Search in sources :

Example 1 with AcceptAllHostnameVerifier

use of com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier in project platformlayer by platformlayer.

the class PlatformLayerAuthAdminClient method build.

public static AuthenticationTokenValidator build(HttpStrategy httpStrategy, Configuration configuration, EncryptionStore encryptionStore) throws OpsException {
    String keystoneServiceUrl = configuration.lookup("auth.system.url", "https://127.0.0.1:" + WellKnownPorts.PORT_PLATFORMLAYER_AUTH_ADMIN + "/");
    String cert = configuration.get("auth.system.tls.clientcert");
    CertificateAndKey certificateAndKey = encryptionStore.getCertificateAndKey(cert);
    HostnameVerifier hostnameVerifier = null;
    KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
    TrustManager trustManager = null;
    String trustKeys = configuration.lookup("auth.system.ssl.keys", null);
    if (trustKeys != null) {
        trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));
        hostnameVerifier = new AcceptAllHostnameVerifier();
    }
    if (log.isDebugEnabled() && certificateAndKey != null) {
        X509Certificate[] chain = certificateAndKey.getCertificateChain();
        log.debug("Using client cert for PL auth: " + Joiner.on(",").join(chain));
    }
    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneServiceUrl, sslConfiguration);
    AuthenticationTokenValidator tokenValidator = new PlatformLayerAuthAdminClient(restfulClient);
    tokenValidator = new CachingAuthenticationTokenValidator(tokenValidator);
    return tokenValidator;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AuthenticationTokenValidator(org.platformlayer.auth.AuthenticationTokenValidator) RestfulClient(org.platformlayer.rest.RestfulClient) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) X509Certificate(java.security.cert.X509Certificate) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) SslConfiguration(org.platformlayer.http.SslConfiguration) CertificateAndKey(com.fathomdb.crypto.CertificateAndKey) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 2 with AcceptAllHostnameVerifier

use of com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier in project platformlayer by platformlayer.

the class PlatformLayerAuthenticationClientProvider method get.

@Override
public PlatformLayerAuthenticationClient get() {
    String keystoneUserUrl = configuration.lookup("auth.user.url", "https://127.0.0.1:" + PORT_PLATFORMLAYER_AUTH_USER + "/v2.0/");
    HostnameVerifier hostnameVerifier = null;
    KeyManager keyManager = null;
    TrustManager trustManager = null;
    String trustKeys = configuration.lookup("auth.user.ssl.keys", null);
    if (trustKeys != null) {
        trustManager = new PublicKeyTrustManager(Splitter.on(',').trimResults().split(trustKeys));
        hostnameVerifier = new AcceptAllHostnameVerifier();
    }
    SslConfiguration sslConfiguration = new SslConfiguration(keyManager, trustManager, hostnameVerifier);
    RestfulClient restfulClient = new JreRestfulClient(httpStrategy, keystoneUserUrl, sslConfiguration);
    PlatformLayerAuthenticationClient authClient = new PlatformLayerAuthenticationClient(restfulClient);
    return authClient;
}
Also used : PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) SslConfiguration(org.platformlayer.http.SslConfiguration) JreRestfulClient(org.platformlayer.rest.JreRestfulClient) RestfulClient(org.platformlayer.rest.RestfulClient) KeyManager(javax.net.ssl.KeyManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) HostnameVerifier(javax.net.ssl.HostnameVerifier) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) AcceptAllHostnameVerifier(com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier) JreRestfulClient(org.platformlayer.rest.JreRestfulClient)

Aggregations

AcceptAllHostnameVerifier (com.fathomdb.crypto.ssl.AcceptAllHostnameVerifier)2 PublicKeyTrustManager (com.fathomdb.crypto.ssl.PublicKeyTrustManager)2 HostnameVerifier (javax.net.ssl.HostnameVerifier)2 KeyManager (javax.net.ssl.KeyManager)2 TrustManager (javax.net.ssl.TrustManager)2 SslConfiguration (org.platformlayer.http.SslConfiguration)2 JreRestfulClient (org.platformlayer.rest.JreRestfulClient)2 RestfulClient (org.platformlayer.rest.RestfulClient)2 CertificateAndKey (com.fathomdb.crypto.CertificateAndKey)1 SimpleClientCertificateKeyManager (com.fathomdb.crypto.SimpleClientCertificateKeyManager)1 X509Certificate (java.security.cert.X509Certificate)1 AuthenticationTokenValidator (org.platformlayer.auth.AuthenticationTokenValidator)1