Example 31 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project wildfly by wildfly.
the class HTTPSWebConnectorTestCase method testNonVerifyingConnector.
/**
* @test.tsfi tsfi.keystore.file
* @test.tsfi tsfi.truststore.file
* @test.objective Testing default HTTPs connector with verify-client attribute set to "false". The CLIENT-CERT
* authentication (BaseCertLoginModule) is configured for this test. Trusted client is allowed to access
* both secured/unsecured resource. Untrusted client can only access unprotected resources.
* @test.expectedResult Trusted client has access to protected and unprotected resources. Untrusted client has only access
* to unprotected resources.
* @throws Exception
*/
@Test
@InSequence(1)
public void testNonVerifyingConnector() throws Exception {
Assume.assumeFalse(SystemUtils.IS_JAVA_1_6 && SystemUtils.JAVA_VENDOR.toUpperCase(Locale.ENGLISH).contains("IBM"));
final URL printPrincipalUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, PrincipalPrintingServlet.SERVLET_PATH);
final URL securedUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, SECURED_SERVLET_WITH_SESSION);
final URL unsecuredUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, SimpleServlet.SERVLET_PATH);
final HttpClient httpClient = getHttpClient(CLIENT_KEYSTORE_FILE);
final HttpClient httpClientUntrusted = getHttpClient(UNTRUSTED_KEYSTORE_FILE);
try {
makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_FORBIDDEN);
String responseBody = makeCallWithHttpClient(securedUrl, httpClient, HttpServletResponse.SC_OK);
assertEquals("Secured page was not reached", SimpleSecuredServlet.RESPONSE_BODY, responseBody);
String principal = makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_OK);
assertEquals("Unexpected principal", "cn=client", principal.toLowerCase());
responseBody = makeCallWithHttpClient(unsecuredUrl, httpClientUntrusted, HttpServletResponse.SC_OK);
assertEquals("Secured page was not reached", SimpleServlet.RESPONSE_BODY, responseBody);
try {
makeCallWithHttpClient(securedUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
} catch (SSLHandshakeException e) {
// OK
} catch (java.net.SocketException se) {
// OK - on windows usually fails with this one
}
} finally {
httpClient.getConnectionManager().shutdown();
httpClientUntrusted.getConnectionManager().shutdown();
}
}
Also used :
SocketException(java.net.SocketException)
Utils.makeCallWithHttpClient(org.jboss.as.test.integration.security.common.Utils.makeCallWithHttpClient)
HttpClient(org.apache.http.client.HttpClient)
URL(java.net.URL)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Test(org.junit.Test)
InSequence(org.jboss.arquillian.junit.InSequence)
Example 32 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project intellij-community by JetBrains.
the class GithubConnection method doRequest.
@NotNull
private ResponsePage doRequest(@NotNull String uri, @Nullable String requestBody, @NotNull Collection<Header> headers, @NotNull HttpVerb verb) throws IOException {
if (myAborted)
throw new GithubOperationCanceledException();
if (EventQueue.isDispatchThread() && !ApplicationManager.getApplication().isUnitTestMode()) {
// TODO: fix
LOG.warn("Network operation in EDT");
}
CloseableHttpResponse response = null;
try {
response = doREST(uri, requestBody, headers, verb);
if (myAborted)
throw new GithubOperationCanceledException();
checkStatusCode(response, requestBody);
HttpEntity entity = response.getEntity();
if (entity == null) {
return createResponse(response);
}
JsonElement ret = parseResponse(entity.getContent());
if (ret.isJsonNull()) {
return createResponse(response);
}
String nextPage = null;
Header pageHeader = response.getFirstHeader("Link");
if (pageHeader != null) {
for (HeaderElement element : pageHeader.getElements()) {
NameValuePair rel = element.getParameterByName("rel");
if (rel != null && "next".equals(rel.getValue())) {
String urlString = element.toString();
int begin = urlString.indexOf('<');
int end = urlString.lastIndexOf('>');
if (begin == -1 || end == -1) {
LOG.error("Invalid 'Link' header", "{" + pageHeader.toString() + "}");
break;
}
nextPage = urlString.substring(begin + 1, end);
break;
}
}
}
return createResponse(ret, nextPage, response);
} catch (SSLHandshakeException e) {
// User canceled operation from CertificateManager
if (e.getCause() instanceof CertificateException) {
LOG.info("Host SSL certificate is not trusted", e);
throw new GithubOperationCanceledException("Host SSL certificate is not trusted", e);
}
throw e;
} catch (IOException e) {
if (myAborted)
throw new GithubOperationCanceledException("Operation canceled", e);
throw e;
} finally {
myRequest = null;
if (response != null) {
response.close();
}
if (!myReusable) {
myClient.close();
}
}
}
Also used :
JsonElement(com.google.gson.JsonElement)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
NotNull(org.jetbrains.annotations.NotNull)
Example 33 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project geode by apache.
