Example 1 with ClientSslSocketFactoryException
use of com.netflix.client.ssl.ClientSslSocketFactoryException in project ribbon by Netflix.
the class RestClient method apacheHttpClientSpecificInitialization.
protected Client apacheHttpClientSpecificInitialization() {
httpClient4 = NFHttpClientFactory.getNamedNFHttpClient(restClientName, this.ncc, true);
if (httpClient4 instanceof AbstractHttpClient) {
// DONT use our NFHttpClient's default Retry Handler since we have
// retry handling (same server/next server) in RestClient itself
((AbstractHttpClient) httpClient4).setHttpRequestRetryHandler(new NFHttpMethodRetryHandler(restClientName, 0, false, 0));
} else {
logger.warn("Unexpected error: Unable to disable NFHttpClient " + "retry handler, this most likely will not cause an " + "issue but probably should be looked at");
}
HttpParams httpClientParams = httpClient4.getParams();
// initialize Connection Manager cleanup facility
NFHttpClient nfHttpClient = (NFHttpClient) httpClient4;
// should we enable connection cleanup for idle connections?
try {
enableConnectionPoolCleanerTask = Boolean.parseBoolean(ncc.getProperty(CommonClientConfigKey.ConnectionPoolCleanerTaskEnabled, NFHttpClientConstants.DEFAULT_CONNECTIONIDLE_TIMETASK_ENABLED).toString());
nfHttpClient.getConnPoolCleaner().setEnableConnectionPoolCleanerTask(enableConnectionPoolCleanerTask);
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ConnectionPoolCleanerTaskEnabled, e1);
}
if (enableConnectionPoolCleanerTask) {
try {
connectionCleanerRepeatInterval = Integer.parseInt(String.valueOf(ncc.getProperty(CommonClientConfigKey.ConnectionCleanerRepeatInterval, NFHttpClientConstants.DEFAULT_CONNECTION_IDLE_TIMERTASK_REPEAT_IN_MSECS)));
nfHttpClient.getConnPoolCleaner().setConnectionCleanerRepeatInterval(connectionCleanerRepeatInterval);
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ConnectionCleanerRepeatInterval, e1);
}
try {
int iConnIdleEvictTimeMilliSeconds = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.ConnIdleEvictTimeMilliSeconds, NFHttpClientConstants.DEFAULT_CONNECTIONIDLE_TIME_IN_MSECS));
connIdleEvictTimeMilliSeconds = DynamicPropertyFactory.getInstance().getIntProperty(restClientName + ".nfhttpclient.connIdleEvictTimeMilliSeconds", iConnIdleEvictTimeMilliSeconds);
nfHttpClient.setConnIdleEvictTimeMilliSeconds(connIdleEvictTimeMilliSeconds);
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ConnIdleEvictTimeMilliSeconds, e1);
}
nfHttpClient.initConnectionCleanerTask();
}
try {
maxConnectionsperHost = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.MaxHttpConnectionsPerHost, maxConnectionsperHost));
ClientConnectionManager connMgr = httpClient4.getConnectionManager();
if (connMgr instanceof ThreadSafeClientConnManager) {
((ThreadSafeClientConnManager) connMgr).setDefaultMaxPerRoute(maxConnectionsperHost);
}
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.MaxHttpConnectionsPerHost, e1);
}
try {
maxTotalConnections = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.MaxTotalHttpConnections, maxTotalConnections));
ClientConnectionManager connMgr = httpClient4.getConnectionManager();
if (connMgr instanceof ThreadSafeClientConnManager) {
((ThreadSafeClientConnManager) connMgr).setMaxTotal(maxTotalConnections);
}
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.MaxTotalHttpConnections, e1);
}
try {
connectionTimeout = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.ConnectTimeout, connectionTimeout));
HttpConnectionParams.setConnectionTimeout(httpClientParams, connectionTimeout);
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ConnectTimeout, e1);
}
try {
readTimeout = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.ReadTimeout, readTimeout));
HttpConnectionParams.setSoTimeout(httpClientParams, readTimeout);
} catch (Exception e1) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ReadTimeout, e1);
}
// httpclient 4 seems to only have one buffer size controlling both
// send/receive - so let's take the bigger of the two values and use
// it as buffer size
int bufferSize = Integer.MIN_VALUE;
if (ncc.getProperty(CommonClientConfigKey.ReceiveBufferSize) != null) {
try {
bufferSize = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.ReceiveBufferSize));
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ReceiveBufferSize, e);
}
if (ncc.getProperty(CommonClientConfigKey.SendBufferSize) != null) {
try {
int sendBufferSize = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.SendBufferSize));
if (sendBufferSize > bufferSize) {
bufferSize = sendBufferSize;
}
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.SendBufferSize, e);
}
}
}
if (bufferSize != Integer.MIN_VALUE) {
HttpConnectionParams.setSocketBufferSize(httpClientParams, bufferSize);
}
if (ncc.getProperty(CommonClientConfigKey.StaleCheckingEnabled) != null) {
try {
HttpConnectionParams.setStaleCheckingEnabled(httpClientParams, Boolean.parseBoolean(ncc.getProperty(CommonClientConfigKey.StaleCheckingEnabled, false).toString()));
