Examples with HostnameVerifierVerifyAll com.helger.commons.ws.HostnameVerifierVerifyAll used on opensource projects

Search in sources :

Example 1 with HostnameVerifierVerifyAll

use of com.helger.commons.ws.HostnameVerifierVerifyAll in project phoss-directory by phax.

the class IndexerResourceTest method setUp.

@Before
public void setUp() throws GeneralSecurityException, IOException {
    // Set test BC provider first!
    PDMetaManager.setBusinessCardProvider(IndexerResourceTest::_createMockBC);
    PDMetaManager.getInstance();
    final File aTestClientCertificateKeyStore = new File("src/test/resources/smp.pilot.jks");
    if (aTestClientCertificateKeyStore.exists()) {
        // https
        m_aServer = MockServer.startSecureServer();
        final KeyStore aKeyStore = KeyStoreHelper.loadKeyStoreDirect(EKeyStoreType.JKS, aTestClientCertificateKeyStore.getAbsolutePath(), "peppol");
        // Try to create the socket factory from the provided key store
        final KeyManagerFactory aKeyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        aKeyManagerFactory.init(aKeyStore, "peppol".toCharArray());
        final SSLContext aSSLContext = SSLContext.getInstance("TLS");
        aSSLContext.init(aKeyManagerFactory.getKeyManagers(), new TrustManager[] { new TrustManagerTrustAll(false) }, null);
        final Client aClient = ClientBuilder.newBuilder().sslContext(aSSLContext).hostnameVerifier(new HostnameVerifierVerifyAll(false)).build();
        m_aTarget = aClient.target(MockServer.BASE_URI_HTTPS);
    } else {
        // http only
        LOGGER.warn("The SMP pilot keystore is missing for the tests! Client certificate handling will not be tested!");
        ClientCertificateValidator.allowAllForTests(true);
        m_aServer = MockServer.startRegularServer();
        final Client aClient = ClientBuilder.newClient();
        m_aTarget = aClient.target(MockServer.BASE_URI_HTTP);
    }
}
Also used : HostnameVerifierVerifyAll(com.helger.commons.ws.HostnameVerifierVerifyAll) SSLContext(javax.net.ssl.SSLContext) Client(javax.ws.rs.client.Client) File(java.io.File) KeyStore(java.security.KeyStore) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) Before(org.junit.Before)

Example 2 with HostnameVerifierVerifyAll

use of com.helger.commons.ws.HostnameVerifierVerifyAll in project phoss-directory by phax.

the class LocalHost8080FuncTest method setUp.

@Before
public void setUp() throws GeneralSecurityException, IOException {
    // Set test BC provider first!
    PDMetaManager.setBusinessCardProvider(LocalHost8080FuncTest::_createMockBC);
    PDMetaManager.getInstance();
    final File aTestClientCertificateKeyStore = new File("src/test/resources/smp.pilot.jks");
    if (aTestClientCertificateKeyStore.exists()) {
        // https
        final KeyStore aKeyStore = KeyStoreHelper.loadKeyStoreDirect(EKeyStoreType.JKS, aTestClientCertificateKeyStore.getAbsolutePath(), "peppol");
        // Try to create the socket factory from the provided key store
        final KeyManagerFactory aKeyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        aKeyManagerFactory.init(aKeyStore, "peppol".toCharArray());
        final SSLContext aSSLContext = SSLContext.getInstance("TLS");
        aSSLContext.init(aKeyManagerFactory.getKeyManagers(), new TrustManager[] { new TrustManagerTrustAll(false) }, null);
        final Client aClient = ClientBuilder.newBuilder().sslContext(aSSLContext).hostnameVerifier(new HostnameVerifierVerifyAll(false)).build();
        m_aTarget = aClient.target("https://localhost:8080");
    } else {
        // http only
        LOGGER.warn("The SMP pilot keystore is missing for the tests! Client certificate handling will not be tested!");
        ClientCertificateValidator.allowAllForTests(true);
        final Client aClient = ClientBuilder.newClient();
        m_aTarget = aClient.target("http://localhost:8080");
    }
}
Also used : HostnameVerifierVerifyAll(com.helger.commons.ws.HostnameVerifierVerifyAll) SSLContext(javax.net.ssl.SSLContext) Client(javax.ws.rs.client.Client) File(java.io.File) KeyStore(java.security.KeyStore) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) Before(org.junit.Before)

Example 3 with HostnameVerifierVerifyAll

use of com.helger.commons.ws.HostnameVerifierVerifyAll in project peppol-commons by phax.

the class SSLConnectFuncTest method testConnect.