the class LauncherLifecycleCommands method doAutoConnect.
private boolean doAutoConnect(final String locatorHostname, final int locatorPort, final String gemfirePropertiesPathname, final String gemfireSecurityPropertiesPathname, final InfoResultData infoResultData) {
boolean connectSuccess = false;
boolean jmxManagerAuthEnabled = false;
boolean jmxManagerSslEnabled = false;
Map<String, String> configurationProperties = loadConfigurationProperties(gemfireSecurityPropertiesPathname, loadConfigurationProperties(gemfirePropertiesPathname));
Map<String, String> locatorConfigurationProperties = new HashMap<>(configurationProperties);
String responseFailureMessage = null;
for (int attempts = 0; (attempts < 10 && !connectSuccess); attempts++) {
try {
ConnectToLocatorResult connectToLocatorResult = ShellCommands.connectToLocator(locatorHostname, locatorPort, ShellCommands.getConnectLocatorTimeoutInMS() / 4, locatorConfigurationProperties);
ConnectionEndpoint memberEndpoint = connectToLocatorResult.getMemberEndpoint();
jmxManagerSslEnabled = connectToLocatorResult.isJmxManagerSslEnabled();
if (!jmxManagerSslEnabled) {
configurationProperties.clear();
}
getGfsh().setOperationInvoker(new JmxOperationInvoker(memberEndpoint.getHost(), memberEndpoint.getPort(), null, null, configurationProperties, null));
String shellAndLogMessage = CliStrings.format(CliStrings.CONNECT__MSG__SUCCESS, "JMX Manager " + memberEndpoint.toString(false));
infoResultData.addLine("\n");
infoResultData.addLine(shellAndLogMessage);
getGfsh().logToFile(shellAndLogMessage, null);
connectSuccess = true;
responseFailureMessage = null;
} catch (IllegalStateException unexpected) {
if (CauseFinder.indexOfCause(unexpected, ClassCastException.class, false) != -1) {
responseFailureMessage = "The Locator might require SSL Configuration.";
}
} catch (SecurityException ignore) {
getGfsh().logToFile(ignore.getMessage(), ignore);
jmxManagerAuthEnabled = true;
// no need to continue after SecurityException
break;
} catch (AuthenticationFailedException ignore) {
getGfsh().logToFile(ignore.getMessage(), ignore);
jmxManagerAuthEnabled = true;
// no need to continue after AuthenticationFailedException
break;
} catch (SSLException ignore) {
if (ignore instanceof SSLHandshakeException) {
// try to connect again without SSL since the SSL handshake failed implying a plain text
// connection...
locatorConfigurationProperties.clear();
} else {
// another type of SSL error occurred (possibly a configuration issue); pass the buck...