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.StaleCheckingEnabled, e);
}
}
if (ncc.getProperty(CommonClientConfigKey.Linger) != null) {
try {
HttpConnectionParams.setLinger(httpClientParams, Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.Linger)));
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.Linger, e);
}
}
if (ncc.getProperty(CommonClientConfigKey.ProxyHost) != null) {
try {
proxyHost = (String) ncc.getProperty(CommonClientConfigKey.ProxyHost);
proxyPort = Integer.parseInt("" + ncc.getProperty(CommonClientConfigKey.ProxyPort));
HttpHost proxy = new HttpHost(proxyHost, proxyPort);
httpClient4.getParams().setParameter(ConnRouteParams.DEFAULT_PROXY, proxy);
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value for property:" + CommonClientConfigKey.ProxyHost, e);
}
}
if (isSecure) {
final URL trustStoreUrl = getResourceForOptionalProperty(CommonClientConfigKey.TrustStore);
final URL keyStoreUrl = getResourceForOptionalProperty(CommonClientConfigKey.KeyStore);
final ClientConnectionManager currentManager = httpClient4.getConnectionManager();
AbstractSslContextFactory abstractFactory = null;
if (// if client is not is not required, we only need a keystore OR a truststore to warrant configuring
(isClientAuthRequired && (trustStoreUrl != null && keyStoreUrl != null)) || (!isClientAuthRequired && (trustStoreUrl != null || keyStoreUrl != null))) {
try {
abstractFactory = new URLSslContextFactory(trustStoreUrl, (String) ncc.getProperty(CommonClientConfigKey.TrustStorePassword), keyStoreUrl, (String) ncc.getProperty(CommonClientConfigKey.KeyStorePassword));
} catch (ClientSslSocketFactoryException e) {
throw new IllegalArgumentException("Unable to configure custom secure socket factory", e);
}
}
KeyStoreAwareSocketFactory awareSocketFactory;
try {
awareSocketFactory = isHostnameValidationRequired ? new KeyStoreAwareSocketFactory(abstractFactory) : new KeyStoreAwareSocketFactory(abstractFactory, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
currentManager.getSchemeRegistry().register(new Scheme("https", 443, awareSocketFactory));
} catch (Exception e) {
throw new IllegalArgumentException("Unable to configure custom secure socket factory", e);
}
}
// See http://hc.apache.org/httpcomponents-client-ga/tutorial/html/advanced.html
if (ignoreUserToken) {
((DefaultHttpClient) httpClient4).setUserTokenHandler(new UserTokenHandler() {
@Override
public Object getUserToken(HttpContext context) {
return null;
}
});
}
// custom SSL Factory handler
String customSSLFactoryClassName = (String) ncc.getProperty(CommonClientConfigKey.CustomSSLSocketFactoryClassName);
if (customSSLFactoryClassName != null) {
try {
SSLSocketFactory customSocketFactory = (SSLSocketFactory) ClientFactory.instantiateInstanceWithClientConfig(customSSLFactoryClassName, ncc);
httpClient4.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, customSocketFactory));
} catch (Exception e) {
throw new IllegalArgumentException("Invalid value associated with property:" + CommonClientConfigKey.CustomSSLSocketFactoryClassName, e);
}
}
ApacheHttpClient4Handler handler = new ApacheHttpClient4Handler(httpClient4, new BasicCookieStore(), false);
return new ApacheHttpClient4(handler, config);
}
Also used :
ApacheHttpClient4Handler(com.sun.jersey.client.apache4.ApacheHttpClient4Handler)
Scheme(org.apache.http.conn.scheme.Scheme)
AbstractSslContextFactory(com.netflix.client.ssl.AbstractSslContextFactory)
NFHttpClient(com.netflix.http4.NFHttpClient)
URL(java.net.URL)
DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient)
HttpHost(org.apache.http.HttpHost)
KeyStoreAwareSocketFactory(com.netflix.http4.ssl.KeyStoreAwareSocketFactory)
SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)
ApacheHttpClient4(com.sun.jersey.client.apache4.ApacheHttpClient4)
UserTokenHandler(org.apache.http.client.UserTokenHandler)
NFHttpMethodRetryHandler(com.netflix.http4.NFHttpMethodRetryHandler)
ClientSslSocketFactoryException(com.netflix.client.ssl.ClientSslSocketFactoryException)
HttpContext(org.apache.http.protocol.HttpContext)
URLSslContextFactory(com.netflix.client.ssl.URLSslContextFactory)
ClientConnectionManager(org.apache.http.conn.ClientConnectionManager)
URISyntaxException(java.net.URISyntaxException)
ClientException(com.netflix.client.ClientException)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
ClientSslSocketFactoryException(com.netflix.client.ssl.ClientSslSocketFactoryException)
AbstractHttpClient(org.apache.http.impl.client.AbstractHttpClient)
HttpParams(org.apache.http.params.HttpParams)
BasicCookieStore(org.apache.http.impl.client.BasicCookieStore)
ThreadSafeClientConnManager(org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager)
Example 2 with ClientSslSocketFactoryException
use of com.netflix.client.ssl.ClientSslSocketFactoryException in project ribbon by Netflix.
the class LoadBalancingHttpClient method createRxClient.
@Override
protected HttpClient<I, O> createRxClient(Server server) {
HttpClientBuilder<I, O> clientBuilder;
if (requestIdProvider != null) {
clientBuilder = RxContexts.<I, O>newHttpClientBuilder(server.getHost(), server.getPort(), requestIdProvider, RxContexts.DEFAULT_CORRELATOR, pipelineConfigurator);
} else {
clientBuilder = RxContexts.<I, O>newHttpClientBuilder(server.getHost(), server.getPort(), RxContexts.DEFAULT_CORRELATOR, pipelineConfigurator);
}
Integer connectTimeout = getProperty(IClientConfigKey.Keys.ConnectTimeout, null, DefaultClientConfigImpl.DEFAULT_CONNECT_TIMEOUT);
Integer readTimeout = getProperty(IClientConfigKey.Keys.ReadTimeout, null, DefaultClientConfigImpl.DEFAULT_READ_TIMEOUT);
Boolean followRedirect = getProperty(IClientConfigKey.Keys.FollowRedirects, null, null);
HttpClientConfig.Builder builder = new HttpClientConfig.Builder().readTimeout(readTimeout, TimeUnit.MILLISECONDS);
if (followRedirect != null) {
builder.setFollowRedirect(followRedirect);
}
clientBuilder.channelOption(ChannelOption.CONNECT_TIMEOUT_MILLIS, connectTimeout).config(builder.build());
if (isPoolEnabled()) {
clientBuilder.withConnectionPoolLimitStrategy(poolStrategy).withIdleConnectionsTimeoutMillis(idleConnectionEvictionMills).withPoolIdleCleanupScheduler(poolCleanerScheduler);
} else {
clientBuilder.withNoConnectionPooling();
}
if (sslContextFactory != null) {
try {
SSLEngineFactory myFactory = new DefaultFactories.SSLContextBasedFactory(sslContextFactory.getSSLContext()) {
@Override
public SSLEngine createSSLEngine(ByteBufAllocator allocator) {
SSLEngine myEngine = super.createSSLEngine(allocator);
myEngine.setUseClientMode(true);
return myEngine;
}
};
clientBuilder.withSslEngineFactory(myFactory);
} catch (ClientSslSocketFactoryException e) {
throw new RuntimeException(e);
}
}
return clientBuilder.build();
}
Also used :
ByteBufAllocator(io.netty.buffer.ByteBufAllocator)
ClientSslSocketFactoryException(com.netflix.client.ssl.ClientSslSocketFactoryException)
SSLEngine(javax.net.ssl.SSLEngine)
URI(java.net.URI)
SSLEngineFactory(io.reactivex.netty.pipeline.ssl.SSLEngineFactory)
AtomicInteger(java.util.concurrent.atomic.AtomicInteger)
Aggregations
ClientSslSocketFactoryException (com.netflix.client.ssl.ClientSslSocketFactoryException)2
ClientException (com.netflix.client.ClientException)1
AbstractSslContextFactory (com.netflix.client.ssl.AbstractSslContextFactory)1
URLSslContextFactory (com.netflix.client.ssl.URLSslContextFactory)1
NFHttpClient (com.netflix.http4.NFHttpClient)1
NFHttpMethodRetryHandler (com.netflix.http4.NFHttpMethodRetryHandler)1
KeyStoreAwareSocketFactory (com.netflix.http4.ssl.KeyStoreAwareSocketFactory)1
ApacheHttpClient4 (com.sun.jersey.client.apache4.ApacheHttpClient4)1
ApacheHttpClient4Handler (com.sun.jersey.client.apache4.ApacheHttpClient4Handler)1
ByteBufAllocator (io.netty.buffer.ByteBufAllocator)1
SSLEngineFactory (io.reactivex.netty.pipeline.ssl.SSLEngineFactory)1
SocketException (java.net.SocketException)1
SocketTimeoutException (java.net.SocketTimeoutException)1
URI (java.net.URI)1
URISyntaxException (java.net.URISyntaxException)1
URL (java.net.URL)1
AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1
SSLEngine (javax.net.ssl.SSLEngine)1
HttpHost (org.apache.http.HttpHost)1
UserTokenHandler (org.apache.http.client.UserTokenHandler)1
