches()) { post.setHeader(entry.getKey(), entry.getValue()); } } } post.setHeader(CONTENT_TYPE, contentType); post.setHeader(FLOWFILE_CONFIRMATION_HEADER, "true"); post.setHeader(PROTOCOL_VERSION_HEADER, PROTOCOL_VERSION); post.setHeader(TRANSACTION_ID_HEADER, transactionId); if (compressionLevel > 0 && accepts.isGzipAccepted()) { post.setHeader(GZIPPED_HEADER, "true"); } // Do the actual POST final String flowFileDescription = toSend.size() <= 10 ? toSend.toString() : toSend.size() + " FlowFiles"; final String uploadDataRate; final long uploadMillis; CloseableHttpResponse response = null; try { final StopWatch stopWatch = new StopWatch(true); response = client.execute(post); // consume input stream entirely, ignoring its contents. If we // don't do this, the Connection will not be returned to the pool EntityUtils.consume(response.getEntity()); stopWatch.stop(); uploadDataRate = stopWatch.calculateDataRate(bytesToSend); uploadMillis = stopWatch.getDuration(TimeUnit.MILLISECONDS); } catch (final IOException e) { logger.error("Failed to Post {} due to {}; transferring to failure", new Object[] { flowFileDescription, e }); context.yield(); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } finally { if (response != null) { try { response.close(); } catch (IOException e) { getLogger().warn("Failed to close HTTP Response due to {}", new Object[] { e }); } } } // If we get a 'SEE OTHER' status code and an HTTP header that indicates that the intent // of the Location URI is a flowfile hold, we will store this holdUri. This prevents us // from posting to some other webservice and then attempting to delete some resource to which // we are redirected final int responseCode = response.getStatusLine().getStatusCode(); final String responseReason = response.getStatusLine().getReasonPhrase(); String holdUri = null; if (responseCode == HttpServletResponse.SC_SEE_OTHER) { final Header locationUriHeader = response.getFirstHeader(LOCATION_URI_INTENT_NAME); if (locationUriHeader != null) { if (LOCATION_URI_INTENT_VALUE.equals(locationUriHeader.getValue())) { final Header holdUriHeader = response.getFirstHeader(LOCATION_HEADER_NAME); if (holdUriHeader != null) { holdUri = holdUriHeader.getValue(); } } } if (holdUri == null) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: sent content and received status code {}:{} but no Hold URI", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } } if (holdUri == null) { if (responseCode == HttpServletResponse.SC_SERVICE_UNAVAILABLE) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: response code was {}:{}; will yield processing, since the destination is temporarily unavailable", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } context.yield(); return; } if (responseCode >= 300) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error("Failed to Post {} to {}: response code was {}:{}", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} at a rate of {}", new Object[] { flowFileDescription, url, FormatUtils.formatMinutesSeconds(uploadMillis, TimeUnit.MILLISECONDS), uploadDataRate }); for (final FlowFile flowFile : toSend) { session.getProvenanceReporter().send(flowFile, url, "Remote DN=" + dnHolder.get(), uploadMillis, true); session.transfer(flowFile, REL_SUCCESS); } return; } // // the response indicated a Hold URI; delete the Hold. // // determine the full URI of the Flow File's Hold; Unfortunately, the responses that are returned have // changed over the past, so we have to take into account a few different possibilities. String fullHoldUri = holdUri; if (holdUri.startsWith("/contentListener")) { // If the Hold URI that we get starts with /contentListener, it may not really be /contentListener, // as this really indicates that it should be whatever we posted to -- if posting directly to the // ListenHTTP component, it will be /contentListener, but if posting to a proxy/load balancer, we may // be posting to some other URL. fullHoldUri = url + holdUri.substring(16); } else if (holdUri.startsWith("/")) { // URL indicates the full path but not hostname or port; use the same hostname & port that we posted // to but use the full path indicated by the response. int firstSlash = url.indexOf("/", 8); if (firstSlash < 0) { firstSlash = url.length(); } final String beforeSlash = url.substring(0, firstSlash); fullHoldUri = beforeSlash + holdUri; } else if (!holdUri.startsWith("http")) { // Absolute URL fullHoldUri = url + (url.endsWith("/") ? "" : "/") + holdUri; } final HttpDelete delete = new HttpDelete(fullHoldUri); delete.setHeader(TRANSACTION_ID_HEADER, transactionId); while (true) { try { final HttpResponse holdResponse = client.execute(delete); EntityUtils.consume(holdResponse.getEntity()); final int holdStatusCode = holdResponse.getStatusLine().getStatusCode(); final String holdReason = holdResponse.getStatusLine().getReasonPhrase(); if (holdStatusCode >= 300) { logger.error( "Failed to delete Hold that destination placed on {}: got response code {}:{}; routing to failure", new Object[] { flowFileDescription, holdStatusCode, holdReason }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} milliseconds at a rate of {}", new Object[] { flowFileDescription, url, uploadMillis, uploadDataRate }); for (FlowFile flowFile : toSend) { session.getProvenanceReporter().send(flowFile, url); session.transfer(flowFile, REL_SUCCESS); } return; } catch (final IOException e) { logger.warn("Failed to delete Hold that destination placed on {} due to {}", new Object[] { flowFileDescription, e }); } if (!isScheduled()) { context.yield(); logger.warn( "Failed to delete Hold that destination placed on {}; Processor has been stopped so routing FlowFile(s) to failure", new Object[] { flowFileDescription }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } } }
From source file:com.cognitivemedicine.nifi.http.PostAdvancedHTTP.java
@Override public void onTrigger(final ProcessContext context, final ProcessSession session) { final boolean sendAsFlowFile = context.getProperty(SEND_AS_FLOWFILE).asBoolean(); final int compressionLevel = context.getProperty(COMPRESSION_LEVEL).asInteger(); final String userAgent = context.getProperty(USER_AGENT).getValue(); final RequestConfig.Builder requestConfigBuilder = RequestConfig.custom(); requestConfigBuilder.setConnectionRequestTimeout( context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setConnectTimeout( context.getProperty(CONNECTION_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); requestConfigBuilder.setRedirectsEnabled(false); requestConfigBuilder//ww w . ja v a2s .co m .setSocketTimeout(context.getProperty(DATA_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS).intValue()); final RequestConfig requestConfig = requestConfigBuilder.build(); final StreamThrottler throttler = throttlerRef.get(); final ProcessorLog logger = getLogger(); final Double maxBatchBytes = context.getProperty(MAX_BATCH_SIZE).asDataSize(DataUnit.B); String lastUrl = null; long bytesToSend = 0L; final List<FlowFile> toSend = new ArrayList<>(); DestinationAccepts destinationAccepts = null; CloseableHttpClient client = null; final String transactionId = UUID.randomUUID().toString(); final ObjectHolder<String> dnHolder = new ObjectHolder<>("none"); while (true) { FlowFile flowFile = session.get(); if (flowFile == null) { break; } final String url = context.getProperty(URL).evaluateAttributeExpressions(flowFile).getValue(); try { new java.net.URL(url); } catch (final MalformedURLException e) { logger.error( "After substituting attribute values for {}, URL is {}; this is not a valid URL, so routing to failure", new Object[] { flowFile, url }); flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); continue; } // If this FlowFile doesn't have the same url, throw it back on the queue and stop grabbing FlowFiles if (lastUrl != null && !lastUrl.equals(url)) { session.transfer(flowFile); break; } lastUrl = url; toSend.add(flowFile); if (client == null || destinationAccepts == null) { final Config config = getConfig(url, context); final HttpClientConnectionManager conMan = config.getConnectionManager(); final HttpClientBuilder clientBuilder = HttpClientBuilder.create(); clientBuilder.setConnectionManager(conMan); clientBuilder.setUserAgent(userAgent); clientBuilder.addInterceptorFirst(new HttpResponseInterceptor() { @Override public void process(final HttpResponse response, final HttpContext httpContext) throws HttpException, IOException { HttpCoreContext coreContext = HttpCoreContext.adapt(httpContext); ManagedHttpClientConnection conn = coreContext .getConnection(ManagedHttpClientConnection.class); if (!conn.isOpen()) { return; } SSLSession sslSession = conn.getSSLSession(); if (sslSession != null) { final X509Certificate[] certChain = sslSession.getPeerCertificateChain(); if (certChain == null || certChain.length == 0) { throw new SSLPeerUnverifiedException("No certificates found"); } final X509Certificate cert = certChain[0]; dnHolder.set(cert.getSubjectDN().getName().trim()); } } }); clientBuilder.disableAutomaticRetries(); clientBuilder.disableContentCompression(); final String username = context.getProperty(USERNAME).getValue(); final String password = context.getProperty(PASSWORD).getValue(); // set the credentials if appropriate if (username != null) { final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); if (password == null) { credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username)); } else { credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password)); } ; clientBuilder.setDefaultCredentialsProvider(credentialsProvider); } client = clientBuilder.build(); // determine whether or not destination accepts flowfile/gzip destinationAccepts = config.getDestinationAccepts(); if (destinationAccepts == null) { try { if (sendAsFlowFile) { destinationAccepts = getDestinationAcceptance(client, url, getLogger(), transactionId); } else { destinationAccepts = new DestinationAccepts(false, false, false, false, null); } config.setDestinationAccepts(destinationAccepts); } catch (IOException e) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); logger.error( "Unable to communicate with destination {} to determine whether or not it can accept flowfiles/gzip; routing {} to failure due to {}", new Object[] { url, flowFile, e }); context.yield(); return; } } } // if we are not sending as flowfile, or if the destination doesn't accept V3 or V2 (streaming) format, // then only use a single FlowFile if (!sendAsFlowFile || (!destinationAccepts.isFlowFileV3Accepted() && !destinationAccepts.isFlowFileV2Accepted())) { break; } bytesToSend += flowFile.getSize(); if (bytesToSend > maxBatchBytes.longValue()) { break; } } if (toSend.isEmpty()) { return; } final String url = lastUrl; final HttpPost post = new HttpPost(url); final List<FlowFile> flowFileList = toSend; final DestinationAccepts accepts = destinationAccepts; final boolean isDestinationLegacyNiFi = accepts.getProtocolVersion() == null; final EntityTemplate entity = new EntityTemplate(new ContentProducer() { @Override public void writeTo(final OutputStream rawOut) throws IOException { final OutputStream throttled = (throttler == null) ? rawOut : throttler.newThrottledOutputStream(rawOut); OutputStream wrappedOut = new BufferedOutputStream(throttled); if (compressionLevel > 0 && accepts.isGzipAccepted()) { wrappedOut = new GZIPOutputStream(wrappedOut, compressionLevel); } try (final OutputStream out = wrappedOut) { for (final FlowFile flowFile : flowFileList) { session.read(flowFile, new InputStreamCallback() { @Override public void process(final InputStream rawIn) throws IOException { try (final InputStream in = new BufferedInputStream(rawIn)) { FlowFilePackager packager = null; if (!sendAsFlowFile) { packager = null; } else if (accepts.isFlowFileV3Accepted()) { packager = new FlowFilePackagerV3(); } else if (accepts.isFlowFileV2Accepted()) { packager = new FlowFilePackagerV2(); } else if (accepts.isFlowFileV1Accepted()) { packager = new FlowFilePackagerV1(); } // if none of the above conditions is met, we should never get here, because // we will have already verified that at least 1 of the FlowFile packaging // formats is acceptable if sending as FlowFile. if (packager == null) { StreamUtils.copy(in, out); } else { final Map<String, String> flowFileAttributes; if (isDestinationLegacyNiFi) { // Old versions of NiFi expect nf.file.name and nf.file.path to indicate filename & path; // in order to maintain backward compatibility, we copy the filename & path to those attribute keys. flowFileAttributes = new HashMap<>(flowFile.getAttributes()); flowFileAttributes.put("nf.file.name", flowFile.getAttribute(CoreAttributes.FILENAME.key())); flowFileAttributes.put("nf.file.path", flowFile.getAttribute(CoreAttributes.PATH.key())); } else { flowFileAttributes = flowFile.getAttributes(); } packager.packageFlowFile(in, out, flowFileAttributes, flowFile.getSize()); } } } }); } out.flush(); } } }); entity.setChunked(context.getProperty(CHUNKED_ENCODING).asBoolean()); post.setEntity(entity); post.setConfig(requestConfig); final String contentType; if (sendAsFlowFile) { if (accepts.isFlowFileV3Accepted()) { contentType = APPLICATION_FLOW_FILE_V3; } else if (accepts.isFlowFileV2Accepted()) { contentType = APPLICATION_FLOW_FILE_V2; } else if (accepts.isFlowFileV1Accepted()) { contentType = APPLICATION_FLOW_FILE_V1; } else { logger.error( "Cannot send data to {} because the destination does not accept FlowFiles and this processor is configured to deliver FlowFiles; rolling back session", new Object[] { url }); session.rollback(); context.yield(); return; } } else { final String attributeValue = toSend.get(0).getAttribute(CoreAttributes.MIME_TYPE.key()); contentType = (attributeValue == null) ? DEFAULT_CONTENT_TYPE : attributeValue; } final String attributeHeaderRegex = context.getProperty(ATTRIBUTES_AS_HEADERS_REGEX).getValue(); if (attributeHeaderRegex != null && !sendAsFlowFile && flowFileList.size() == 1) { final Pattern pattern = Pattern.compile(attributeHeaderRegex); final Map<String, String> attributes = flowFileList.get(0).getAttributes(); for (final Map.Entry<String, String> entry : attributes.entrySet()) { final String key = entry.getKey(); if (pattern.matcher(key).matches()) { post.setHeader(entry.getKey(), entry.getValue()); } } } post.setHeader(CONTENT_TYPE, contentType); post.setHeader(FLOWFILE_CONFIRMATION_HEADER, "true"); post.setHeader(PROTOCOL_VERSION_HEADER, PROTOCOL_VERSION); post.setHeader(TRANSACTION_ID_HEADER, transactionId); if (compressionLevel > 0 && accepts.isGzipAccepted()) { post.setHeader(GZIPPED_HEADER, "true"); } // Do the actual POST final String flowFileDescription = toSend.size() <= 10 ? toSend.toString() : toSend.size() + " FlowFiles"; final String uploadDataRate; final long uploadMillis; String responseContent; CloseableHttpResponse response = null; try { final StopWatch stopWatch = new StopWatch(true); response = client.execute(post); responseContent = EntityUtils.toString(response.getEntity()); stopWatch.stop(); uploadDataRate = stopWatch.calculateDataRate(bytesToSend); uploadMillis = stopWatch.getDuration(TimeUnit.MILLISECONDS); } catch (final IOException e) { logger.error("Failed to Post {} due to {}; transferring to failure", new Object[] { flowFileDescription, e }); context.yield(); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } finally { if (response != null) { try { response.close(); } catch (IOException e) { getLogger().warn("Failed to close HTTP Response due to {}", new Object[] { e }); } } } // If we get a 'SEE OTHER' status code and an HTTP header that indicates that the intent // of the Location URI is a flowfile hold, we will store this holdUri. This prevents us // from posting to some other webservice and then attempting to delete some resource to which // we are redirected final int responseCode = response.getStatusLine().getStatusCode(); final String responseReason = response.getStatusLine().getReasonPhrase(); String holdUri = null; if (responseCode == HttpServletResponse.SC_SEE_OTHER) { final Header locationUriHeader = response.getFirstHeader(LOCATION_URI_INTENT_NAME); if (locationUriHeader != null) { if (LOCATION_URI_INTENT_VALUE.equals(locationUriHeader.getValue())) { final Header holdUriHeader = response.getFirstHeader(LOCATION_HEADER_NAME); if (holdUriHeader != null) { holdUri = holdUriHeader.getValue(); } } } if (holdUri == null) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: sent content and received status code {}:{} but no Hold URI", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } } if (holdUri == null) { if (responseCode == HttpServletResponse.SC_SERVICE_UNAVAILABLE) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error( "Failed to Post {} to {}: response code was {}:{}; will yield processing, since the destination is temporarily unavailable", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } context.yield(); return; } if (responseCode >= 300) { for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); logger.error("Failed to Post {} to {}: response code was {}:{}", new Object[] { flowFile, url, responseCode, responseReason }); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} at a rate of {}", new Object[] { flowFileDescription, url, FormatUtils.formatMinutesSeconds(uploadMillis, TimeUnit.MILLISECONDS), uploadDataRate }); for (FlowFile flowFile : toSend) { flowFile = this.setHttpPostResponse(context, session, responseContent, flowFile); session.getProvenanceReporter().send(flowFile, url, "Remote DN=" + dnHolder.get(), uploadMillis, true); session.transfer(flowFile, REL_SUCCESS); } return; } // // the response indicated a Hold URI; delete the Hold. // // determine the full URI of the Flow File's Hold; Unfortunately, the responses that are returned have // changed over the past, so we have to take into account a few different possibilities. String fullHoldUri = holdUri; if (holdUri.startsWith("/contentListener")) { // If the Hold URI that we get starts with /contentListener, it may not really be /contentListener, // as this really indicates that it should be whatever we posted to -- if posting directly to the // ListenHTTP component, it will be /contentListener, but if posting to a proxy/load balancer, we may // be posting to some other URL. fullHoldUri = url + holdUri.substring(16); } else if (holdUri.startsWith("/")) { // URL indicates the full path but not hostname or port; use the same hostname & port that we posted // to but use the full path indicated by the response. int firstSlash = url.indexOf("/", 8); if (firstSlash < 0) { firstSlash = url.length(); } final String beforeSlash = url.substring(0, firstSlash); fullHoldUri = beforeSlash + holdUri; } else if (!holdUri.startsWith("http")) { // Absolute URL fullHoldUri = url + (url.endsWith("/") ? "" : "/") + holdUri; } final HttpDelete delete = new HttpDelete(fullHoldUri); delete.setHeader(TRANSACTION_ID_HEADER, transactionId); while (true) { try { final HttpResponse holdResponse = client.execute(delete); responseContent = EntityUtils.toString(holdResponse.getEntity()); final int holdStatusCode = holdResponse.getStatusLine().getStatusCode(); final String holdReason = holdResponse.getStatusLine().getReasonPhrase(); if (holdStatusCode >= 300) { logger.error( "Failed to delete Hold that destination placed