Examples with SSLHandshakeException javax.net.ssl.SSLHandshakeException used on opensource projects

Search in sources :

Example 36 with SSLHandshakeException

use of javax.net.ssl.SSLHandshakeException in project cloudstack by apache.

the class ElastistorUtil method getElastistorRestClient.

/**
     * This intializes a new jersey restclient for http call with elasticenter
     */
public static ElastiCenterClient getElastistorRestClient() {
    ElastiCenterClient restclient = null;
    try {
        String ip = getConfigurationDao().getValue("cloudbyte.management.ip");
        String apikey = getConfigurationDao().getValue("cloudbyte.management.apikey");
        if (ip == null) {
            throw new CloudRuntimeException("set the value of cloudbyte.management.ip in global settings");
        }
        if (apikey == null) {
            throw new CloudRuntimeException("set the value of cloudbyte.management.apikey in global settings");
        }
        restclient = new ElastiCenterClient(ip, apikey);
    } catch (InvalidCredentialsException e) {
        throw new CloudRuntimeException("InvalidCredentialsException:" + e.getMessage(), e);
    } catch (InvalidParameterException e) {
        throw new CloudRuntimeException("InvalidParameterException:" + e.getMessage(), e);
    } catch (SSLHandshakeException e) {
        throw new CloudRuntimeException("SSLHandshakeException:" + e.getMessage(), e);
    } catch (ServiceUnavailableException e) {
        throw new CloudRuntimeException("ServiceUnavailableException:" + e.getMessage(), e);
    }
    return restclient;
}
Also used : InvalidParameterException(java.security.InvalidParameterException) InvalidCredentialsException(org.apache.http.auth.InvalidCredentialsException) CloudRuntimeException(com.cloud.utils.exception.CloudRuntimeException) ServiceUnavailableException(javax.naming.ServiceUnavailableException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException)

Example 37 with SSLHandshakeException

use of javax.net.ssl.SSLHandshakeException in project geode by apache.

the class LauncherLifecycleCommands method doAutoConnect.

