List of usage examples for org.apache.http.conn.ssl NoopHostnameVerifier INSTANCE
NoopHostnameVerifier INSTANCE
To view the source code for org.apache.http.conn.ssl NoopHostnameVerifier INSTANCE.
Click Source Link
From source file:com.mirth.connect.client.core.ServerConnection.java
public ServerConnection(int timeout, String[] httpsProtocols, String[] httpsCipherSuites, boolean allowHTTP) { SSLContext sslContext = null; try {/*from ww w.j a v a 2s . co m*/ sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build(); } catch (Exception e) { logger.error("Unable to build SSL context.", e); } String[] enabledProtocols = MirthSSLUtil.getEnabledHttpsProtocols(httpsProtocols); String[] enabledCipherSuites = MirthSSLUtil.getEnabledHttpsCipherSuites(httpsCipherSuites); SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext, enabledProtocols, enabledCipherSuites, NoopHostnameVerifier.INSTANCE); RegistryBuilder<ConnectionSocketFactory> builder = RegistryBuilder.<ConnectionSocketFactory>create() .register("https", sslConnectionSocketFactory); if (allowHTTP) { builder.register("http", PlainConnectionSocketFactory.getSocketFactory()); } Registry<ConnectionSocketFactory> socketFactoryRegistry = builder.build(); PoolingHttpClientConnectionManager httpClientConnectionManager = new PoolingHttpClientConnectionManager( socketFactoryRegistry); httpClientConnectionManager.setDefaultMaxPerRoute(5); httpClientConnectionManager.setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(timeout).build()); // MIRTH-3962: The stale connection settings has been deprecated, and this is recommended instead httpClientConnectionManager.setValidateAfterInactivity(5000); HttpClientBuilder clientBuilder = HttpClients.custom().setConnectionManager(httpClientConnectionManager); HttpUtil.configureClientBuilder(clientBuilder); client = clientBuilder.build(); requestConfig = RequestConfig.custom().setConnectTimeout(CONNECT_TIMEOUT) .setConnectionRequestTimeout(CONNECT_TIMEOUT).setSocketTimeout(timeout).build(); }
From source file:io.openvidu.java.client.OpenVidu.java
/** * @param urlOpenViduServer Public accessible IP where your instance of OpenVidu * Server is up an running * @param secret Secret used on OpenVidu Server initialization *///from ww w . j a va2 s. c om public OpenVidu(String urlOpenViduServer, String secret) { OpenVidu.urlOpenViduServer = urlOpenViduServer; if (!OpenVidu.urlOpenViduServer.endsWith("/")) { OpenVidu.urlOpenViduServer += "/"; } this.secret = secret; TrustStrategy trustStrategy = new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }; CredentialsProvider provider = new BasicCredentialsProvider(); UsernamePasswordCredentials credentials = new UsernamePasswordCredentials("OPENVIDUAPP", this.secret); provider.setCredentials(AuthScope.ANY, credentials); SSLContext sslContext; try { sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build(); } catch (KeyManagementException | NoSuchAlgorithmException | KeyStoreException e) { throw new RuntimeException(e); } RequestConfig.Builder requestBuilder = RequestConfig.custom(); requestBuilder = requestBuilder.setConnectTimeout(30000); requestBuilder = requestBuilder.setConnectionRequestTimeout(30000); OpenVidu.httpClient = HttpClientBuilder.create().setDefaultRequestConfig(requestBuilder.build()) .setConnectionTimeToLive(30, TimeUnit.SECONDS).setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) .setSSLContext(sslContext).setDefaultCredentialsProvider(provider).build(); }
From source file:com.qwazr.utils.http.HttpUtils.java
/** * Create a new HttpClient which accept untrusted SSL certificates * * @return a new HttpClient/*from w ww . java 2 s. c om*/ * @throws KeyStoreException * @throws NoSuchAlgorithmException * @throws KeyManagementException */ public static CloseableHttpClient createHttpClient_AcceptsUntrustedCerts() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { final HttpClientBuilder unsecureHttpClientBuilder = HttpClientBuilder.create(); SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() { public boolean isTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { return true; } }).build(); unsecureHttpClientBuilder.setSSLContext(sslContext); SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE); Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", sslSocketFactory).build(); PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry); unsecureHttpClientBuilder.setConnectionManager(connMgr); return unsecureHttpClientBuilder.build(); }
From source file:ee.ria.xroad.common.opmonitoring.OpMonitoringDaemonHttpClient.java
private static SSLConnectionSocketFactory createSSLSocketFactory(InternalSSLKey authKey) throws Exception { SSLContext ctx = SSLContext.getInstance(CryptoUtils.SSL_PROTOCOL); ctx.init(getKeyManager(authKey), new TrustManager[] { new OpMonitorTrustManager() }, new SecureRandom()); return new SSLConnectionSocketFactory(ctx.getSocketFactory(), new String[] { CryptoUtils.SSL_PROTOCOL }, CryptoUtils.getINCLUDED_CIPHER_SUITES(), NoopHostnameVerifier.INSTANCE); // We don't need hostname verification }
From source file:ee.ria.xroad.proxy.serverproxy.HttpClientCreator.java
private static SSLConnectionSocketFactory createSSLSocketFactory() throws Exception { SSLContext ctx = SSLContext.getInstance(CryptoUtils.SSL_PROTOCOL); ctx.init(createServiceKeyManager(), new TrustManager[] { new ServiceTrustManager() }, new SecureRandom()); log.info("SSL context successfully created"); return new CustomSSLSocketFactory(ctx, SystemProperties.getProxyClientTLSProtocols(), SystemProperties.getProxyClientTLSCipherSuites(), NoopHostnameVerifier.INSTANCE); }
From source file:org.apache.hadoop.gateway.shell.Hadoop.java
private CloseableHttpClient createClient(ClientContext clientContext) throws GeneralSecurityException { // SSL/* w w w . ja v a 2 s .co m*/ HostnameVerifier hostnameVerifier = NoopHostnameVerifier.INSTANCE; TrustStrategy trustStrategy = null; if (clientContext.connection().secure()) { hostnameVerifier = SSLConnectionSocketFactory.getDefaultHostnameVerifier(); } else { trustStrategy = TrustSelfSignedStrategy.INSTANCE; System.out.println("**************** WARNING ******************\n" + "This is an insecure client instance and may\n" + "leave the interactions subject to a man in\n" + "the middle attack. Please use the login()\n" + "method instead of loginInsecure() for any\n" + "sensitive or production usecases.\n" + "*******************************************"); } KeyStore trustStore = getTrustStore(); SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(trustStore, trustStrategy).build(); Registry<ConnectionSocketFactory> registry = RegistryBuilder.<ConnectionSocketFactory>create() .register("http", PlainConnectionSocketFactory.getSocketFactory()) .register("https", new SSLConnectionSocketFactory(sslContext, hostnameVerifier)).build(); // Pool PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(registry); connectionManager.setMaxTotal(clientContext.pool().maxTotal()); connectionManager.setDefaultMaxPerRoute(clientContext.pool().defaultMaxPerRoute()); ConnectionConfig connectionConfig = ConnectionConfig.custom() .setBufferSize(clientContext.connection().bufferSize()).build(); connectionManager.setDefaultConnectionConfig(connectionConfig); SocketConfig socketConfig = SocketConfig.custom().setSoKeepAlive(clientContext.socket().keepalive()) .setSoLinger(clientContext.socket().linger()) .setSoReuseAddress(clientContext.socket().reuseAddress()) .setSoTimeout(clientContext.socket().timeout()).setTcpNoDelay(clientContext.socket().tcpNoDelay()) .build(); connectionManager.setDefaultSocketConfig(socketConfig); // Auth URI uri = URI.create(clientContext.url()); host = new HttpHost(uri.getHost(), uri.getPort(), uri.getScheme()); CredentialsProvider credentialsProvider = null; if (clientContext.username() != null && clientContext.password() != null) { credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(new AuthScope(host.getHostName(), host.getPort()), new UsernamePasswordCredentials(clientContext.username(), clientContext.password())); AuthCache authCache = new BasicAuthCache(); BasicScheme authScheme = new BasicScheme(); authCache.put(host, authScheme); context = new BasicHttpContext(); context.setAttribute(org.apache.http.client.protocol.HttpClientContext.AUTH_CACHE, authCache); } return HttpClients.custom().setConnectionManager(connectionManager) .setDefaultCredentialsProvider(credentialsProvider).build(); }
From source file:com.clustercontrol.winservice.util.RequestWinRM.java
/** * WinRM????Windows??Running??????//from w ww. j a v a2 s . c o m * * @param ipAddress * @param user * @param userPassword * @param port * @param protocol * @param timeout * @param retries * @return */ public boolean polling(String ipAddress, String user, String userPassword, int port, String protocol, int timeout, int retries) throws HinemosUnknown, WsmanException { m_log.debug("polling() " + "ipAddress = " + ipAddress + ",user = " + user + ",userPassword = " + userPassword + ",port = " + port + ",protocol = " + protocol + ",timeout = " + timeout + ",retries = " + retries); // XML?TransformerFactory? m_log.debug("polling() javax.xml.transform.TransformerFactory = " + System.getProperty("javax.xml.transform.TransformerFactory")); System.setProperty("javax.xml.transform.TransformerFactory", "com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl"); // URL?? try { InetAddress address = InetAddress.getByName(ipAddress); if (address instanceof Inet6Address) { m_url = protocol + "://[" + ipAddress + "]:" + port + "/wsman"; } else { m_url = protocol + "://" + ipAddress + ":" + port + "/wsman"; } } catch (UnknownHostException e) { m_log.info("polling() ipAddress is not valid : " + ipAddress + e.getClass().getSimpleName() + ", " + e.getMessage()); throw new HinemosUnknown("ipAddress is not valid : " + ipAddress); } m_log.debug("polling() url = " + m_url); // ???? m_con = WsmanConnection.createConnection(m_url); m_con.setAuthenticationScheme("basic"); m_con.setUsername(user); m_con.setUserpassword(userPassword); m_con.setTimeout(timeout); boolean sslTrustall = HinemosPropertyUtil.getHinemosPropertyBool("monitor.winservice.ssl.trustall", true); if (sslTrustall) { X509TrustManager tm = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } @Override public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException { } }; m_con.setTrustManager(tm); m_con.setHostnameVerifier(NoopHostnameVerifier.INSTANCE); } else { // HTTP???? common-httpclient ? HostnameVerifier ? m_con.setHostnameVerifier(SSLConnectionSocketFactory.getDefaultHostnameVerifier()); } // URI? ManagedReference ref = m_con.newReference(URI_WIN32_SERVICE); ref.addSelector("Name", m_serviceName); // int count = 0; WsmanException lastException = null; while (count < retries) { try { // ManagedInstance inst = ref.get(); if (m_log.isDebugEnabled()) { m_log.debug(WsmanUtils.getXML(inst)); } // ?? Object stateObj = inst.getProperty("State"); if (stateObj != null) { m_state = stateObj.toString(); } else { count++; continue; } // ? if (STATE_RUNNING.equalsIgnoreCase(m_state)) { // [OK] m_message = m_serviceName + " Service is " + STATE_RUNNING; m_messageOrg = m_serviceName + " Service is " + STATE_RUNNING; m_date = HinemosTime.currentTimeMillis(); break; } else { // [NG] m_message = m_serviceName + " Service is not " + STATE_RUNNING; m_messageOrg = m_serviceName + " Service is another state : " + m_state; m_date = HinemosTime.currentTimeMillis(); return false; } } catch (WsmanException e) { m_log.debug("polling() url=" + m_url + ", count=" + count + " " + e.getMessage() + ", " + e.getReason()); lastException = e; // ?? count++; continue; } finally { if (m_con != null) { m_con = null; } } } // ???NG if (count == retries) { // ? m_message = "WinRM Access Error . "; m_messageOrg = "WinRM Access Error . "; if (lastException != null) { m_messageOrg = m_messageOrg + " : " + lastException.getMessage(); } m_date = HinemosTime.currentTimeMillis(); if (lastException != null) { m_log.info("winservice url=" + m_url + ", message=" + lastException.getMessage() + ", reason=" + lastException.getReason()); if (lastException.getMessage() == null) { throw new HinemosUnknown( MessageConstant.MESSAGE_WINSERVICE_NAME_NOT_EXIST_OR_NOT_REFERENCE_AUTHORITY_TO_WINRM .getMessage() + " : " + lastException.getReason()); } else { if (lastException.getMessage().indexOf("HTTP response code: 401") != -1) { throw new HinemosUnknown( MessageConstant.MESSAGE_FAIL_AT_WINRM_ID_OR_PASSWORD_OR_LOGINAUTH_ERR.getMessage()); } } throw lastException; } else { // ?????????? throw new HinemosUnknown("winservice unknown"); } } // [OK]????? return true; }
From source file:com.code42.demo.RestInvoker.java
public RestInvoker(String host, int hostPort, String userName, String password, Boolean useSSL) { sHost = host;/*from ww w .j a v a2 s . c om*/ sPort = hostPort; uName = userName; pWord = password; ssl = useSSL; if (!ssl) { ePoint = "http://" + sHost + ":" + sPort; } else { // use SSL ePoint = "https://" + sHost + ":" + sPort; sslBuilder = new SSLContextBuilder(); try { sslBuilder.loadTrustMaterial(null, new TrustSelfSignedStrategy()); } catch (NoSuchAlgorithmException | KeyStoreException e) { // TODO Auto-generated catch block m_log.error("Unable to build trusted self signed cert"); //m_log.debug(e.printStackTrace(), e); } try { /* the NoopHostnameVerifier turns OFF host verification * For Production environments you'll want to remove this. */ sslsf = new SSLConnectionSocketFactory(sslBuilder.build(), NoopHostnameVerifier.INSTANCE); } catch (KeyManagementException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (NoSuchAlgorithmException e) { // TODO Auto-generated catch block e.printStackTrace(); } } m_log.info("EndPoint set to: " + ePoint); credsProvider = new BasicCredentialsProvider(); credsProvider.setCredentials(new AuthScope(sHost, sPort), new UsernamePasswordCredentials(uName, pWord)); }
From source file:org.syslog_ng.elasticsearch_v2.client.http.ESHttpsClient.java
private HostnameVerifier setupHostnameVerifier(ElasticSearchOptions options) { if (isSSLInsecure(options)) { return NoopHostnameVerifier.INSTANCE; } else {//from w w w . j av a 2 s . c o m return new DefaultHostnameVerifier(); } }