on {}: got response code {}:{}; routing to failure", new Object[] { flowFileDescription, holdStatusCode, holdReason }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } logger.info("Successfully Posted {} to {} in {} milliseconds at a rate of {}", new Object[] { flowFileDescription, url, uploadMillis, uploadDataRate }); for (FlowFile flowFile : toSend) { flowFile = this.setHttpPostResponse(context, session, responseContent, flowFile); session.getProvenanceReporter().send(flowFile, url); session.transfer(flowFile, REL_SUCCESS); } return; } catch (final IOException e) { logger.warn("Failed to delete Hold that destination placed on {} due to {}", new Object[] { flowFileDescription, e }); } if (!isScheduled()) { context.yield(); logger.warn( "Failed to delete Hold that destination placed on {}; Processor has been stopped so routing FlowFile(s) to failure", new Object[] { flowFileDescription }); for (FlowFile flowFile : toSend) { flowFile = session.penalize(flowFile); session.transfer(flowFile, REL_FAILURE); } return; } } }
From source file:com.dragonflow.StandardMonitor.URLOriginalMonitor.java
/** * /*w w w . j a v a 2 s . c om*/ */ private static long[] checkInternalURL(SocketSession socketsession, String s, String s1, String s2, String s3, String s4, String s5, String s6, String s7, Array array, String s8, String s9, String s10, StringBuffer stringbuffer, long l, String s11, int i, long l1, StringBuffer stringbuffer1, StringBuffer stringbuffer2) { String s12 = ""; if (s.lastIndexOf('#') != -1) { s = s.substring(0, s.lastIndexOf('#')); } if ((debugURL & kDebugRequest) != 0) { LogManager.log("RunMonitor", "checking URL... " + s); } int j = 0; if (socketsession.context.getSetting("_keepTryingForGoodStatus").length() > 0) { j = TextUtils.toInt(socketsession.context.getSetting("_keepTryingForGoodStatus")); } long l2 = kURLNoStatusError; long l3 = 0L; long l4 = System.currentTimeMillis(); long l6 = 0L; long l7 = 0L; long l8 = 0L; long l9 = 0L; long l10 = 0L; long l11 = 0L; long l12 = 0L; boolean flag = false; URLInfo urlinfo = new URLInfo(s); String s16 = urlinfo.getProtocol(); String s17 = urlinfo.getHost(); int k = urlinfo.getConnectPort(); boolean flag1 = false; boolean flag2 = false; if (SocketStream.getSSLFactory() != null) { flag1 = true; if (socketsession.context.getSetting("_sslJavaEnabled").length() > 0) { flag1 = true; } else if (socketsession.context.getSetting("_sslJavaDisabled").length() > 0) { flag1 = false; } } boolean flag3 = false; if (s8.startsWith(NT_CHALLENGE_RESPONSE_TAG)) { s8 = s8.substring(NT_CHALLENGE_RESPONSE_TAG.length()); flag3 = true; } boolean flag4 = false; if (socketsession.context.getSetting("_urlMonitorUseApacheHttpClient").length() > 0) { flag4 = true; } SocketStream socketstream = null; String s18 = getUserAgent(array); if (s18.length() == 0) { s18 = socketsession.context.getSetting("_URLUserAgent"); } String s19 = getSslgetOptions(array); if (s19.length() == 0) { s19 = socketsession.context.getSetting("_sslgetOptions"); } String s20 = socketsession.context.getSetting("_URLMonitorProxyExceptions"); String s21 = null; String s22 = ""; String s23 = ""; String s25 = ""; String s26 = getContentType(array); String s27 = encodeParameters(array, s26); socketsession.addCookieParameters(array, s); if (stringbuffer == null) { stringbuffer = new StringBuffer(kURLBufferSize); } boolean flag5 = socketsession.context.getSetting("_concatURLRedirects").length() != 0; if (flag5 && concatBuffer == null) { concatBuffer = new StringBuffer(kURLBufferSize); } if (s8.length() > 0) { Base64Encoder base64encoder = new Base64Encoder(s8 + ":" + s9); s22 = "Authorization: Basic " + base64encoder.processString() + CRLF; } if (s6.length() > 0) { Base64Encoder base64encoder1 = new Base64Encoder(s6 + ":" + s7); String s24 = base64encoder1.processString(); s25 = "Proxy-Authorization: Basic " + s24 + CRLF; } long l13 = l1 - System.currentTimeMillis(); long l14 = l13 / 1000L; long l15 = -1L; CounterLock counterlock; // 617 try { if (s10.length() != 0) { String s28 = ""; if (s27.length() > 0) { s28 = HTTPRequest.encodeString(s27); } String s32; if (s10.indexOf("get.exe") != -1) { String s36 = socketsession.context.getSetting("_URLRemoteOptions"); if (s36.length() == 0) { s36 = "-ignoreErrors+-ignoreUnknownCA+-x"; } if (flag3 && !s8.startsWith(NT_CHALLENGE_RESPONSE_TAG)) { s8 = NT_CHALLENGE_RESPONSE_TAG + s8; } if (s18.length() > 0) { if (s28.length() > 0) { s28 = s28 + URLEncoder.encode("&"); } s28 = s28 + URLEncoder.encode("User-Agent: " + s18); } if (s19.length() > 0) { if (s28.length() > 0) { s28 = s28 + URLEncoder.encode("&"); } s28 = s28 + URLEncoder.encode("sslgetOptions: " + s19); } if (s11.length() > 0) { String as[] = TextUtils.split(s11, CRLF); for (int k1 = 0; k1 < as.length; k1++) { if (s28.length() > 0) { s28 = s28 + URLEncoder.encode("&"); } if (getHeaderType(as[k1]) < 0) { s28 = s28 + URLEncoder.encode("Custom-Header: "); } String s46 = as[k1]; int i3 = s46.indexOf("&"); if (i3 >= 0 && !s46.startsWith(URLSequenceMonitor.refererStartToken)) { s46 = s46.substring(0, i3); } s28 = s28 + URLEncoder.encode(s46); } } String s13 = socketsession.getCookieHeader(s, true); if (s13.length() > 0) { String s40 = ""; if (s36.endsWith("-x")) { s40 = "-x"; s36 = s36.substring(0, s36.length() - 2); } String as2[] = TextUtils.split(s13, CRLF); for (int j2 = 0; j2 < as2.length; j2++) { s36 = s36 + "-c+%22" + URLEncoder.encode(as2[j2]) + "%22+"; } s36 = s36 + s40; } s32 = s10 + "?" + s36 + "+%22" + URLEncoder.encode(s) + "%22" + "+%22" + l14 + "%22" + "+%22" + URLEncoder.encode(s8) + "%22" + "+%22" + URLEncoder.encode(s9) + "%22" + "+%22" + s28 + "%22" + "+%22" + URLEncoder.encode(s5) + "%22" + "+%22" + URLEncoder.encode(s6) + "%22" + "+%22" + URLEncoder.encode(s7) + "%22"; } else if (s10.indexOf("port.exe") != -1) { s32 = s10 + "&host=" + s; } else { s32 = s10 + "?host=" + s; } Array array2 = null; String s41 = ""; String s43 = ""; String s47 = ""; String s49 = ""; String s51 = ""; String s54 = ""; String s56 = ""; if (Platform.isPortal()) { String s59 = HTTPUtils.getLocationIDByURL(s10); if (Portal.isPortalID(s59)) { PortalSiteView portalsiteview = (PortalSiteView) Portal.getSiteViewForID(s59); if (portalsiteview != null) { s41 = portalsiteview.getProperty(PortalSiteView.pUserName); s43 = portalsiteview.getProperty(PortalSiteView.pPassword); s49 = portalsiteview.getProperty(PortalSiteView.pProxy); s51 = portalsiteview.getProperty(PortalSiteView.pProxyUserName); s54 = portalsiteview.getProperty(PortalSiteView.pProxyPassword); } } } int k3 = i; if (socketsession.context == null) ; CounterLock counterlock1 = null; if (!socketsession.inRemoteRequest) { counterlock1 = getLocationLock(socketsession.context, s10, s); } try { long l18 = System.currentTimeMillis() + (l14 + 30L) * 1000L; socketsession.inRemoteRequest = true; long al2[] = check1URL(socketsession, s32, s1, s2, s3, s4, s49, s51, s54, array2, s41, s43, s47, stringbuffer, l, s56, k3, l18, stringbuffer1, stringbuffer2); l2 = al2[0]; if (j > 0) { l2 = getURLStatus_ForBackupToRegularMeansOnly(socketsession, l2, s32, 0, j); } if (debugURL != 0) { System.out.println("Status1: " + l2); } l3 = al2[1]; } finally { socketsession.inRemoteRequest = false; if (counterlock1 != null) { releaseLocationLock(counterlock1); } } String s65 = stringbuffer.toString(); int i4 = s65.length(); stringbuffer.setLength(0); int j4 = 0; while (j4 < i4) { int k4 = s65.indexOf("\r\r\n", j4); if (k4 < 0) { stringbuffer.append(s65.substring(j4)); break; } stringbuffer.append(s65.substring(j4, k4) + "\r\n"); j4 = k4 + 3; } String s68 = stringbuffer.toString(); if (s10.indexOf("get.exe") != -1) { String s70 = "URLMonitorDuration: "; int k5 = s68.lastIndexOf(s70); if (k5 != -1) { l3 = TextUtils.toLong(s68.substring(k5 + s70.length(), k5 + s70.length() + 10)); } s70 = "URLMonitorStatus: "; k5 = s68.lastIndexOf(s70); long l21 = l2; if (k5 != -1) { l21 = TextUtils.toLong(s68.substring(k5 + s70.length(), k5 + s70.length() + 10)); } if (l21 != 200L || l2 != (long) kURLContentMatchError && l2 != (long) kURLContentErrorFound) { if (k5 != -1) { l2 = l21; if (debugURL != 0) { System.out.println("Status2 ssl: " + l2); } } else { int j6 = s68.length(); if (j6 > 500) { j6 = 500; } String s78 = s68.substring(0, j6); if (j > 0) { l21 = getURLStatus_ForBackupToRegularMeansOnly(socketsession, l21, s32, 0, j); } LogManager.log("Error", "Remote URL error, [" + HTTPUtils.getLocationIDByURL(s10) + "] " + lookupStatus(l2) + ", " + s10 + ", " + s + ", detail: " + s78); l2 = kURLRemoteMonitoringError; if (debugURL != 0) { System.out.println("Status3 kURLRemoteMonitoringError: " + l2); } } } } s68 = getHTTPContent(s68); int i5 = s68.lastIndexOf("\r\nURLMonitorStatus: "); if (i5 >= 0) { s68 = s68.substring(0, i5); } stringbuffer.setLength(0); stringbuffer.append(s68); l12 = stringbuffer.length(); } else { if (flag3 || s16.equals("https") && !flag1 || flag4) { flag2 = true; counterlock = null; try { if (s16.equals("https")) { counterlock = getSSLGroupLock(socketsession.context); } if (flag4) { Vector vector = new Vector(); if (socketsession.context.getSetting("_sslKeepAlive").length() > 0) { if (s5.length() > 0) { vector.add(new Header("Proxy-Connection", "Keep-Alive")); } else { vector.add(new Header("Connection", "Keep-Alive")); } } vector.add(new Header("User-Agent", s18)); Header header = socketsession.getCookieHeader(s); if (header != null) { vector.add(header); } if (s27.length() > 0) { vector.add(new Header("Content-Type", s26)); } String s42 = ""; HTTPRequestSettings httprequestsettings = new HTTPRequestSettings(s, s8, s9, s42, null, s5, s6, s7, vector, 1, (int) l13, (int) l13); StringBuffer stringbuffer3 = new StringBuffer(); ApacheHttpMethod apachehttpmethod = null; long l17 = System.currentTimeMillis(); apachehttpmethod = ApacheHttpUtils.getRequest(httprequestsettings, stringbuffer3); l3 = System.currentTimeMillis() - l17; l2 = apachehttpmethod.getStatusCode(); if (apachehttpmethod.getResponseBodyAsString() != null) { stringbuffer2.append(apachehttpmethod.getResponseBodyAsString()); } if (apachehttpmethod.getResponseBody() != null) { l12 = apachehttpmethod.getResponseBody().length; } } else { if (s5 == null) { s5 = ""; } Array array1 = new Array(); array1.add(Platform.getRoot() + "/tools/sslget"); if (s19.length() > 0) { Array array3 = Platform.split(' ', s19); Enumeration enumeration = array3.elements(); while (enumeration.hasMoreElements()) { array1.add(enumeration.nextElement()); } } if (socketsession.context.getSetting("_sslKeepAlive").length() > 0) { array1.add("-keepAlive"); } boolean flag6 = socketsession.context.getSetting("_urlUnixSSL").length() == 0; array1.add("-agent"); array1.add("\"" + s18 + "\""); String s14 = s11; s14 = socketsession.getCookieHeader(s, flag6) + s14; if (s14.length() > 0) { String as1[] = TextUtils.split(s14, CRLF); for (int i2 = 0; i2 < as1.length; i2++) { array1.add("-c"); array1.add("\"" + as1[i2] + "\""); } } if (s27.length() > 0) { array1.add("-c"); array1.add("\"" + CONTENT_TYPE_HEADER + s26 + "\""); } if (array != null) { Enumeration enumeration1 = array.elements(); while (enumeration1.hasMoreElements()) { String s44 = (String) enumeration1.nextElement(); if (TextUtils.startsWithIgnoreCase(s44, CUSTOM_HEADER)) { array1.add("-c"); array1.add("\"" + s44.substring(CUSTOM_HEADER.length()) + "\""); } } } array1.add("-x"); array1.add(s); array1.add("" + l14); array1.add("\"" + s8 + "\""); array1.add("\"" + s9 + "\""); array1.add("\"" + s27 + "\""); if (!hostIsProxyException(s20, s)) { array1.add("\"" + s5 + "\""); } else { array1.add("\"\""); } array1.add("\"" + s6 + "\""); array1.add("\"" + s7 + "\""); SSLCounter++; if (sslLock.current() == 0) { LogManager.log("RunMonitor", "ssl block, " + ((sslLock.max - sslLock.current()) + 1) + ", " + s); } else { LogManager.log("RunMonitor", "ssl start, " + SSLCounter + ", " + s); } Array array4 = new Array(); l2 = sendSSLRequest(urlinfo.getHost(), socketsession, array1, sslLock, array4); if (debugURL != 0) { System.out.println("Status4 sendSSLRequest: " + l2); } SSLCounter--; Enumeration enumeration2 = array4.elements(); int k2 = 0; boolean flag7 = false; l12 = -1L; String s52 = "URLMonitorStatus:"; String s55 = "URLMonitorDuration:"; String s57 = "URLMonitorDNSDuration:"; String s60 = "URLMonitorConnectDuration:"; String s62 = "URLMonitorResponseDuration:"; String s66 = "URLMonitorDownloadDuration:"; boolean flag8 = true; while (enumeration2.hasMoreElements()) { String s69 = (String) enumeration2.nextElement(); if (stringbuffer2 != null) { stringbuffer2.append(s69 + "\n"); } if (++k2 > 2) { int j5 = s69.indexOf(s52); if (j5 >= 0) { String s71 = s69.substring(s69.length() - 10); l2 = TextUtils.toLong(s71); if (debugURL != 0) { System.out.println("Status5 statusString: " + l2); } flag8 = false; } int i6 = s69.indexOf(s55); if (i6 >= 0) { String s72 = s69.substring(s69.length() - 10); l3 = TextUtils.toLong(s72); } i6 = s69.indexOf(s57); if (i6 >= 0) { String s73 = s69.substring(s69.length() - 10); l6 = TextUtils.toLong(s73); } i6 = s69.indexOf(s60); if (i6 >= 0) { String s74 = s69.substring(s69.length() - 10); l7 = TextUtils.toLong(s74); } i6 = s69.indexOf(s62); if (i6 >= 0) { String s75 = s69.substring(s69.length() - 10); l8 = TextUtils.toLong(s75); } i6 = s69.indexOf(s66); if (i6 >= 0) { String s76 = s69.substring(s69.length() - 10); l9 = TextUtils.toLong(s76); } if (k2 == 4 && s69.length() == 0) { flag7 = true; } if ((!flag7 || k2 % 2 != 0 || s69.length() != 0) && flag8) { stringbuffer.append(s69); stringbuffer.append('\n'); } } } LogManager.log("RunMonitor", "SSL END, " + SSLCounter + ", " + l3 + " " + s); l12 = stringbuffer.length(); } if (counterlock != null) { releaseSSLGroupLock(counterlock); } } catch (Exception exception1) { if (counterlock != null) { releaseSSLGroupLock(counterlock); } throw exception1; } } else { String s29 = urlinfo.getFile(); String s33 = getHostHeader(array, s17, k, s16); String s37 = null; int j1 = -1; if (s5.length() != 0 && !isProxyException(s20, s17)) { if (!s5.startsWith("http://")) { s5 = "http://" + s5; } j1 = k; s37 = s17; URLInfo urlinfo1 = new URLInfo(s5); s17 = urlinfo1.getHost(); k = urlinfo1.getConnectPort(); if (!s16.equals("https")) { if (s29.equals("/") && !s.endsWith("/")) { s29 = s + "/"; } else { s29 = s; } } } String s45 = socketsession.getCookieHeader(s, false); String s48 = getRequestCommand(array); String s50 = socketsession.getVersion(); String s53 = getRequestProtocol(array); if (s53.endsWith("/")) { s53 = s53 + s50; } String s15 = s11; int j3 = -1; String s58 = s15; if ((j3 = s15.indexOf("&" + URLSequenceMonitor.refererEndToken)) != -1) { s15 = s58.substring(0, j3); s15 = s15 + s58.substring(j3 + ("&" + URLSequenceMonitor.refererEndToken).length()); } if (s15.length() > 0 && !s15.endsWith(CRLF)) { s15 = s15 + CRLF; } if (array != null) { Enumeration enumeration3 = array.elements(); while (enumeration3.hasMoreElements()) { String s63 = (String) enumeration3.nextElement(); if (TextUtils.startsWithIgnoreCase(s63, CUSTOM_HEADER)) { s15 = s15 + s63.substring(CUSTOM_HEADER.length()) + CRLF; } } } String s61 = socketsession.getStreamEncoding(); String s64 = ""; if (s61.length() > 0) { s64 = "Accept-charset: " + s61 + CRLF; } String s67 = s48 + " " + s29 + " " + s53 + CRLF + "User-Agent: " + s18 + CRLF + s64 + "Accept: */*" + CRLF + "Host: " + s33 + CRLF + s22 + s25 + s45 + s15; if (s27.length() == 0) { s67 = s67 + CRLF; } else { if (s61.length() > 0) { s64 = "; charset=" + s61; } s67 = s67 + CONTENT_TYPE_HEADER + s26 + s64 + CRLF + "Content-length: " + s27.length() + CRLF + CRLF + s27; } long l5 = System.currentTimeMillis(); long l19 = l5; InetAddress inetaddress = InetAddress.getByName(s17); long l20 = System.currentTimeMillis(); l6 = l20 - l19; String s77 = Platform.dottedIPString(inetaddress.getAddress()) + ":" + k; l19 = l20; socketstream = socketsession.connect(s77, inetaddress, k, s16, s37, j1, s6, s7, l1); l20 = System.currentTimeMillis(); l7 = l20 - l19; Socket socket = socketstream.socket; int k6 = (int) (l1 - System.currentTimeMillis()); if ((long) k6 <= kTimedOutValue) { throw new InterruptedIOException(); } if (s16.equals("https") && socketsession.context.getSetting("_urlCertDays").length() > 0) { try { SSLSession sslsession = ((SSLSocket) socketstream.socket).getSession(); X509Certificate ax509certificate[] = sslsession.getPeerCertificateChain(); int j7 = 0; for (int k7 = 0; k7 < ax509certificate.length; k7++) { X509Certificate x509certificate = ax509certificate[k7]; long l22 = System.currentTimeMillis(); long l23 = l22 + 0x5265c00L; int i8 = 0; while (true) { Date date = new Date(l23); try { x509certificate.checkValidity(date); } catch (CertificateExpiredException certificateexpiredexception) { if (i8 == 0) { i8++; } break; } catch (CertificateNotYetValidException certificatenotyetvalidexception) { break; } i8++; l23 += 0x5265c00L; } if (i8 <= 0) { continue; } if (j7 == 0) { j7 = i8; continue; } if (j7 > i8) { j7 = i8; } } if (j7 > 1) { l15 = j7; } if (j7 == 1) { l15 = 0L; } } catch (SSLPeerUnverifiedException sslpeerunverifiedexception) { /* empty */ } } Platform.setSocketTimeout(socket, k6); if ((debugURL & kDebugRequest) != 0) { LogManager.log("RunMonitor", "sending request... " + s67); } l19 = System.currentTimeMillis(); socketstream.transmit(s67); if (stringbuffer2 != null) { stringbuffer2.append(s67); } if ((debugURL & kDebugRequest) != 0) { LogManager.log("RunMonitor", "request sent"); } long al3[]; if (s50.equals("1.0")) { al3 = fillBuffer(socketsession, socketstream, l1, stringbuffer, l, l19); } else { al3 = fillBufferParse(s48, socketsession, socketstream, socket, l1, stringbuffer, l, l19); } if (stringbuffer2 != null) { stringbuffer2.append(stringbuffer.toString()); } if (!socketstream.receivedReply || al3.length > 2 && al3[2] == -1L) { socketstream.receivedEndOfStreamOnFirst = false; LogManager.log("RunMonitor", "reopening connection to " + inetaddress); socketstream.reconnect(); l19 = l20; socketstream = socketsession.connect(s77, inetaddress, k, s16, s37, j1, s6, s7, l1); l20 = System.currentTimeMillis(); l7 += l20 - l19; Socket socket1 = socketstream.socket; int i7 = (int) (l1 - System.currentTimeMillis()); if ((long) i7 <= kTimedOutValue) { throw new InterruptedIOException(); } Platform.setSocketTimeout(socket1, i7); if (debugURL != 0) { LogManager.log("RunMonitor", "sending request2..." + s67); System.out.println("URLOriginalMonitor : sending request2..." + s67); } l19 = System.currentTimeMillis(); socketstream.transmit(s67); if (stringbuffer2 != null) { stringbuffer2.append(s67); } if (debugURL != 0) { LogManager.log("RunMonitor", "request2 sent"); System.out.println("URLOriginalMonitor : request2 sent"); } if (s50.equals("1.0")) { al3 = fillBuffer(socketsession, socketstream, l1, stringbuffer, l, l19); } else { al3 = fillBufferParse(s48, socketsession, socketstream, socket1, l1, stringbuffer, l, l19); } if (stringbuffer2 != null) { stringbuffer2.append(stringbuffer.toString()); } } l12 = al3[0]; l8 = al3[1]; l20 = System.currentTimeMillis(); l9 = l20 - l19 - l8; l3 = l20 - l5; if ((debugURL & kDebugIO) != 0) { LogManager.log("RunMonitor", "total, duration: " + l3 + ", clock: " + System.currentTimeMillis()); } } } // 5637 if ((debugURL & kDebugData) != 