private boolean doAutoConnect(final String locatorHostname, final int locatorPort, final String gemfirePropertiesPathname, final String gemfireSecurityPropertiesPathname, final InfoResultData infoResultData) {
    boolean connectSuccess = false;
    boolean jmxManagerAuthEnabled = false;
    boolean jmxManagerSslEnabled = false;
    Map<String, String> configurationProperties = loadConfigurationProperties(gemfireSecurityPropertiesPathname, loadConfigurationProperties(gemfirePropertiesPathname));
    Map<String, String> locatorConfigurationProperties = new HashMap<>(configurationProperties);
    String responseFailureMessage = null;
    for (int attempts = 0; (attempts < 10 && !connectSuccess); attempts++) {
        try {
            ConnectToLocatorResult connectToLocatorResult = ShellCommands.connectToLocator(locatorHostname, locatorPort, ShellCommands.getConnectLocatorTimeoutInMS() / 4, locatorConfigurationProperties);
            ConnectionEndpoint memberEndpoint = connectToLocatorResult.getMemberEndpoint();
            jmxManagerSslEnabled = connectToLocatorResult.isJmxManagerSslEnabled();
            if (!jmxManagerSslEnabled) {
                configurationProperties.clear();
            }
            getGfsh().setOperationInvoker(new JmxOperationInvoker(memberEndpoint.getHost(), memberEndpoint.getPort(), null, null, configurationProperties, null));
            String shellAndLogMessage = CliStrings.format(CliStrings.CONNECT__MSG__SUCCESS, "JMX Manager " + memberEndpoint.toString(false));
            infoResultData.addLine("\n");
            infoResultData.addLine(shellAndLogMessage);
            getGfsh().logToFile(shellAndLogMessage, null);
            connectSuccess = true;
            responseFailureMessage = null;
        } catch (IllegalStateException unexpected) {
            if (CauseFinder.indexOfCause(unexpected, ClassCastException.class, false) != -1) {
                responseFailureMessage = "The Locator might require SSL Configuration.";
            }
        } catch (SecurityException ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            jmxManagerAuthEnabled = true;
            // no need to continue after SecurityException
            break;
        } catch (AuthenticationFailedException ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            jmxManagerAuthEnabled = true;
            // no need to continue after AuthenticationFailedException
            break;
        } catch (SSLException ignore) {
            if (ignore instanceof SSLHandshakeException) {
                // try to connect again without SSL since the SSL handshake failed implying a plain text
                // connection...
                locatorConfigurationProperties.clear();
            } else {
                // another type of SSL error occurred (possibly a configuration issue); pass the buck...
                getGfsh().logToFile(ignore.getMessage(), ignore);
                responseFailureMessage = "Check your SSL configuration and try again.";
                break;
            }
        } catch (Exception ignore) {
            getGfsh().logToFile(ignore.getMessage(), ignore);
            responseFailureMessage = "Failed to connect; unknown cause: " + ignore.getMessage();
        }
    }
    if (!connectSuccess) {
        doOnConnectionFailure(locatorHostname, locatorPort, jmxManagerAuthEnabled, jmxManagerSslEnabled, infoResultData);
    }
    if (StringUtils.isNotBlank(responseFailureMessage)) {
        infoResultData.addLine("\n");
        infoResultData.addLine(responseFailureMessage);
    }
    return connectSuccess;
}
Also used : HashMap(java.util.HashMap) AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException) ConnectToLocatorResult(org.apache.geode.management.internal.cli.domain.ConnectToLocatorResult) JmxOperationInvoker(org.apache.geode.management.internal.cli.shell.JmxOperationInvoker) SSLException(javax.net.ssl.SSLException) ConnectionEndpoint(org.apache.geode.management.internal.cli.util.ConnectionEndpoint) ConverterHint(org.apache.geode.management.cli.ConverterHint) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) MalformedObjectNameException(javax.management.MalformedObjectNameException) SSLException(javax.net.ssl.SSLException) AuthenticationFailedException(org.apache.geode.security.AuthenticationFailedException) ClusterConfigurationNotAvailableException(org.apache.geode.internal.process.ClusterConfigurationNotAvailableException) MalformedURLException(java.net.MalformedURLException) IOException(java.io.IOException) ConnectionEndpoint(org.apache.geode.management.internal.cli.util.ConnectionEndpoint)

Example 38 with SSLHandshakeException

use of javax.net.ssl.SSLHandshakeException in project wildfly by wildfly.

the class AbstractCertificateLoginModuleTestCase method testLoginWithCertificate.

/**
     * Testing access to HTTPS connector which have configured truststore with
     * trusted certificates. Client with trusted certificate is allowed to
     * access both secured/unsecured resource. Client with untrusted certificate
     * can only access unprotected resources.
     *
     * @throws Exception
     */
public void testLoginWithCertificate(String appName) throws Exception {
    Assume.assumeFalse(SystemUtils.IS_JAVA_1_6 && SystemUtils.JAVA_VENDOR.toUpperCase(Locale.ENGLISH).contains("IBM"));
    final URL printPrincipalUrl = getServletUrl(HTTPS_PORT, appName, PrincipalPrintingServlet.SERVLET_PATH);
    final URL securedUrl = getServletUrl(HTTPS_PORT, appName, SECURED_SERVLET_WITH_SESSION);
    final URL unsecuredUrl = getServletUrl(HTTPS_PORT, appName, SimpleServlet.SERVLET_PATH);
    final HttpClient httpClient = getHttpsClient(CLIENT_KEYSTORE_FILE);
    final HttpClient httpClientUntrusted = getHttpsClient(UNTRUSTED_KEYSTORE_FILE);
    try {
        makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_FORBIDDEN);
        String responseBody = makeCallWithHttpClient(securedUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Secured page was not reached", SimpleSecuredServlet.RESPONSE_BODY, responseBody);
        String principal = makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Unexpected principal", "cn=client", principal.toLowerCase());
        responseBody = makeCallWithHttpClient(unsecuredUrl, httpClientUntrusted, HttpServletResponse.SC_OK);
        assertEquals("Secured page was not reached", SimpleServlet.RESPONSE_BODY, responseBody);
        try {
            makeCallWithHttpClient(securedUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
        } catch (SSLHandshakeException e) {
        // OK
        } catch (java.net.SocketException se) {
        // OK - on windows usually fails with this one
        }
    } finally {
        httpClient.getConnectionManager().shutdown();
        httpClientUntrusted.getConnectionManager().shutdown();
    }
}
Also used : Utils.makeCallWithHttpClient(org.jboss.as.test.integration.security.common.Utils.makeCallWithHttpClient) HttpClient(org.apache.http.client.HttpClient) URL(java.net.URL) SSLHandshakeException(javax.net.ssl.SSLHandshakeException)

