List of usage examples for org.apache.http.conn.ssl SSLSocketFactory SSLSocketFactory
public SSLSocketFactory(final javax.net.ssl.SSLSocketFactory socketfactory, final X509HostnameVerifier hostnameVerifier)
From source file:org.fedoraproject.eclipse.packager.api.UploadSourceCommand.java
/** * Wrap a basic HttpClient object in a Fedora SSL enabled HttpClient (which includes * Fedora SSL authentication cert) object. * // w w w. j a v a2 s .co m * @param base The HttpClient to wrap. * @return The SSL wrapped HttpClient. * @throws GeneralSecurityException * @throws IOException */ private HttpClient fedoraSslEnable(HttpClient base) throws GeneralSecurityException, FileNotFoundException, IOException { // Get a SSL related instance for setting up SSL connections. FedoraSSL fedoraSSL = FedoraSSLFactory.getInstance(); SSLSocketFactory sf = new SSLSocketFactory(fedoraSSL.getInitializedSSLContext(), // may throw FileNotFoundE SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); Scheme https = new Scheme("https", 443, sf); //$NON-NLS-1$ sr.register(https); return new DefaultHttpClient(ccm, base.getParams()); }
From source file:ch.admin.hermes.etl.load.cmis.AlfrescoCMISClient.java
/** * Liefert einen Http Client wo alle Zertifikate erlaubt sind. Vermeidet Zertifikatfehler. * @return DefaultHttpClient/* w ww . j av a 2s . c o m*/ */ private DefaultHttpClient getHttpClient() { try { HttpParams httpParams = new BasicHttpParams(); SSLSocketFactory sf = new SSLSocketFactory(new TrustStrategy() { public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException { return true; } }, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); registry.register(new Scheme("https", 443, sf)); return new DefaultHttpClient(httpParams); } catch (Exception e) { return new DefaultHttpClient(); } }
From source file:com.marklogic.client.impl.JerseyServices.java
private void connect(String host, int port, String database, String user, String password, Authentication authenType, SSLContext context, X509HostnameVerifier verifier) { if (logger.isDebugEnabled()) logger.debug("Connecting to {} at {} as {}", new Object[] { host, port, user }); if (host == null) throw new IllegalArgumentException("No host provided"); if (authenType == null) { if (context != null) { authenType = Authentication.BASIC; }//ww w. j av a 2s . co m } if (authenType != null) { if (user == null) throw new IllegalArgumentException("No user provided"); if (password == null) throw new IllegalArgumentException("No password provided"); } if (connection != null) connection = null; if (client != null) { client.destroy(); client = null; } this.database = database; String baseUri = ((context == null) ? "http" : "https") + "://" + host + ":" + port + "/v1/"; Properties props = System.getProperties(); if (props.containsKey(MAX_DELAY_PROP)) { String maxDelayStr = props.getProperty(MAX_DELAY_PROP); if (maxDelayStr != null && maxDelayStr.length() > 0) { int max = Integer.parseInt(maxDelayStr); if (max > 0) { maxDelay = max * 1000; } } } if (props.containsKey(MIN_RETRY_PROP)) { String minRetryStr = props.getProperty(MIN_RETRY_PROP); if (minRetryStr != null && minRetryStr.length() > 0) { int min = Integer.parseInt(minRetryStr); if (min > 0) { minRetry = min; } } } // TODO: integrated control of HTTP Client and Jersey Client logging if (!props.containsKey("org.apache.commons.logging.Log")) { System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.SimpleLog"); } if (!props.containsKey("org.apache.commons.logging.simplelog.log.org.apache.http")) { System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http", "warn"); } if (!props.containsKey("org.apache.commons.logging.simplelog.log.org.apache.http.wire")) { System.setProperty("org.apache.commons.logging.simplelog.log.org.apache.http.wire", "warn"); } Scheme scheme = null; if (context == null) { SchemeSocketFactory socketFactory = PlainSocketFactory.getSocketFactory(); scheme = new Scheme("http", port, socketFactory); } else { SSLSocketFactory socketFactory = new SSLSocketFactory(context, verifier); scheme = new Scheme("https", port, socketFactory); } SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(scheme); int maxRouteConnections = 100; int maxTotalConnections = 2 * maxRouteConnections; /* * 4.2 PoolingClientConnectionManager connMgr = new * PoolingClientConnectionManager(schemeRegistry); * connMgr.setMaxTotal(maxTotalConnections); * connMgr.setDefaultMaxPerRoute(maxRouteConnections); * connMgr.setMaxPerRoute( new HttpRoute(new HttpHost(baseUri)), * maxRouteConnections); */ // start 4.1 ThreadSafeClientConnManager connMgr = new ThreadSafeClientConnManager(schemeRegistry); connMgr.setMaxTotal(maxTotalConnections); connMgr.setDefaultMaxPerRoute(maxRouteConnections); connMgr.setMaxForRoute(new HttpRoute(new HttpHost(baseUri)), maxRouteConnections); // end 4.1 // CredentialsProvider credentialsProvider = new // BasicCredentialsProvider(); // credentialsProvider.setCredentials(new AuthScope(host, port), // new UsernamePasswordCredentials(user, password)); HttpParams httpParams = new BasicHttpParams(); if (authenType != null) { List<String> authpref = new ArrayList<String>(); if (authenType == Authentication.BASIC) authpref.add(AuthPolicy.BASIC); else if (authenType == Authentication.DIGEST) authpref.add(AuthPolicy.DIGEST); else throw new MarkLogicInternalException( "Internal error - unknown authentication type: " + authenType.name()); httpParams.setParameter(AuthPNames.PROXY_AUTH_PREF, authpref); } httpParams.setBooleanParameter(ClientPNames.HANDLE_REDIRECTS, false); HttpProtocolParams.setVersion(httpParams, HttpVersion.HTTP_1_1); // HttpConnectionParams.setStaleCheckingEnabled(httpParams, false); // long-term alternative to isFirstRequest alive // HttpProtocolParams.setUseExpectContinue(httpParams, false); // httpParams.setIntParameter(CoreProtocolPNames.WAIT_FOR_CONTINUE, 1000); DefaultApacheHttpClient4Config config = new DefaultApacheHttpClient4Config(); Map<String, Object> configProps = config.getProperties(); configProps.put(ApacheHttpClient4Config.PROPERTY_PREEMPTIVE_BASIC_AUTHENTICATION, false); configProps.put(ApacheHttpClient4Config.PROPERTY_DISABLE_COOKIES, true); configProps.put(ApacheHttpClient4Config.PROPERTY_CONNECTION_MANAGER, connMgr); // ignored? configProps.put(ApacheHttpClient4Config.PROPERTY_FOLLOW_REDIRECTS, false); // configProps.put(ApacheHttpClient4Config.PROPERTY_CREDENTIALS_PROVIDER, // credentialsProvider); configProps.put(ApacheHttpClient4Config.PROPERTY_HTTP_PARAMS, httpParams); // switches from buffered to streamed in Jersey Client configProps.put(ApacheHttpClient4Config.PROPERTY_CHUNKED_ENCODING_SIZE, 32 * 1024); client = ApacheHttpClient4.create(config); // System.setProperty("javax.net.debug", "all"); // all or ssl if (authenType == null) { checkFirstRequest = false; } else if (authenType == Authentication.BASIC) { checkFirstRequest = false; client.addFilter(new HTTPBasicAuthFilter(user, password)); } else if (authenType == Authentication.DIGEST) { checkFirstRequest = true; // workaround for JerseyClient bug 1445 client.addFilter(new DigestChallengeFilter()); client.addFilter(new HTTPDigestAuthFilter(user, password)); } else { throw new MarkLogicInternalException( "Internal error - unknown authentication type: " + authenType.name()); } // client.addFilter(new LoggingFilter(System.err)); connection = client.resource(baseUri); }
From source file:org.fedoraproject.eclipse.packager.api.UploadSourceCommand.java
/** * Wrap a basic HttpClient object in an all trusting SSL enabled * HttpClient object./*from w w w.j av a 2 s . c om*/ * * @param base The HttpClient to wrap. * @return The SSL wrapped HttpClient. * @throws GeneralSecurityException * @throws IOException */ private HttpClient trustAllSslEnable(HttpClient base) throws GeneralSecurityException { // Get an initialized SSL context // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; // set up the all-trusting trust manager SSLContext sc = SSLContext.getInstance("SSL"); //$NON-NLS-1$ sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sc, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); ClientConnectionManager ccm = base.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); Scheme https = new Scheme("https", 443, sf); //$NON-NLS-1$ sr.register(https); return new DefaultHttpClient(ccm, base.getParams()); }
From source file:gov.nih.nci.nbia.StandaloneDMDispatcher.java
private static List<String> connectAndReadFromURL(URL url) { List<String> data = null; DefaultHttpClient httpClient = null; TrustStrategy easyStrategy = new TrustStrategy() { @Override//w w w .j a va 2s. c om public boolean isTrusted(X509Certificate[] certificate, String authType) throws CertificateException { return true; } }; try { SSLSocketFactory sslsf = new SSLSocketFactory(easyStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", 443, sslsf); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(httpsScheme); schemeRegistry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); ClientConnectionManager ccm = new ThreadSafeClientConnManager(schemeRegistry); HttpParams httpParams = new BasicHttpParams(); HttpConnectionParams.setConnectionTimeout(httpParams, 50000); HttpConnectionParams.setSoTimeout(httpParams, new Integer(12000)); httpClient = new DefaultHttpClient(ccm, httpParams); httpClient.setRoutePlanner(new ProxySelectorRoutePlanner(schemeRegistry, ProxySelector.getDefault())); // // Additions by lrt for tcia - // // attempt to reduce errors going through a Coyote Point // Equalizer load balance switch httpClient.getParams().setParameter("http.socket.timeout", new Integer(12000)); httpClient.getParams().setParameter("http.socket.receivebuffer", new Integer(16384)); httpClient.getParams().setParameter("http.tcp.nodelay", true); httpClient.getParams().setParameter("http.connection.stalecheck", false); // // end lrt additions HttpPost httpPostMethod = new HttpPost(url.toString()); List<BasicNameValuePair> postParams = new ArrayList<BasicNameValuePair>(); postParams.add(new BasicNameValuePair(osParam, os)); UrlEncodedFormEntity query = new UrlEncodedFormEntity(postParams); httpPostMethod.setEntity(query); HttpResponse response = httpClient.execute(httpPostMethod); int responseCode = response.getStatusLine().getStatusCode(); if (responseCode == HttpStatus.SC_OK) { InputStream inputStream = response.getEntity().getContent(); data = IOUtils.readLines(inputStream); } else { JOptionPane.showMessageDialog(null, "Incorrect response from server: " + responseCode); } } catch (java.net.ConnectException e) { String note = "Connection error 1 while connecting to " + url.toString() + ":\n" + getProxyInfo(); //+ checkListeningPort("127.0.0.1", 8888); printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 1: " + e.getMessage()); e.printStackTrace(); } catch (MalformedURLException e) { String note = "Connection error 2 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 2: " + e.getMessage()); e.printStackTrace(); } catch (IOException e) { String note = "Connection error 3 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 3: " + e.getMessage()); e.printStackTrace(); } catch (KeyManagementException e) { String note = "Connection error 4 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 4: " + e.getMessage()); e.printStackTrace(); } catch (NoSuchAlgorithmException e) { String note = "Connection error 5 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 5: " + e.getMessage()); e.printStackTrace(); } catch (KeyStoreException e) { String note = "Connection error 6 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 6: " + e.getMessage()); e.printStackTrace(); } catch (UnrecoverableKeyException e) { String note = "Connection error 7 while connecting to " + url.toString() + ":\n"; printStackTraceToDialog(note, e); //JOptionPane.showMessageDialog(null, "Connection error 7: " + e.getMessage()); e.printStackTrace(); } finally { if (httpClient != null) { httpClient.getConnectionManager().shutdown(); } } return data; }
From source file:org.openmeetings.app.sip.xmlrpc.OpenXGHttpClient.java
public HttpClient getHttpClient() { try {/* ww w .ja v a 2 s . c o m*/ SSLSocketFactory sf = new SSLSocketFactory(SSLContext.getInstance("TLS"), SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, HTTP.UTF_8); SchemeRegistry registry = new SchemeRegistry(); registry.register(new Scheme("http", 80, PlainSocketFactory.getSocketFactory())); registry.register(new Scheme("https", 443, sf)); ClientConnectionManager ccm = new ThreadSafeClientConnManager(registry); return new DefaultHttpClient(ccm, params); } catch (Exception e) { return new DefaultHttpClient(); } }
From source file:com.xebialabs.overthere.cifs.winrm.WinRmClient.java
private void configureTrust(final DefaultHttpClient httpclient) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException { if (!"https".equalsIgnoreCase(targetURL.getProtocol())) { return;//from w ww . j a va2 s . co m } final TrustStrategy trustStrategy = httpsCertTrustStrategy.getStrategy(); final X509HostnameVerifier hostnameVerifier = httpsHostnameVerifyStrategy.getVerifier(); final SSLSocketFactory socketFactory = new SSLSocketFactory(trustStrategy, hostnameVerifier); final Scheme sch = new Scheme("https", 443, socketFactory); httpclient.getConnectionManager().getSchemeRegistry().register(sch); }
From source file:org.hyperic.hq.hqapi1.HQConnection.java
private void configureSSL(HttpClient client) throws IOException { final String keyStorePath = System.getProperty("javax.net.ssl.keyStore"); final String keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword"); final boolean validateSSLCertificates = StringUtils.hasText(keyStorePath) && StringUtils.hasText(keyStorePassword); X509TrustManager customTrustManager = null; KeyManager[] keyManagers = null; try {//from w w w. ja v a2s . c om if (validateSSLCertificates) { // Use specified key store and perform SSL validation... KeyStore keystore = getKeyStore(keyStorePath, keyStorePassword); KeyManagerFactory keyManagerFactory = getKeyManagerFactory(keystore, keyStorePassword); TrustManagerFactory trustManagerFactory = getTrustManagerFactory(keystore); keyManagers = keyManagerFactory.getKeyManagers(); customTrustManager = (X509TrustManager) trustManagerFactory.getTrustManagers()[0]; } else { // Revert to previous functionality and ignore SSL certs... customTrustManager = new X509TrustManager() { public void checkClientTrusted(X509Certificate[] chain, String authType) { } public void checkServerTrusted(X509Certificate[] chain, String authType) { } //required for jdk 1.3/jsse 1.0.3_01 public boolean isClientTrusted(X509Certificate[] chain) { return true; } //required for jdk 1.3/jsse 1.0.3_01 public boolean isServerTrusted(X509Certificate[] chain) { return true; } public X509Certificate[] getAcceptedIssuers() { return