getGfsh().logToFile(ignore.getMessage(), ignore);
responseFailureMessage = "Check your SSL configuration and try again.";
break;
}
} catch (Exception ignore) {
getGfsh().logToFile(ignore.getMessage(), ignore);
responseFailureMessage = "Failed to connect; unknown cause: " + ignore.getMessage();
}
}
if (!connectSuccess) {
doOnConnectionFailure(locatorHostname, locatorPort, jmxManagerAuthEnabled, jmxManagerSslEnabled, infoResultData);
}
if (StringUtils.isNotBlank(responseFailureMessage)) {
infoResultData.addLine("\n");
infoResultData.addLine(responseFailureMessage);
}
return connectSuccess;
}
Also used :
HashMap(java.util.HashMap)
AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException)
ConnectToLocatorResult(org.apache.geode.management.internal.cli.domain.ConnectToLocatorResult)
JmxOperationInvoker(org.apache.geode.management.internal.cli.shell.JmxOperationInvoker)
SSLException(javax.net.ssl.SSLException)
ConnectionEndpoint(org.apache.geode.management.internal.cli.util.ConnectionEndpoint)
ConverterHint(org.apache.geode.management.cli.ConverterHint)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
MalformedObjectNameException(javax.management.MalformedObjectNameException)
SSLException(javax.net.ssl.SSLException)
AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException)
ClusterConfigurationNotAvailableException(org.apache.geode.internal.process.ClusterConfigurationNotAvailableException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
ConnectionEndpoint(org.apache.geode.management.internal.cli.util.ConnectionEndpoint)
Example 34 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project cloudstack by apache.
the class ElastistorUtil method getElastistorRestClient.
/**
* This intializes a new jersey restclient for http call with elasticenter
*/
public static ElastiCenterClient getElastistorRestClient() {
ElastiCenterClient restclient = null;
try {
String ip = getConfigurationDao().getValue("cloudbyte.management.ip");
String apikey = getConfigurationDao().getValue("cloudbyte.management.apikey");
if (ip == null) {
throw new CloudRuntimeException("set the value of cloudbyte.management.ip in global settings");
}
if (apikey == null) {
throw new CloudRuntimeException("set the value of cloudbyte.management.apikey in global settings");
}
restclient = new ElastiCenterClient(ip, apikey);
} catch (InvalidCredentialsException e) {
throw new CloudRuntimeException("InvalidCredentialsException:" + e.getMessage(), e);
} catch (InvalidParameterException e) {
throw new CloudRuntimeException("InvalidParameterException:" + e.getMessage(), e);
} catch (SSLHandshakeException e) {
throw new CloudRuntimeException("SSLHandshakeException:" + e.getMessage(), e);
} catch (ServiceUnavailableException e) {
throw new CloudRuntimeException("ServiceUnavailableException:" + e.getMessage(), e);
}
return restclient;
}
Also used :
InvalidParameterException(java.security.InvalidParameterException)
InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException)
CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException)
ServiceUnavailableException(javax.naming.ServiceUnavailableException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Example 35 with SSLHandshakeException
use of javax.net.ssl.SSLHandshakeException in project platform_external_apache-http by android.
the class CertificateChainValidator method closeSocketThrowException.
private void closeSocketThrowException(SSLSocket socket, String errorMessage) throws IOException {
if (HttpLog.LOGV) {
HttpLog.v("validation error: " + errorMessage);
}
if (socket != null) {
SSLSession session = socket.getSession();
if (session != null) {
session.invalidate();
}
socket.close();
}
throw new SSLHandshakeException(errorMessage);
}
Also used :
SSLSession(javax.net.ssl.SSLSession)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
Aggregations
SSLHandshakeException (javax.net.ssl.SSLHandshakeException)90
IOException (java.io.IOException)29
Test (org.junit.Test)22
CertificateException (java.security.cert.CertificateException)18
URL (java.net.URL)15
SSLException (javax.net.ssl.SSLException)15
SocketException (java.net.SocketException)13
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)12
SSLProtocolException (javax.net.ssl.SSLProtocolException)10
Socket (java.net.Socket)9
SSLSocket (javax.net.ssl.SSLSocket)9
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)8
SocketTimeoutException (java.net.SocketTimeoutException)7
SSLSession (javax.net.ssl.SSLSession)7
InputStream (java.io.InputStream)6
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)6
Channel (io.netty.channel.Channel)5
InetSocketAddress (java.net.InetSocketAddress)5
MalformedURLException (java.net.MalformedURLException)5
ClosedChannelException (java.nio.channels.ClosedChannelException)5
