if (p == null) { p = new TLSClientParameters(); c.setTlsClientParameters(p);
public void apply(HTTPConduit conduit) { if (tlsClientParameters != null) { conduit.setTlsClientParameters(tlsClientParameters); } if (clientPolicy != null) { conduit.setClient(clientPolicy); } if (authSupplier != null) { conduit.setAuthSupplier(authSupplier); } if (proxyAuthorizationPolicy != null) { conduit.setProxyAuthorization(proxyAuthorizationPolicy); } if (authorizationPolicy != null) { conduit.setAuthorization(authorizationPolicy); } } }
HTTPConduit conduit = (HTTPConduit) ClientProxy.getClient(authWs).getConduit(); conduit.setTlsClientParameters(params);
// BEGIN FIX to avoid certificate error, need to set this up in the code for cxf String storePath = System.getProperty("javax.net.ssl.keyStore"); String storePassword = System.getProperty("javax.net.ssl.keyStorePassword"); String storeType = System.getProperty("javax.net.ssl.keyStoreType"); KeyStore keyStore = KeyStore.getInstance(storeType); keyStore.load(new FileInputStream(storePath), storePassword.toCharArray()); KeyManagerFactory factory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); factory.init(keyStore, storePassword.toCharArray()); KeyManager[] keyManagers = factory.getKeyManagers(); Client client = ClientProxy.getClient(port); HTTPConduit conduit = (HTTPConduit) client.getConduit(); conduit.setTlsClientParameters(new TLSClientParameters()); conduit.getTlsClientParameters().setKeyManagers(keyManagers);
private static void configureConduitFromEndpointInfo(HTTPConduit conduit, EndpointInfo endpointInfo) { if (conduit.getClient() == null) { conduit.setClient(endpointInfo.getTraversedExtensor( new HTTPClientPolicy(), HTTPClientPolicy.class)); } if (conduit.getAuthorization() == null) { conduit.setAuthorization(endpointInfo.getTraversedExtensor( new AuthorizationPolicy(), AuthorizationPolicy.class)); } if (conduit.getProxyAuthorization() == null) { conduit.setProxyAuthorization(endpointInfo.getTraversedExtensor( new ProxyAuthorizationPolicy(), ProxyAuthorizationPolicy.class)); } if (conduit.getTlsClientParameters() == null) { conduit.setTlsClientParameters(endpointInfo.getTraversedExtensor( null, TLSClientParameters.class)); } if (conduit.getTrustDecider() == null) { conduit.setTrustDecider(endpointInfo.getTraversedExtensor(null, MessageTrustDecider.class)); } if (conduit.getAuthSupplier() == null) { conduit.setAuthSupplier(endpointInfo.getTraversedExtensor(null, HttpAuthSupplier.class)); } }
protected void setupHttpConduit(HTTPConduit httpConduit) { TLSClientParameters tlsClientParameters = tryToGetTLSClientParametersFromConduit(httpConduit); tlsClientParameters.setHostnameVerifier(hostnameVerifier); httpConduit.setTlsClientParameters(tlsClientParameters); } }
// Set custom SSLContext. HTTPConduit conduit = (HTTPConduit) ClientProxy.getClient(port).getConduit(); TLSClientParameters tlsClientParameters = new TLSClientParameters(); tlsClientParameters.setSSLSocketFactory(customSSLContext.getSocketFactory()); conduit.setTlsClientParameters(tlsClientParameters);
private WebClient configureTLS(WebClient client) throws Exception { if (client.getBaseURI().getScheme().startsWith(HTTPS_SCHEME) && !(trustStorePath == null || trustStorePassword ==null)) { HTTPConduit conduit = (HTTPConduit)WebClient.getConfig(client).getConduit(); TLSClientParameters tlsParameters = new TLSClientParameters(); KeyStore trustStore = KeyStore.getInstance("JKS"); trustStore.load(new FileInputStream(trustStorePath), trustStorePassword.toCharArray()); TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); trustFactory.init(trustStore); tlsParameters.setTrustManagers(trustFactory.getTrustManagers()); // allow a hostname mismatch tlsParameters.setDisableCNCheck(true); conduit.setTlsClientParameters(tlsParameters); } return client; }
private void configureTLSClient(HTTPConduit conduit) { TLSClientParameters parameters = conduit.getTlsClientParameters(); if (parameters == null) //don't do anything when user already provided a configuration { parameters = new TLSClientParameters(); parameters.setUseHttpsURLConnectionDefaultSslSocketFactory(true); if (Boolean.TRUE.equals((Boolean)configuration.get(Constants.CXF_TLS_CLIENT_DISABLE_CN_CHECK))) { parameters.setDisableCNCheck(true); } conduit.setTlsClientParameters(parameters); } }
protected void setupHttpConduit(HTTPConduit httpConduit) { TLSClientParameters tlsClientParameters = tryToGetTLSClientParametersFromConduit(httpConduit); tlsClientParameters.setSSLSocketFactory(tryToGetSSLSocketFactory()); httpConduit.setTlsClientParameters(tlsClientParameters); }