null; } }; } SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagers, new TrustManager[] { customTrustManager }, new SecureRandom()); // XXX Should we use ALLOW_ALL_HOSTNAME_VERIFIER (least restrictive) or // BROWSER_COMPATIBLE_HOSTNAME_VERIFIER (moderate restrictive) or // STRICT_HOSTNAME_VERIFIER (most restrictive)??? // For now allow all, and make it configurable later... X509HostnameVerifier hostnameVerifier = null; if (validateSSLCertificates) { hostnameVerifier = new AllowAllHostnameVerifier(); } else { hostnameVerifier = new X509HostnameVerifier() { private AllowAllHostnameVerifier internalVerifier = new AllowAllHostnameVerifier(); public boolean verify(String host, SSLSession session) { return internalVerifier.verify(host, session); } public void verify(String host, String[] cns, String[] subjectAlts) throws SSLException { internalVerifier.verify(host, cns, subjectAlts); } public void verify(String host, X509Certificate cert) throws SSLException { internalVerifier.verify(host, cert); } public void verify(String host, SSLSocket ssl) throws IOException { try { internalVerifier.verify(host, ssl); } catch (SSLPeerUnverifiedException e) { // ignore } } }; } client.getConnectionManager().getSchemeRegistry() .register(new Scheme("https", 443, new SSLSocketFactory(sslContext, hostnameVerifier))); } catch (Exception e) { throw new IOException(e); } }
From source file:org.eclipse.lyo.client.oslc.OslcClient.java
private void setupSSLSupport(TrustManager[] trustManagers, X509HostnameVerifier hostnameVerifier) { ClientConnectionManager connManager = httpClient.getConnectionManager(); SchemeRegistry schemeRegistry = connManager.getSchemeRegistry(); schemeRegistry.unregister("https"); /** Create a trust manager that does not validate certificate chains */ TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { /** Ignore Method Call */ }//w w w . j a v a 2s. com public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { /** Ignore Method Call */ } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } } }; try { SSLContext sc = findInstalledSecurityContext(); if (trustManagers == null) { trustManagers = trustAllCerts; } if (hostnameVerifier == null) { hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; } sc.init(null, trustManagers, new java.security.SecureRandom()); SSLSocketFactory sf = new SSLSocketFactory(sc, hostnameVerifier); Scheme https = new Scheme("https", 443, sf); //$NON-NLS-1$ schemeRegistry.register(https); } catch (NoSuchAlgorithmException e) { /* Fail Silently */ } catch (KeyManagementException e) { /* Fail Silently */ } }
From source file:org.opendedup.sdfs.filestore.cloud.BatchAwsS3ChunkStore.java
@Override public void init(Element config) throws IOException { this.name = Main.cloudBucket.toLowerCase(); this.staged_sync_location.mkdirs(); try {//from w w w. jav a2s.co m if (config.hasAttribute("default-bucket-location")) { bucketLocation = RegionUtils.getRegion(config.getAttribute("default-bucket-location")); } if (config.hasAttribute("connection-check-interval")) { this.checkInterval = Integer.parseInt(config.getAttribute("connection-check-interval")); } if (config.hasAttribute("block-size")) { int sz = (int) StringUtils.parseSize(config.getAttribute("block-size")); HashBlobArchive.MAX_LEN = sz; } if (config.hasAttribute("allow-sync")) { HashBlobArchive.allowSync = Boolean.parseBoolean(config.getAttribute("allow-sync")); if (config.hasAttribute("sync-check-schedule")) { try { new SyncFSScheduler(config.getAttribute("sync-check-schedule")); } catch (Exception e) { SDFSLogger.getLog().error("unable to start sync scheduler", e); } } } if (config.hasAttribute("upload-thread-sleep-time")) { int tm = Integer.parseInt(config.getAttribute("upload-thread-sleep-time")); HashBlobArchive.THREAD_SLEEP_TIME = tm; } if (config.hasAttribute("cache-writes")) { HashBlobArchive.cacheWrites = Boolean.parseBoolean(config.getAttribute("cache-writes")); } if (config.hasAttribute("cache-reads")) { HashBlobArchive.cacheReads = Boolean.parseBoolean(config.getAttribute("cache-reads")); } if (config.hasAttribute("sync-files")) { boolean syncf = Boolean.parseBoolean(config.getAttribute("sync-files")); if (syncf) { new FileReplicationService(this); } } int rsp = 0; int wsp = 0; if (config.hasAttribute("read-speed")) { rsp = Integer.parseInt(config.getAttribute("read-speed")); } if (config.hasAttribute("write-speed")) { wsp = Integer.parseInt(config.getAttribute("write-speed")); } if (config.hasAttribute("local-cache-size")) { long sz = StringUtils.parseSize(config.getAttribute("local-cache-size")); HashBlobArchive.setLocalCacheSize(sz); } if (config.hasAttribute("metadata-version")) { this.mdVersion = Integer.parseInt(config.getAttribute("metadata-version")); } if (config.hasAttribute("map-cache-size")) { int sz = Integer.parseInt(config.getAttribute("map-cache-size")); HashBlobArchive.MAP_CACHE_SIZE = sz; } if (config.hasAttribute("io-threads")) { int sz = Integer.parseInt(config.getAttribute("io-threads")); Main.dseIOThreads = sz; } if (config.hasAttribute("clustered")) { this.clustered = Boolean.parseBoolean(config.getAttribute("clustered")); } if (config.hasAttribute("delete-unclaimed")) { this.deleteUnclaimed = Boolean.parseBoolean(config.getAttribute("delete-unclaimed")); } if (config.hasAttribute("glacier-archive-days")) { this.glacierDays = Integer.parseInt(config.getAttribute("glacier-archive-days")); if (this.glacierDays > 0) Main.checkArchiveOnRead = true; } if (config.hasAttribute("infrequent-access-days")) { this.infrequentAccess = Integer.parseInt(config.getAttribute("infrequent-access-days")); } if (config.hasAttribute("simple-s3")) { EncyptUtils.baseEncode = Boolean.parseBoolean(config.getAttribute("simple-s3")); this.simpleS3 = true; } if (config.hasAttribute("md5-sum")) { this.md5sum = Boolean.parseBoolean(config.getAttribute("md5-sum")); if (!this.md5sum) { System.setProperty("com.amazonaws.services.s3.disableGetObjectMD5Validation", "true"); System.setProperty("com.amazonaws.services.s3.disablePutObjectMD5Validation", "true"); } } ClientConfiguration clientConfig = new ClientConfiguration(); if (config.hasAttribute("use-v4-signer")) { boolean v4s = Boolean.parseBoolean(config.getAttribute("use-v4-signer")); if (v4s) { clientConfig.setSignerOverride("AWSS3V4SignerType"); } } if (config.hasAttribute("use-basic-signer")) { boolean v4s = Boolean.parseBoolean(config.getAttribute("use-basic-signer")); if (v4s) { clientConfig.setSignerOverride("S3SignerType"); } } clientConfig.setMaxConnections(Main.dseIOThreads * 2); clientConfig.setConnectionTimeout(10000); clientConfig.setSocketTimeout(10000); String s3Target = null; if (config.getElementsByTagName("connection-props").getLength() > 0) { Element el = (Element) config.getElementsByTagName("connection-props").item(0); if (el.hasAttribute("connection-timeout")) clientConfig.setConnectionTimeout(Integer.parseInt(el.getAttribute("connection-timeout"))); if (el.hasAttribute("socket-timeout")) clientConfig.setSocketTimeout(Integer.parseInt(el.getAttribute("socket-timeout"))); if (el.hasAttribute("local-address")) clientConfig.setLocalAddress(InetAddress.getByName(el.getAttribute("local-address"))); if (el.hasAttribute("max-retry")) clientConfig.setMaxErrorRetry(Integer.parseInt(el.getAttribute("max-retry"))); if (el.hasAttribute("protocol")) { String pr = el.getAttribute("protocol"); if (pr.equalsIgnoreCase("http")) clientConfig.setProtocol(Protocol.HTTP); else