0) { LogManager.log("RunMonitor", "content=" + stringbuffer); } URLScannerInputStream urlscannerinputstream = new URLScannerInputStream(stringbuffer, l2); urlscannerinputstream.parse(); if (urlscannerinputstream.contentLength != -1L) { l12 = urlscannerinputstream.contentLength; } l10 = urlscannerinputstream.lastModified; l11 = urlscannerinputstream.date; s21 = urlscannerinputstream.location; l2 = urlscannerinputstream.status; if (j > 0) { l2 = getURLStatus_ForBackupToRegularMeansOnly(socketsession, l2, s, 0, j); } if (debugURL != 0) { System.out.println("Status6 scanner.status: " + l2); } if ((debugURL & kDebugReply) != 0) { if (l2 != 200L) { LogManager.log("RunMonitor", "status=" + l2 + ", reply=" + stringbuffer); } else { LogManager.log("RunMonitor", "status=" + l2); } } if (socketstream != null) { socketstream.keepAlive = urlscannerinputstream.isKeepAlive(); } if (!socketsession.inRemoteRequest) { flag = urlscannerinputstream.refreshRedirect; } // 5905 } catch (UnknownHostException e) { l2 = kURLBadHostNameError; if (debugURL != 0) { System.out.println("Status7 kURLBadHostNameError: " + l2 + " exception: " + e.toString()); } } catch (InterruptedIOException e) { l2 = kURLTimeoutError; if (debugURL != 0) { System.out.println("Status8 kURLTimeoutError: " + l2 + " exception: " + e.toString()); } } catch (SocketException e) { if (debugURL != 0) { e.printStackTrace(); LogManager.log("RunMonitor", "socket exception, " + e); } if (Platform.noRoute(e)) { l2 = kURLNoRouteToHostError; if (debugURL != 0) { System.out.println("Status9 kURLNoRouteToHostError: " + l2 + " exception: " + e.toString()); } } else { l2 = kURLNoConnectionError; if (debugURL != 0) { System.out.println("Status10 kURLNoConnectionError: " + l2 + " exception: " + e.toString()); } if (Platform.isWindows()) { l2 = kSSL2NotFoundError; if (debugURL != 0) { System.out.println("Status11 kSSL2NotFoundError: " + l2 + " exception: " + e.toString()); } } } } catch (Exception e) { String s34 = e.getClass() + ", " + e.getMessage(); if (s34.indexOf("SSLException") != -1 && Platform.isWindows()) { String s38 = s17 + ":" + k; addSSL2Only(s38, s + ", " + s34); l2 = kSSL2NotFoundError; if (debugURL != 0) { System.out.println("Status12 kSSL2NotFoundError: " + l2 + " exception: " + e.toString()); } } else { e.printStackTrace(); l2 = kSSL2NotFoundError; if (debugURL != 0) { System.out.println("Status13 kSSL2NotFoundError: " + l2 + " exception: " + e.toString()); } } } finally { if (j > 0) { l2 = getURLStatus_ForBackupToRegularMeansOnly(socketsession, l2, s, 0, j); } if (socketstream != null) { if (socketstream.receivedEndOfStreamOnFirst) { String s79 = s17 + ":" + k; addSSL2Only(s79, s + ", " + " first line null"); l2 = kSSL2NotFoundError; if (debugURL != 0) { System.out.println("Status14 kSSL2NotFoundError: " + l2); } socketstream.receivedEndOfStreamOnFirst = false; } socketsession.release(socketstream); } } // 6637 if (200L < l2 && l2 < 300L && socketsession.context.getSetting("_urlEnable2xxStatus").length() == 0) { l2 = 200L; } if (debugURL != 0) { System.out.println("Status15 200: " + l2); } if (l2 == 301L || l2 == 302L || l2 == 303L || l2 == 307L || flag) { if (s21 != null) { s21 = TextUtils.unescapeHTML(s21); s21 = resolveURL(s21, new URLInfo(s1), ""); socketsession.refererURL = s21; long l16 = socketsession.context.getSettingAsLong("_urlRedirectMax", DEFAULT_MAX_REDIRECTS); if ((long) i <= l16) { if ((debugURL & kDebugRequest) != 0) { LogManager.log("RunMonitor", "redirect=" + s21); } socketsession.updateCookies(stringbuffer.toString(), s); if (stringbuffer1 != null) { stringbuffer1.setLength(0); stringbuffer1.append(s21); } if (flag5 && concatBuffer != null) { concatBuffer.append(stringbuffer.toString()); } stringbuffer.setLength(0); s8 = socketsession.originalUserName; s9 = socketsession.originalPassword; long al1[] = check1URL(socketsession, s21, s21, s2, s3, s4, s5, s6, s7, null, s8, s9, s2, stringbuffer, l, s11, i + 1, l1, stringbuffer1, stringbuffer2); l2 = al1[0]; if (j > 0) { l2 = getURLStatus_ForBackupToRegularMeansOnly(socketsession, l2, s21, 0, j); } if (debugURL != 0) { System.out.println("Status16 redirectResult: " + l2); } l10 = al1[3]; l11 = al1[4]; l3 += al1[1]; l12 += al1[2]; l6 += al1[5]; l7 += al1[6]; l8 += al1[7]; l9 += al1[8]; } } } else { if (l2 == (long) kURLNoStatusError) { if (socketsession.context.getSetting("_urlAllowNoStatus").length() > 0) { l2 = kURLok; if (debugURL != 0) { System.out.println("Status17 kURLok: " + l2); } } else { LogManager.log("Error", "URL missing status: " + s); } } if (flag5 && concatBuffer != null) { concatBuffer.append(stringbuffer.toString()); stringbuffer.setLength(0); stringbuffer.append(concatBuffer.toString()); concatBuffer = null; } String s30 = I18N.UnicodeToString(stringbuffer.toString(), I18N.nullEncoding()); if (l2 == 200L && s4.length() != 0) { int i1 = TextUtils.matchExpression(s30, s4); if (i1 != Monitor.kURLok && I18N.hasUnicode(s4)) { String s39 = getHTMLEncoding(s30); i1 = TextUtils.matchExpression(s30, I18N.UnicodeToString(s4, s39)); } if (i1 == 200) { l2 = kURLContentErrorFound; } if (debugURL != 0) { System.out.println("Status18 kURLContentErrorFound: " + l2); } } if (l2 == 200L && s3.length() != 0) { l2 = TextUtils.matchExpression(s30, s3); if (debugURL != 0) { System.out.println("Status19 TextUtils.matchExpression(contents,match): " + l2); } if (l2 != (long) Monitor.kURLok && I18N.hasUnicode(s3)) { String s35 = getHTMLEncoding(s30); l2 = TextUtils.matchExpression(s30, I18N.UnicodeToString(s3, s35)); if (debugURL != 0) { System.out.println( "Status20 TextUtils.matchExpression(contents, I18N.UnicodeToString(match,encoding): " + l2); } } } } if (socketsession.context.getSetting("_urlDetailLogEnabled").length() > 0 && s.indexOf("get.exe") == -1) { String s31 = ""; if (s10.length() > 0) { s31 = "[" + HTTPUtils.getLocationIDByURL(s10) + "]"; } LogManager.log(socketsession.context.getSetting(pURLLogName), s31 + s + "\t" + l2 + "\t" + l3 + "\t" + l12 + "\t" + l10 + "\t" + l11 + "\t" + l6 + "\t" + l7 + "\t" + l8 + "\t" + l9 + "\t" + socketsession.context.getProperty(pName) + "\t" + socketsession.context.getProperty(pGroupID) + "\t" + socketsession.context.getProperty(pID)); } if (!socketsession.inRemoteRequest) { internalURLs++; internalURLBytes += l12; internalURLDuration += l3; if (l2 != 200L) { internalURLErrors++; } } if (s10.length() > 0) { internalRemoteURLs++; internalRemoteBytes += l12; internalRemoteDuration += l3; if (l2 != 200L) { internalRemoteErrors++; } } else if (s16.equals("https")) { if (flag2) { internalSecureURLs++; internalSecureBytes += l12; internalSecureDuration += l3; if (l2 != 200L) { internalSecureErrors++; } } else { internalSecureJavaURLs++; internalSecureJavaBytes += l12; internalSecureJavaDuration += l3; if (l2 != 200L) { internalSecureJavaErrors++; } } } else if (!socketsession.inRemoteRequest) { internalJavaURLs++; internalJavaBytes += l12; internalJavaDuration += l3; if (l2 != 200L) { internalJavaErrors++; } } long al[] = new long[10]; al[0] = l2; if (debugURL != 0) { System.out.println("Status21 #############################results[0]: " + l2); } al[1] = l3; al[2] = l12; al[3] = l10; al[4] = l11; al[5] = l6; al[6] = l7; al[7] = l8; al[8] = l9; al[9] = l15; return al; }