URL url = null; try { url = new URL(endpoint + "/wsdl"); } catch (MalformedURLException e) { LOG.error(e.getMessage()); } javax.xml.ws.Service s = MyService.create(url, new QName(MyService.NAMESPACE, MyService.SERVICE)); ServiceSoap port = s.getPort(ServiceSoap.class); Map<String, Object> reqCtx = ((BindingProvider)port).getRequestContext(); reqCtx.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, endpoint); reqCtx.put(BindingProvider.SOAPACTION_USE_PROPERTY, Boolean.TRUE); reqCtx.put(BindingProvider.SOAPACTION_URI_PROPERTY, actionName); Client client = ClientProxy.getClient(port); HTTPConduit http = (HTTPConduit) client.getConduit(); HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); httpClientPolicy.setConnection(ConnectionType.CLOSE); http.setClient(httpClientPolicy); TLSClientParameters tls = new TLSClientParameters(); tls.setSSLSocketFactory(sslFactory); tls.setDisableCNCheck(true); http.setTlsClientParameters(tls);
... HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy(); httpClientPolicy.setAllowChunking(false); httpClientPolicy.setAutoRedirect(true); httpClientPolicy.setConnection(ConnectionType.KEEP_ALIVE); String proxyUrl = "http://proxy.com"; String proxyPortString = "8080"; HTTPConduit http = (HTTPConduit)client.getConduit(); SSLContext sslContext = SSLContext.getInstance("TLSv1"); sslContext.init(null, null, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); TLSClientParameters tlsClientParameters = new TLSClientParameters(); tlsClientParameters.setUseHttpsURLConnectionDefaultSslSocketFactory(true); http.setTlsClientParameters(tlsClientParameters); http.setClient(httpClientPolicy);
public static void disableHostNameChecks(WebClient webClient) { HTTPConduit conduit = WebClient.getConfig(webClient) .getHttpConduit(); TLSClientParameters params = conduit.getTlsClientParameters(); if (params == null) { params = new TLSClientParameters(); conduit.setTlsClientParameters(params); } LOG.debug("Disabling host name checks"); params.setHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String s, SSLSession sslSession) { return true; } }); }
public void apply(HTTPConduit conduit) { if (tlsClientParameters != null) { conduit.setTlsClientParameters(tlsClientParameters); } if (clientPolicy != null) { conduit.setClient(clientPolicy); } if (authSupplier != null) { conduit.setAuthSupplier(authSupplier); } if (proxyAuthorizationPolicy != null) { conduit.setProxyAuthorization(proxyAuthorizationPolicy); } if (authorizationPolicy != null) { conduit.setAuthorization(authorizationPolicy); } } }
public static void trustAllForHttpConduit(HTTPConduit conduit) { TLSClientParameters tlsClientParams = conduit.getTlsClientParameters(); if (tlsClientParams == null) { tlsClientParams = new TLSClientParameters(); conduit.setTlsClientParameters(tlsClientParams); } tlsClientParams.setTrustManagers(new TrustManager[] { new FakeX509TrustManager() }); tlsClientParams.setDisableCNCheck(true); } }
public static void trustAllForHttpConduit(HTTPConduit conduit) { TLSClientParameters tlsClientParams = conduit.getTlsClientParameters(); if (tlsClientParams == null) { tlsClientParams = new TLSClientParameters(); conduit.setTlsClientParameters(tlsClientParams); } tlsClientParams.setTrustManagers(new TrustManager[] { new FakeX509TrustManager() }); tlsClientParams.setDisableCNCheck(true); } }
WebClient webClient = WebClient.create(this.serviceURL, this.username, this.password, null); // Spring config file - we don't use this if (trustAllCerts) { HTTPConduit conduit = WebClient.getConfig(webClient) .getHttpConduit(); TLSClientParameters params = conduit.getTlsClientParameters(); if (params == null) { params = new TLSClientParameters(); conduit.setTlsClientParameters(params); } params.setTrustManagers(new TrustManager[] { new DumbX509TrustManager() }); params.setDisableCNCheck(true); }
public static void disableSslChecks(WebClient webClient) { HTTPConduit conduit = WebClient.getConfig(webClient) .getHttpConduit(); TLSClientParameters params = conduit.getTlsClientParameters(); if (params == null) { params = new TLSClientParameters(); conduit.setTlsClientParameters(params); } params.setTrustManagers(new TrustManager[]{new TrustEverythingSSLTrustManager()}); params.setDisableCNCheck(true); }
private WebClient clientFor() { final WebClient webClient = WebClient.create(this.hostUrl); if (acceptAllCertificates) { final HTTPConduit conduit = WebClient.getConfig(webClient).getHttpConduit(); TLSClientParameters params = conduit.getTlsClientParameters(); if (params == null) { params = new TLSClientParameters(); conduit.setTlsClientParameters(params); } params.setTrustManagers(new TrustManager[]{new DumbX509TrustManager()}); params.setDisableCNCheck(true); } return webClient; }
/** * Sets a mock client authentication to the given client. * * @param client * the new mock client authentication */ public static void setMockClientAuthentication(Object client) { final ClientConfiguration config = WebClient.getConfig(client); // trust all certs... final HTTPConduit conduit = config.getHttpConduit(); TLSClientParameters params = conduit.getTlsClientParameters(); if (params == null) { params = new TLSClientParameters(); params.setTrustManagers(new TrustManager[] { new MockX509TrustManager() }); params.setDisableCNCheck(true); conduit.setTlsClientParameters(params); } }