Example 39 with SSLHandshakeException

use of javax.net.ssl.SSLHandshakeException in project wildfly by wildfly.

the class HTTPSWebConnectorTestCase method testVerifyingConnector.

/**
     * @test.tsfi tsfi.keystore.file
     * @test.tsfi tsfi.truststore.file
     * @test.objective Testing default HTTPs connector with verify-client attribute set to "true". The CLIENT-CERT
     *                 authentication (BaseCertLoginModule) is configured for this test. Trusted client is allowed to access
     *                 both secured/unsecured resource. Untrusted client is not allowed to access anything.
     * @test.expectedResult Trusted client has access to protected and unprotected resources. Untrusted client can't access
     *                      anything.
     * @throws Exception
     */
@Test
@InSequence(1)
public void testVerifyingConnector() throws Exception {
    final HttpClient httpClient = getHttpClient(CLIENT_KEYSTORE_FILE);
    final HttpClient httpClientUntrusted = getHttpClient(UNTRUSTED_KEYSTORE_FILE);
    try {
        final URL printPrincipalUrl = getServletUrl(HTTPS_PORT_VERIFY_TRUE, PrincipalPrintingServlet.SERVLET_PATH);
        final URL securedUrl = getServletUrl(HTTPS_PORT_VERIFY_TRUE, SECURED_SERVLET_WITH_SESSION);
        final URL unsecuredUrl = getServletUrl(HTTPS_PORT_VERIFY_TRUE, SimpleServlet.SERVLET_PATH);
        String principal = makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Unexpected principal", "cn=client", principal.toLowerCase());
        String responseBody = makeCallWithHttpClient(securedUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Secured page was not reached", SimpleSecuredServlet.RESPONSE_BODY, responseBody);
        try {
            makeCallWithHttpClient(unsecuredUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
            fail("Untrusted client should not be authenticated.");
        } catch (SSLHandshakeException | SSLPeerUnverifiedException | SocketException e) {
        //depending on the OS and the version of HTTP client in use any one of these exceptions may be thrown
        //in particular the SocketException gets thrown on Windows
        // OK
        }
        try {
            makeCallWithHttpClient(printPrincipalUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
            fail("Untrusted client should not be authenticated.");
        } catch (SSLHandshakeException | SSLPeerUnverifiedException | SocketException e) {
        // OK
        }
        try {
            makeCallWithHttpClient(securedUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
            fail("Untrusted client should not be authenticated.");
        } catch (SSLHandshakeException | SSLPeerUnverifiedException | SocketException e) {
        // OK
        }
    } finally {
        httpClient.getConnectionManager().shutdown();
        httpClientUntrusted.getConnectionManager().shutdown();
    }
}
Also used : SocketException(java.net.SocketException) Utils.makeCallWithHttpClient(org.jboss.as.test.integration.security.common.Utils.makeCallWithHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException) URL(java.net.URL) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) Test(org.junit.Test) InSequence(org.jboss.arquillian.junit.InSequence)

Example 40 with SSLHandshakeException

use of javax.net.ssl.SSLHandshakeException in project wildfly by wildfly.

the class HTTPSWebConnectorTestCase method testNonVerifyingConnector.