clientConfig.setProtocol(Protocol.HTTPS); } if (el.hasAttribute("s3-target")) { s3Target = el.getAttribute("s3-target"); } if (el.hasAttribute("proxy-host")) { clientConfig.setProxyHost(el.getAttribute("proxy-host")); } if (el.hasAttribute("proxy-domain")) { clientConfig.setProxyDomain(el.getAttribute("proxy-domain")); } if (el.hasAttribute("proxy-password")) { clientConfig.setProxyPassword(el.getAttribute("proxy-password")); } if (el.hasAttribute("proxy-port")) { clientConfig.setProxyPort(Integer.parseInt(el.getAttribute("proxy-port"))); } if (el.hasAttribute("proxy-username")) { clientConfig.setProxyUsername(el.getAttribute("proxy-username")); } } if (s3Target != null && s3Target.toLowerCase().startsWith("https")) { TrustStrategy acceptingTrustStrategy = new TrustStrategy() { @Override public boolean isTrusted(X509Certificate[] certificate, String authType) { return true; } }; SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); clientConfig.getApacheHttpClientConfig().withSslSocketFactory(sf); } if (awsCredentials != null) s3Service = new AmazonS3Client(awsCredentials, clientConfig); else s3Service = new AmazonS3Client(new InstanceProfileCredentialsProvider(), clientConfig); if (bucketLocation != null) { s3Service.setRegion(bucketLocation); System.out.println("bucketLocation=" + bucketLocation.toString()); } if (s3Target != null) { s3Service.setEndpoint(s3Target); System.out.println("target=" + s3Target); } if (config.hasAttribute("disableDNSBucket")) { s3Service.setS3ClientOptions(new S3ClientOptions() .withPathStyleAccess(Boolean.parseBoolean(config.getAttribute("disableDNSBucket"))) .disableChunkedEncoding()); System.out.println( "disableDNSBucket=" + Boolean.parseBoolean(config.getAttribute("disableDNSBucket"))); } if (!s3Service.doesBucketExist(this.name)) { s3Service.createBucket(this.name); SDFSLogger.getLog().info("created new store " + name); ObjectMetadata md = new ObjectMetadata(); md.addUserMetadata("currentsize", "0"); md.addUserMetadata("currentcompressedsize", "0"); md.addUserMetadata("clustered", "true"); md.addUserMetadata("lastupdate", Long.toString(System.currentTimeMillis())); md.addUserMetadata("hostname", InetAddress.getLocalHost().getHostName()); md.addUserMetadata("port", Integer.toString(Main.sdfsCliPort)); this.clustered = true; byte[] sz = Long.toString(System.currentTimeMillis()).getBytes(); if (md5sum) { String mds = BaseEncoding.base64().encode(ServiceUtils.computeMD5Hash(sz)); md.setContentMD5(mds); } md.setContentLength(sz.length); this.binm = "bucketinfo/" + EncyptUtils.encHashArchiveName(Main.DSEID, Main.chunkStoreEncryptionEnabled); s3Service.putObject(this.name, binm, new ByteArrayInputStream(sz), md); } else { Map<String, String> obj = null; ObjectMetadata omd = null; try { omd = s3Service.getObjectMetadata(this.name, binm); obj = omd.getUserMetadata(); obj.get("currentsize"); } catch (Exception e) { omd = null; SDFSLogger.getLog().debug("unable to find bucketinfo object", e); } if (omd == null) { try { this.binm = "bucketinfo/" + EncyptUtils.encHashArchiveName(Main.DSEID, Main.chunkStoreEncryptionEnabled); omd = s3Service.getObjectMetadata(this.name, binm); obj = omd.getUserMetadata(); obj.get("currentsize"); } catch (Exception e) { omd = null; SDFSLogger.getLog().debug("unable to find bucketinfo object", e); } } if (omd == null) { ObjectMetadata md = new ObjectMetadata(); md.addUserMetadata("currentsize", "0"); md.addUserMetadata("currentcompressedsize", "0"); md.addUserMetadata("clustered", "true"); md.addUserMetadata("lastupdate", Long.toString(System.currentTimeMillis())); md.addUserMetadata("hostname", InetAddress.getLocalHost().getHostName()); md.addUserMetadata("port", Integer.toString(Main.sdfsCliPort)); this.clustered = true; this.binm = "bucketinfo/" + EncyptUtils.encHashArchiveName(Main.DSEID, Main.chunkStoreEncryptionEnabled); byte[] sz = Long.toString(System.currentTimeMillis()).getBytes(); if (md5sum) { String mds = BaseEncoding.base64().encode(ServiceUtils.computeMD5Hash(sz)); md.setContentMD5(mds); } md.setContentLength(sz.length); s3Service.putObject(this.name, binm, new ByteArrayInputStream(sz), md); } else { if (obj.containsKey("currentsize")) { long cl = Long.parseLong((String) obj.get("currentsize")); if (cl >= 0) { HashBlobArchive.currentLength.set(cl); } else SDFSLogger.getLog().warn("The S3 objectstore DSE did not close correctly len=" + cl); } else { SDFSLogger.getLog().warn( "The S3 objectstore DSE did not close correctly. Metadata tag currentsize was not added"); } if (obj.containsKey("currentcompressedsize")) { long cl = Long.parseLong((String) obj.get("currentcompressedsize")); if (cl >= 0) { HashBlobArchive.compressedLength.set(cl); } else SDFSLogger.getLog().warn("The S3 objectstore DSE did not close correctly clen=" + cl); } else { SDFSLogger.getLog().warn( "The S3 objectstore DSE did not close correctly. Metadata tag currentsize was not added"); } if (obj.containsKey("clustered")) { this.clustered = Boolean.parseBoolean(obj.get("clustered")); } else this.clustered = false; obj.put("clustered", Boolean.toString(this.clustered)); omd.setUserMetadata(obj); try { updateObject(binm, omd); } catch (Exception e) { SDFSLogger.getLog().warn("unable to update bucket info in init", e); SDFSLogger.getLog().info("created new store " + name); ObjectMetadata md = new ObjectMetadata(); md.addUserMetadata("currentsize", "0"); md.addUserMetadata("lastupdate", Long.toString(System.currentTimeMillis())); md.addUserMetadata("currentcompressedsize", "0"); md.addUserMetadata("clustered", Boolean.toString(this.clustered)); md.addUserMetadata("hostname", InetAddress.getLocalHost().getHostName()); md.addUserMetadata("port", Integer.toString(Main.sdfsCliPort)); byte[] sz = Long.toString(System.currentTimeMillis()).getBytes(); if (md5sum) { String mds = BaseEncoding.base64().encode(ServiceUtils.computeMD5Hash(sz)); md.setContentMD5(mds); } md.setContentLength(sz.length); s3Service.putObject(this.name, binm, new ByteArrayInputStream(sz), md); } } } ArrayList<Transition> trs = new ArrayList<Transition>(); if (this.glacierDays > 0 && s3Target == null) { Transition transToArchive = new Transition().withDays(this.glacierDays) .withStorageClass(StorageClass.Glacier); trs.add(transToArchive); } if (this.infrequentAccess > 0 && s3Target == null) { Transition transToArchive = new Transition().withDays(this.infrequentAccess) .withStorageClass(StorageClass.StandardInfrequentAccess); trs.add(transToArchive); } if (trs.size() > 0) { BucketLifecycleConfiguration.Rule ruleArchiveAndExpire = new BucketLifecycleConfiguration.Rule() .withId("SDFS Automated Archive Rule for Block Data").withPrefix("blocks/") .withTransitions(trs).withStatus(BucketLifecycleConfiguration.ENABLED.toString()); List<BucketLifecycleConfiguration.Rule> rules = new ArrayList<BucketLifecycleConfiguration.Rule>(); rules.add(ruleArchiveAndExpire); BucketLifecycleConfiguration configuration = new BucketLifecycleConfiguration().withRules(rules); // Save configuration. s3Service.setBucketLifecycleConfiguration(this.name, configuration); } else if (s3Target == null) { s3Service.deleteBucketLifecycleConfiguration(this.name); } HashBlobArchive.init(this); HashBlobArchive.setReadSpeed(rsp); HashBlobArchive.setWriteSpeed(wsp); Thread th = new Thread(this); th.start(); } catch (Exception e) { SDFSLogger.getLog().error("unable to start service", e); throw new IOException(e); } }