protected HttpsURLConnectionInfo getHttpsURLConnectionInfo() throws IOException { connection.connect(); return new HttpsURLConnectionInfo(connection); } protected void updateResponseHeaders(Message inMessage) {
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } }
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getLocalCertificates() == null || info.getLocalCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "RequireClientCertificate is set, " + "but no local certificates were negotiated. Is" + " the server set to ask for client authorization?"); } } };
public void establishTrust( String conduitName, URLConnectionInfo cinfo, Message message ) throws UntrustedURLConnectionIOException { called++; HttpsURLConnectionInfo ci = (HttpsURLConnectionInfo) cinfo; boolean trusted = false; for (int i = 0; i < trustName.length; i++) { trusted = trusted || ci.getPeerPrincipal() .toString().contains("OU=" + trustName[i]); } if (!trusted) { throw new UntrustedURLConnectionIOException( "Peer Principal \"" + ci.getPeerPrincipal() + "\" does not contain " + getTrustNames()); } }
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getLocalCertificates() == null || info.getLocalCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "RequireClientCertificate is set, " + "but no local certificates were negotiated. Is" + " the server set to ask for client authorization?"); } } };
protected HttpsURLConnectionInfo getHttpsURLConnectionInfo() throws IOException { connection.connect(); return new HttpsURLConnectionInfo(connection); } protected void updateResponseHeaders(Message inMessage) {
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } }
protected HttpsURLConnectionInfo getHttpsURLConnectionInfo() throws IOException { connection.connect(); return new HttpsURLConnectionInfo(connection); } protected void updateResponseHeaders(Message inMessage) {
public void establishTrust(String conduitName, URLConnectionInfo connectionInfo, Message message) throws UntrustedURLConnectionIOException { if (orig != null) { orig.establishTrust(conduitName, connectionInfo, message); } HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo; if (info.getServerCertificates() == null || info.getServerCertificates().length == 0) { throw new UntrustedURLConnectionIOException( "No server certificates were found" ); } else { X509Certificate[] certs = (X509Certificate[])info.getServerCertificates(); if (!certConstraints.matches(certs[0])) { throw new UntrustedURLConnectionIOException( "The server certificate(s) do not match the defined cert constraints" ); } } } }
return new HttpsURLConnectionInfo(url, method, cipherSuite, localCerts, principal, serverCerts, peer);
@Override protected HttpsURLConnectionInfo getHttpsURLConnectionInfo() throws IOException { if ("http".equals(outMessage.get("http.scheme"))) { return null; } connect(true); HostnameVerifier verifier = org.apache.cxf.transport.https.SSLUtils .getHostnameVerifier(findTLSClientParameters()); if (!verifier.verify(url.getHost(), session)) { throw new IOException("Could not verify host " + url.getHost()); } String method = (String)outMessage.get(Message.HTTP_REQUEST_METHOD); String cipherSuite = null; Certificate[] localCerts = null; Principal principal = null; Certificate[] serverCerts = null; Principal peer = null; if (session != null) { cipherSuite = session.getCipherSuite(); localCerts = session.getLocalCertificates(); principal = session.getLocalPrincipal(); serverCerts = session.getPeerCertificates(); peer = session.getPeerPrincipal(); } return new HttpsURLConnectionInfo(url, method, cipherSuite, localCerts, principal, serverCerts, peer); }
@Override protected HttpsURLConnectionInfo getHttpsURLConnectionInfo() throws IOException { if ("http".equals(outMessage.get("http.scheme"))) { return null; } connect(true); HostnameVerifier verifier = org.apache.cxf.transport.https.SSLUtils .getHostnameVerifier(findTLSClientParameters()); if (!verifier.verify(url.getHost(), session)) { throw new IOException("Could not verify host " + url.getHost()); } String method = (String)outMessage.get(Message.HTTP_REQUEST_METHOD); String cipherSuite = null; Certificate[] localCerts = null; Principal principal = null; Certificate[] serverCerts = null; Principal peer = null; if (session != null) { cipherSuite = session.getCipherSuite(); localCerts = session.getLocalCertificates(); principal = session.getLocalPrincipal(); serverCerts = session.getPeerCertificates(); peer = session.getPeerPrincipal(); } return new HttpsURLConnectionInfo(url, method, cipherSuite, localCerts, principal, serverCerts, peer); }