/**
     * @test.tsfi tsfi.keystore.file
     * @test.tsfi tsfi.truststore.file
     * @test.objective Testing default HTTPs connector with verify-client attribute set to "false". The CLIENT-CERT
     *                 authentication (BaseCertLoginModule) is configured for this test. Trusted client is allowed to access
     *                 both secured/unsecured resource. Untrusted client can only access unprotected resources.
     * @test.expectedResult Trusted client has access to protected and unprotected resources. Untrusted client has only access
     *                      to unprotected resources.
     * @throws Exception
     */
@Test
@InSequence(1)
public void testNonVerifyingConnector() throws Exception {
    Assume.assumeFalse(SystemUtils.IS_JAVA_1_6 && SystemUtils.JAVA_VENDOR.toUpperCase(Locale.ENGLISH).contains("IBM"));
    final URL printPrincipalUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, PrincipalPrintingServlet.SERVLET_PATH);
    final URL securedUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, SECURED_SERVLET_WITH_SESSION);
    final URL unsecuredUrl = getServletUrl(HTTPS_PORT_VERIFY_FALSE, SimpleServlet.SERVLET_PATH);
    final HttpClient httpClient = getHttpClient(CLIENT_KEYSTORE_FILE);
    final HttpClient httpClientUntrusted = getHttpClient(UNTRUSTED_KEYSTORE_FILE);
    try {
        makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_FORBIDDEN);
        String responseBody = makeCallWithHttpClient(securedUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Secured page was not reached", SimpleSecuredServlet.RESPONSE_BODY, responseBody);
        String principal = makeCallWithHttpClient(printPrincipalUrl, httpClient, HttpServletResponse.SC_OK);
        assertEquals("Unexpected principal", "cn=client", principal.toLowerCase());
        responseBody = makeCallWithHttpClient(unsecuredUrl, httpClientUntrusted, HttpServletResponse.SC_OK);
        assertEquals("Secured page was not reached", SimpleServlet.RESPONSE_BODY, responseBody);
        try {
            makeCallWithHttpClient(securedUrl, httpClientUntrusted, HttpServletResponse.SC_FORBIDDEN);
        } catch (SSLHandshakeException e) {
        // OK
        } catch (java.net.SocketException se) {
        // OK - on windows usually fails with this one
        }
    } finally {
        httpClient.getConnectionManager().shutdown();
        httpClientUntrusted.getConnectionManager().shutdown();
    }
}
Also used : SocketException(java.net.SocketException) Utils.makeCallWithHttpClient(org.jboss.as.test.integration.security.common.Utils.makeCallWithHttpClient) HttpClient(org.apache.http.client.HttpClient) URL(java.net.URL) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) Test(org.junit.Test) InSequence(org.jboss.arquillian.junit.InSequence)

Aggregations

SSLHandshakeException (javax.net.ssl.SSLHandshakeException)84 IOException (java.io.IOException)26 Test (org.junit.Test)21 CertificateException (java.security.cert.CertificateException)17 URL (java.net.URL)15 SSLException (javax.net.ssl.SSLException)14 SocketException (java.net.SocketException)12 HttpsURLConnection (javax.net.ssl.HttpsURLConnection)12 SSLProtocolException (javax.net.ssl.SSLProtocolException)10 Socket (java.net.Socket)8 SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)8 SSLSocket (javax.net.ssl.SSLSocket)8 InputStream (java.io.InputStream)6 SSLSession (javax.net.ssl.SSLSession)6 Channel (io.netty.channel.Channel)5 InetSocketAddress (java.net.InetSocketAddress)5 SocketTimeoutException (java.net.SocketTimeoutException)5 ClosedChannelException (java.nio.channels.ClosedChannelException)5 Bootstrap (io.netty.bootstrap.Bootstrap)4 ServerBootstrap (io.netty.bootstrap.ServerBootstrap)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial