List of usage examples for org.apache.http.conn.ssl SSLSocketFactory SSLSocketFactory
public SSLSocketFactory(final SSLContext sslContext)
From source file:org.apache.nifi.processors.solr.SolrUtils.java
public static SolrClient createSolrClient(final PropertyContext context, final String solrLocation) { final Integer socketTimeout = context.getProperty(SOLR_SOCKET_TIMEOUT).asTimePeriod(TimeUnit.MILLISECONDS) .intValue();/* w ww . j a v a 2 s.c o m*/ final Integer connectionTimeout = context.getProperty(SOLR_CONNECTION_TIMEOUT) .asTimePeriod(TimeUnit.MILLISECONDS).intValue(); final Integer maxConnections = context.getProperty(SOLR_MAX_CONNECTIONS).asInteger(); final Integer maxConnectionsPerHost = context.getProperty(SOLR_MAX_CONNECTIONS_PER_HOST).asInteger(); final SSLContextService sslContextService = context.getProperty(SSL_CONTEXT_SERVICE) .asControllerService(SSLContextService.class); final KerberosCredentialsService kerberosCredentialsService = context .getProperty(KERBEROS_CREDENTIALS_SERVICE).asControllerService(KerberosCredentialsService.class); final ModifiableSolrParams params = new ModifiableSolrParams(); params.set(HttpClientUtil.PROP_SO_TIMEOUT, socketTimeout); params.set(HttpClientUtil.PROP_CONNECTION_TIMEOUT, connectionTimeout); params.set(HttpClientUtil.PROP_MAX_CONNECTIONS, maxConnections); params.set(HttpClientUtil.PROP_MAX_CONNECTIONS_PER_HOST, maxConnectionsPerHost); // has to happen before the client is created below so that correct configurer would be set if needed if (kerberosCredentialsService != null) { HttpClientUtil.setConfigurer(new KerberosHttpClientConfigurer()); } final HttpClient httpClient = HttpClientUtil.createClient(params); if (sslContextService != null) { final SSLContext sslContext = sslContextService.createSSLContext(SSLContextService.ClientAuth.REQUIRED); final SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sslContext); final Scheme httpsScheme = new Scheme("https", 443, sslSocketFactory); httpClient.getConnectionManager().getSchemeRegistry().register(httpsScheme); } if (SOLR_TYPE_STANDARD.getValue().equals(context.getProperty(SOLR_TYPE).getValue())) { return new HttpSolrClient(solrLocation, httpClient); } else { final String collection = context.getProperty(COLLECTION).evaluateAttributeExpressions().getValue(); final Integer zkClientTimeout = context.getProperty(ZK_CLIENT_TIMEOUT) .asTimePeriod(TimeUnit.MILLISECONDS).intValue(); final Integer zkConnectionTimeout = context.getProperty(ZK_CONNECTION_TIMEOUT) .asTimePeriod(TimeUnit.MILLISECONDS).intValue(); CloudSolrClient cloudSolrClient = new CloudSolrClient(solrLocation, httpClient); cloudSolrClient.setDefaultCollection(collection); cloudSolrClient.setZkClientTimeout(zkClientTimeout); cloudSolrClient.setZkConnectTimeout(zkConnectionTimeout); return cloudSolrClient; } }
From source file:org.bigmouth.nvwa.network.http.HttpClientHelper.java
@SuppressWarnings("deprecation") private static HttpClient getHttpClient(File keystore, char[] pwd, ClientConnectionManager ccm, int port, int timeout) throws Exception { SchemeRegistry sr = ccm.getSchemeRegistry(); KeyStore truststore = KeyStore.getInstance(KeyStore.getDefaultType()); truststore.load(new FileInputStream(keystore), pwd); SSLSocketFactory socketFactory = new SSLSocketFactory(truststore); socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); sr.register(new Scheme("https", port, socketFactory)); HttpClient httpClient = new DefaultHttpClient(ccm); httpClient.getParams().setParameter(CoreConnectionPNames.SO_KEEPALIVE, true); httpClient.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout); httpClient.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout); return httpClient; }
From source file:org.jboss.as.test.integration.management.api.web.ConnectorTestCase.java