From source file:net.sourceforge.myvd.quickstart.util.GetSSLCert.java
private void getCert(SSLSocket socket) throws SSLPeerUnverifiedException { SSLSession session = socket.getSession(); javax.security.cert.X509Certificate[] certs = session.getPeerCertificateChain(); if (this.cert == null) { this.cert = certs[certs.length - 1]; }/* w w w.j av a 2s . com*/ }
From source file:nl.nn.adapterframework.http.AuthSSLProtocolSocketFactoryBase.java
/** * Describe <code>verifyHostname</code> method here. * * @param socket a <code>SSLSocket</code> value * @exception SSLPeerUnverifiedException If there are problems obtaining * the server certificates from the SSL session, or the server host name * does not match with the "Common Name" in the server certificates * SubjectDN.// w ww . ja v a 2 s . co m * @exception UnknownHostException If we are not able to resolve * the SSL sessions returned server host name. */ protected void verifyHostname(SSLSocket socket) throws SSLPeerUnverifiedException, UnknownHostException { if (!verifyHostname) return; SSLSession session = socket.getSession(); if (session == null) { throw new UnknownHostException("could not obtain session from socket"); } String hostname = session.getPeerHost(); try { InetAddress.getByName(hostname); } catch (UnknownHostException uhe) { String msg = "Could not resolve SSL sessions server hostname: " + hostname; // Under WebSphere, hostname can be equal to proxy-hostname log.warn(msg, uhe); // throw new UnknownHostException(msg); } javax.security.cert.X509Certificate[] certs = session.getPeerCertificateChain(); if (certs == null || certs.length == 0) throw new SSLPeerUnverifiedException("No server certificates found!"); //get the servers DN in its string representation String dn = certs[0].getSubjectDN().getName(); //might be useful to print out all certificates we receive from the //server, in case one has to debug a problem with the installed certs. if (log.isInfoEnabled()) { log.info("Server certificate chain:"); for (int i = 0; i < certs.length; i++) { log.info("X509Certificate[" + i + "]=" + certs[i]); } } //get the common name from the first cert String cn = getCN(dn); if (hostname.equalsIgnoreCase(cn)) { if (log.isInfoEnabled()) { log.info("Target hostname valid: " + cn); } } else { throw new SSLPeerUnverifiedException( "HTTPS hostname invalid: expected '" + hostname + "', received '" + cn + "'"); } }
From source file:org.apache.synapse.transport.nhttp.HttpCoreNIOSSLSender.java
private SSLSetupHandler createSSLSetupHandler(final String hostnameVerifier, final CertificateVerificationConfig cvConfig) throws AxisFault { return new SSLSetupHandler() { public void initalize(SSLEngine sslengine) { }// www . ja v a 2 s . c om public void verify(IOSession ioSession, SSLSession session) throws SSLException { SocketAddress remoteAddress = ioSession.getRemoteAddress(); String address; if (remoteAddress instanceof InetSocketAddress) { address = ((InetSocketAddress) remoteAddress).getHostName(); } else { address = remoteAddress.toString(); } boolean valid = false; //Do HostName verification. if (hostnameVerifier != null) { if ("Strict".equals(hostnameVerifier)) { valid = HostnameVerifier.STRICT.verify(address, session); } else if ("AllowAll".equals(hostnameVerifier)) { valid = HostnameVerifier.ALLOW_ALL.verify(address, session); } else if ("DefaultAndLocalhost".equals(hostnameVerifier)) { valid = HostnameVerifier.DEFAULT_AND_LOCALHOST.verify(address, session); } } else { valid = HostnameVerifier.DEFAULT.verify(address, session); } if (!valid) { throw new SSLException("Host name verification failed for host : " + address); } if (cvConfig != null) { try { ocspCrl.verifyRevocationStatus(session.getPeerCertificateChain(), cvConfig.getCacheSize(), cvConfig.getCacheDuration()); } catch (CertificateVerificationException e) { throw new SSLException("Certificate chain validation failed for host : " + address, e); } } } }; }
From source file:org.apache.tomcat.util.net.jsse.JSSESupport.java
protected java.security.cert.X509Certificate[] getX509Certificates(SSLSession session) throws IOException { X509Certificate jsseCerts[] = null; try {// w ww . j a v a 2 s . co m jsseCerts = session.getPeerCertificateChain(); } catch (Throwable ex) { // Get rid of the warning in the logs when no Client-Cert is // available } if (jsseCerts == null) jsseCerts = new X509Certificate[0]; java.security.cert.X509Certificate[] x509Certs = new java.security.cert.X509Certificate[jsseCerts.length]; for (int i = 0; i < x509Certs.length; i++) { try { byte buffer[] = jsseCerts[i].getEncoded(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); ByteArrayInputStream stream = new ByteArrayInputStream(buffer); x509Certs[i] = (java.security.cert.X509Certificate) cf.generateCertificate(stream); if (log.isTraceEnabled()) log.trace("Cert #" + i + " = " + x509Certs[i]); } catch (Exception ex) { log.info("Error translating " + jsseCerts[i], ex); return null; } } if (x509Certs.length < 1) return null; return x509Certs; }
From source file:org.apache.tomcat.util.net.jsse.JSSESupport.java
public Object[] getPeerCertificateChain(boolean force) throws IOException { // Look up the current SSLSession SSLSession session = ssl.getSession(); if (session == null) return null; // Convert JSSE's certificate format to the ones we need X509Certificate[] jsseCerts = null; try {/* w ww.ja v a2 s .com*/ jsseCerts = session.getPeerCertificateChain(); } catch (Exception bex) { // ignore. } if (jsseCerts == null) jsseCerts = new X509Certificate[0]; if (jsseCerts.length <= 0 && force) { session.invalidate(); handShake(); session = ssl.getSession(); } return getX509Certificates(session); }