@Test
public void testConnect() throws Exception {
    // Load the client certificate
    final KeyStore aKeyStore = KeyStoreHelper.loadKeyStoreDirect(KEYSTORE_TYPE, KEYSTORE_PATH, KEYSTORE_PASSWORD);
    final KeyManagerFactory aKMF = KeyManagerFactory.getInstance("SunX509");
    aKMF.init(aKeyStore, KEYSTORE_PASSWORD.toCharArray());
    // Trust all
    final TrustManager[] aTrustMgrs = new TrustManager[] { new TrustManagerTrustAll(false) };
    // SSL context
    final SSLContext aSSLContext = SSLContext.getInstance("TLS");
    aSSLContext.init(aKMF.getKeyManagers(), aTrustMgrs, null);
    // Configure and open connection
    final HttpsURLConnection aURLConn = (HttpsURLConnection) new URL(SML_INFO.getManagementServiceURL()).openConnection();
    aURLConn.setSSLSocketFactory(aSSLContext.getSocketFactory());
    aURLConn.setHostnameVerifier(new HostnameVerifierVerifyAll(true));
    aURLConn.setRequestMethod("GET");
    // Debug status on URL connection
    if (true) {
        LOGGER.info("Status code:  " + aURLConn.getResponseCode());
        LOGGER.info("Cipher suite: " + aURLConn.getCipherSuite());
        LOGGER.info("Encoding:     " + aURLConn.getContentEncoding());
        if (true) {
            int i = 0;
            for (final Certificate aCert : aURLConn.getServerCertificates()) {
                LOGGER.info(" Cert " + (++i) + ":");
                LOGGER.info("  Cert type:  " + aCert.getType());
                LOGGER.info("  Hash code:  " + aCert.hashCode());
                LOGGER.info("  Algorithm:  " + aCert.getPublicKey().getAlgorithm());
                LOGGER.info("  Format:     " + aCert.getPublicKey().getFormat());
                if (aCert instanceof X509Certificate) {
                    final X509Certificate aX509 = (X509Certificate) aCert;
                    LOGGER.info("   Principal: " + aX509.getIssuerX500Principal());
                    LOGGER.info("   Subject:   " + aX509.getSubjectX500Principal());
                }
            }
        }
    }
    try {
        // Show success
        final String sResult = StreamHelper.getAllBytesAsString(aURLConn.getInputStream(), StandardCharsets.UTF_8);
        LOGGER.info("\n" + sResult);
    } catch (final IOException ex) {
        // Show error
        final String sError = StreamHelper.getAllBytesAsString(aURLConn.getErrorStream(), StandardCharsets.UTF_8);
        LOGGER.info("\n" + sError);
    }
}
Also used : SSLContext(javax.net.ssl.SSLContext) IOException(java.io.IOException) KeyStore(java.security.KeyStore) URL(java.net.URL) X509Certificate(java.security.cert.X509Certificate) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) TrustManager(javax.net.ssl.TrustManager) HostnameVerifierVerifyAll(com.helger.commons.ws.HostnameVerifierVerifyAll) TrustManagerTrustAll(com.helger.commons.ws.TrustManagerTrustAll) HttpsURLConnection(javax.net.ssl.HttpsURLConnection) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate) Test(org.junit.Test)

Example 4 with HostnameVerifierVerifyAll

use of com.helger.commons.ws.HostnameVerifierVerifyAll in project phoss-smp by phax.

the class RegistrationHookWriteToSML method _createSMLCaller.