public static HttpClient wrapClient(HttpClient base) { try {/*from w ww . j av a 2s.c o m*/ SSLContext ctx = SSLContext.getInstance("TLS"); X509TrustManager tm = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException { } public X509Certificate[] getAcceptedIssuers() { return null; } }; ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx); ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 443)); return new DefaultHttpClient(ccm, base.getParams()); } catch (Exception ex) { ex.printStackTrace(); return null; } }
From source file:org.jenkinsci.plugins.stashNotifier.StashNotifier.java
/** * Returns the HttpClient through which the REST call is made. Uses an * unsafe TrustStrategy in case the user specified a HTTPS URL and * set the ignoreUnverifiedSSLPeer flag. * /*from w ww . j a va 2 s . c o m*/ * @param logger the logger to log messages to * @return the HttpClient */ private HttpClient getHttpClient(PrintStream logger) { HttpClient client = null; boolean ignoreUnverifiedSSL = ignoreUnverifiedSSLPeer; DescriptorImpl descriptor = getDescriptor(); if (!ignoreUnverifiedSSL) { ignoreUnverifiedSSL = descriptor.isIgnoreUnverifiedSsl(); } if (getStashServerBaseUrl().startsWith("https") && ignoreUnverifiedSSL) { // add unsafe trust manager to avoid thrown // SSLPeerUnverifiedException try { TrustStrategy easyStrategy = new TrustStrategy() { public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }; SSLSocketFactory sslSocketFactory = new SSLSocketFactory(easyStrategy); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("https", 443, sslSocketFactory)); ClientConnectionManager connectionManager = new SingleClientConnManager(schemeRegistry); client = new DefaultHttpClient(connectionManager); } catch (NoSuchAlgorithmException nsae) { logger.println("Couldn't establish SSL context:"); nsae.printStackTrace(logger); } catch (KeyManagementException kme) { logger.println("Couldn't initialize SSL context:"); kme.printStackTrace(logger); } catch (KeyStoreException kse) { logger.println("Couldn't initialize SSL context:"); kse.printStackTrace(logger); } catch (UnrecoverableKeyException uke) { logger.println("Couldn't initialize SSL context:"); uke.printStackTrace(logger); } finally { if (client == null) { logger.println("Trying with safe trust manager, instead!"); client = new DefaultHttpClient(); } } } else { client = new DefaultHttpClient(); } ProxyConfiguration proxy = Jenkins.getInstance().proxy; if (proxy != null && !proxy.name.isEmpty() && !proxy.name.startsWith("http")) { SchemeRegistry schemeRegistry = client.getConnectionManager().getSchemeRegistry(); schemeRegistry.register(new Scheme("http", proxy.port, new PlainSocketFactory())); client.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY, new HttpHost(proxy.name, proxy.port)); } return client; }
From source file:org.oscarehr.common.hl7.v2.oscar_to_oscar.SendingUtils.java
private static HttpClient getTrustAllHttpClient() { try {/*from ww w .j ava 2 s . c o m*/ SSLContext sslContext = SSLContext.getInstance("TLS"); TrustManager[] temp = new TrustManager[1]; temp[0] = new CxfClientUtilsOld.TrustAllManager(); sslContext.init(null, temp, null); SSLSocketFactory sslSocketFactory = new SSLSocketFactory(sslContext); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpClient httpClient = new DefaultHttpClient(); ClientConnectionManager connectionManager = httpClient.getConnectionManager(); SchemeRegistry schemeRegistry = connectionManager.getSchemeRegistry(); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); return (new DefaultHttpClient(connectionManager, httpClient.getParams())); } catch (Exception e) { logger.error("Unexpected error", e); return (null); } }
From source file:org.restlet.ext.httpclient.HttpClientHelper.java
/** * Configures the scheme registry. By default, it registers the HTTP and the * HTTPS schemes.//from w w w . j a v a 2s .c o m * * @param schemeRegistry * The scheme registry to configure. */ protected void configure(SchemeRegistry schemeRegistry) { schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); // [ifndef android] SSLSocketFactory sslSocketFactory = null; SslContextFactory sslContextFactory = SslUtils.getSslContextFactory(this); if (sslContextFactory != null) { try { SSLContext sslContext = sslContextFactory.createSslContext(); sslSocketFactory = new SSLSocketFactory(sslContext); } catch (Exception e) { throw new RuntimeException("Unable to create SSLContext.", e); } } else { sslSocketFactory = SSLSocketFactory.getSocketFactory(); } if (getHostnameVerifier() != null) { try { X509HostnameVerifier hostnameVerifier = (X509HostnameVerifier) Engine .loadClass(getHostnameVerifier()).newInstance(); sslSocketFactory.setHostnameVerifier(hostnameVerifier); } catch (Exception e) { getLogger().log(Level.WARNING, "An error occurred during the instantiation of the hostname verifier.", e); } } schemeRegistry.register(new Scheme("https", 443, sslSocketFactory)); // [enddef] }
From source file:org.wso2.mdm.agent.proxy.utils.ServerUtilities.java
public static HttpClient getCertifiedHttpClient() throws IDPTokenManagerException { HttpClient client = null;//ww w . j a v a2s . c om InputStream inStream = null; try { if (Constants.SERVER_PROTOCOL.equalsIgnoreCase("https://")) { KeyStore localTrustStore = KeyStore.getInstance("BKS"); inStream = IdentityProxy.getInstance().getContext().getResources() .openRawResource(R.raw.emm_truststore); localTrustStore.load(inStream, Constants.TRUSTSTORE_PASSWORD.toCharArray()); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); SSLSocketFactory sslSocketFactory = new SSLSocketFactory(localTrustStore); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); HttpParams params = new BasicHttpParams(); ClientConnectionManager connectionManager = new ThreadSafeClientConnManager(params, schemeRegistry); client = new DefaultHttpClient(connectionManager, params); } else { client = new DefaultHttpClient(); } } catch (KeyStoreException e) { throw new IDPTokenManagerException("Invalid keystore.", e); } catch (CertificateException e) { throw new IDPTokenManagerException("Invalid certificate.", e); } catch (NoSuchAlgorithmException e) { throw new IDPTokenManagerException("Keystore algorithm does not match.", e); } catch (UnrecoverableKeyException e) { throw new IDPTokenManagerException("Invalid keystore.", e); } catch (KeyManagementException e) { throw new IDPTokenManagerException("Invalid keystore.", e); } catch (IOException e) { throw new IDPTokenManagerException("Trust store failed to load.", e); } finally { StreamHandlerUtil.closeInputStream(inStream, TAG); } return client; }
From source file:org.wso2.mobile.idp.proxy.utils.ServerUtilities.java
public static HttpClient getCertifiedHttpClient() { try {/*from ww w . j a v a2s . c o m*/ HttpClient client = null; if (isSSLEnable) { KeyStore localTrustStore = KeyStore.getInstance("BKS"); localTrustStore.load(inputStream, trustStorePassword.toCharArray()); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80)); SSLSocketFactory sslSocketFactory = new SSLSocketFactory(localTrustStore); sslSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); schemeRegistry.register(new Scheme("https", sslSocketFactory, 443)); HttpParams params = new BasicHttpParams(); ClientConnectionManager cm = new ThreadSafeClientConnManager(params, schemeRegistry); client = new DefaultHttpClient(cm, params); } else { client = new DefaultHttpClient(); } return client; } catch (Exception e) { Log.d(TAG, e.toString()); return null; } }