@Nonnull
private static ManageParticipantIdentifierServiceCaller _createSMLCaller() {
    // SML endpoint (incl. the service name)
    final ISMLInfo aSMLInfo = SMPMetaManager.getSettings().getSMLInfo();
    if (aSMLInfo == null)
        throw new IllegalStateException("Failed to get SML manage participant endpoint URL");
    final URL aSMLEndpointURL = aSMLInfo.getManageParticipantIdentifierEndpointAddress();
    final String sEndpointURL = aSMLEndpointURL.toExternalForm();
    final String sLowerURL = sEndpointURL.toLowerCase(Locale.US);
    if (LOGGER.isInfoEnabled())
        LOGGER.info("Performing SML query to '" + sEndpointURL + "'");
    // SSL socket factory
    final SSLSocketFactory aSocketFactory;
    if (sLowerURL.startsWith("https://")) {
        // https connection
        if (!SMPKeyManager.isKeyStoreValid())
            throw new InitializationException("Cannot init registration hook to SML, because private key/certificate setup has errors: " + SMPKeyManager.getInitializationError());
        try {
            aSocketFactory = SMPKeyManager.getInstance().createSSLContext().getSocketFactory();
        } catch (final Exception ex) {
            throw new IllegalStateException("Failed to init SSLContext for SML access", ex);
        }
    } else {
        // Local, http only access - no socket factory
        aSocketFactory = null;
    }
    // Hostname verifier
    final HostnameVerifier aHostnameVerifier;
    if (sLowerURL.contains("//localhost") || sLowerURL.contains("//127.0.0.1")) {
        // Accept all hostnames
        aHostnameVerifier = new HostnameVerifierVerifyAll(false);
    } else
        aHostnameVerifier = null;
    // Build WS client
    final ManageParticipantIdentifierServiceCaller ret = new ManageParticipantIdentifierServiceCaller(aSMLEndpointURL);
    ret.setSSLSocketFactory(aSocketFactory);
    ret.setHostnameVerifier(aHostnameVerifier);
    final Integer aConnectionTimeoutMS = SMPServerConfiguration.getSMLConnectionTimeoutMS();
    if (aConnectionTimeoutMS != null)
        ret.setConnectionTimeoutMS(aConnectionTimeoutMS.intValue());
    final int nRequestTimeoutMS = SMPServerConfiguration.getSMLRequestTimeoutMS();
    if (nRequestTimeoutMS >= 0)
        ret.setRequestTimeoutMS(nRequestTimeoutMS);
    return ret;
}
Also used : HostnameVerifierVerifyAll(com.helger.commons.ws.HostnameVerifierVerifyAll) ISMLInfo(com.helger.peppol.sml.ISMLInfo) SSLSocketFactory(javax.net.ssl.SSLSocketFactory) InitializationException(com.helger.commons.exception.InitializationException) URL(java.net.URL) InitializationException(com.helger.commons.exception.InitializationException) ManageParticipantIdentifierServiceCaller(com.helger.peppol.smlclient.ManageParticipantIdentifierServiceCaller) HostnameVerifier(javax.net.ssl.HostnameVerifier) Nonnull(javax.annotation.Nonnull)

Aggregations

HostnameVerifierVerifyAll (com.helger.commons.ws.HostnameVerifierVerifyAll)4 TrustManagerTrustAll (com.helger.commons.ws.TrustManagerTrustAll)3 KeyStore (java.security.KeyStore)3 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)3 SSLContext (javax.net.ssl.SSLContext)3 File (java.io.File)2 URL (java.net.URL)2 Client (javax.ws.rs.client.Client)2 Before (org.junit.Before)2 InitializationException (com.helger.commons.exception.InitializationException)1 ISMLInfo (com.helger.peppol.sml.ISMLInfo)1 ManageParticipantIdentifierServiceCaller (com.helger.peppol.smlclient.ManageParticipantIdentifierServiceCaller)1 IOException (java.io.IOException)1 Certificate (java.security.cert.Certificate)1 X509Certificate (java.security.cert.X509Certificate)1 Nonnull (javax.annotation.Nonnull)1 HostnameVerifier (javax.net.ssl.HostnameVerifier)1 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)1 SSLSocketFactory (javax.net.ssl.SSLSocketFactory)1 TrustManager (javax.net.ssl.TrustManager)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial