use of javax.net.ssl.SSLServerSocket in project hive by apache.
the class HiveAuthUtils method getServerSSLSocket.
public static TServerSocket getServerSSLSocket(String hiveHost, int portNum, String keyStorePath, String keyStorePassWord, List<String> sslVersionBlacklist) throws TTransportException, UnknownHostException {
TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters();
params.setKeyStore(keyStorePath, keyStorePassWord);
InetSocketAddress serverAddress;
if (hiveHost == null || hiveHost.isEmpty()) {
// Wildcard bind
serverAddress = new InetSocketAddress(portNum);
} else {
serverAddress = new InetSocketAddress(hiveHost, portNum);
}
TServerSocket thriftServerSocket = TSSLTransportFactory.getServerSocket(portNum, 0, serverAddress.getAddress(), params);
if (thriftServerSocket.getServerSocket() instanceof SSLServerSocket) {
List<String> sslVersionBlacklistLocal = new ArrayList<String>();
for (String sslVersion : sslVersionBlacklist) {
sslVersionBlacklistLocal.add(sslVersion.trim().toLowerCase());
}
SSLServerSocket sslServerSocket = (SSLServerSocket) thriftServerSocket.getServerSocket();
List<String> enabledProtocols = new ArrayList<String>();
for (String protocol : sslServerSocket.getEnabledProtocols()) {
if (sslVersionBlacklistLocal.contains(protocol.toLowerCase())) {
LOG.debug("Disabling SSL Protocol: " + protocol);
} else {
enabledProtocols.add(protocol);
}
}
sslServerSocket.setEnabledProtocols(enabledProtocols.toArray(new String[0]));
LOG.info("SSL Server Socket Enabled Protocols: " + Arrays.toString(sslServerSocket.getEnabledProtocols()));
}
return thriftServerSocket;
}
use of javax.net.ssl.SSLServerSocket in project apjp by jvansteirteghem.
the class HTTPS method createSSLServerSocket.
public static synchronized SSLServerSocket createSSLServerSocket() throws HTTPSException {
try {
KeyStore defaultKeyStore = getDefaultKeyStore();
SSLContext sslContext = SSLContext.getInstance("TLS");
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(defaultKeyStore, "APJP".toCharArray());
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(defaultKeyStore);
sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) sslContext.getServerSocketFactory();
return (SSLServerSocket) sslServerSocketFactory.createServerSocket();
} catch (Exception e) {
logger.log(2, "HTTPS/CREATE_SSL_SERVER_SOCKET: EXCEPTION", e);
throw new HTTPSException("HTTPS/CREATE_SSL_SERVER_SOCKET", e);
}
}
use of javax.net.ssl.SSLServerSocket in project robovm by robovm.
the class HttpsURLConnectionTest method testSetSSLSocketFactory.
/**
* Tests possibility to set up the SSLSocketFactory
* to be used by HttpsURLConnection.
*/
public void testSetSSLSocketFactory() throws Throwable {
// create the SSLServerSocket which will be used by server side
SSLContext ctx = getContext();
SSLServerSocket ss = (SSLServerSocket) ctx.getServerSocketFactory().createServerSocket(0);
// create the HostnameVerifier to check hostname verification
TestHostnameVerifier hnv = new TestHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
// create HttpsURLConnection to be tested
URL url = new URL("https://localhost:" + ss.getLocalPort());
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
SSLSocketFactory socketFactory = (SSLSocketFactory) ctx.getSocketFactory();
connection.setSSLSocketFactory(socketFactory);
TestHostnameVerifier hnv_late = new TestHostnameVerifier();
// late initialization: should not be used for created connection
HttpsURLConnection.setDefaultHostnameVerifier(hnv_late);
// perform the interaction between the peers
SSLSocket peerSocket = (SSLSocket) doInteraction(connection, ss);
// check the connection state
checkConnectionStateParameters(connection, peerSocket);
// check the verification process
assertTrue("Hostname verification was not done", hnv.verified);
assertFalse("Hostname verification should not be done by this verifier", hnv_late.verified);
// check the used SSLSocketFactory
assertNotSame("Default SSLSocketFactory should not be used", HttpsURLConnection.getDefaultSSLSocketFactory(), connection.getSSLSocketFactory());
assertSame("Result differs from expected", socketFactory, connection.getSSLSocketFactory());
// should silently exit
connection.connect();
}
use of javax.net.ssl.SSLServerSocket in project robovm by robovm.
the class HttpsURLConnectionTest method testProxyConnection.
/**
* Tests HTTPS connection process made through the proxy server.
*/
public void testProxyConnection() throws Throwable {
// setting up the properties pointing to the key/trust stores
setUpStoreProperties();
// create the SSLServerSocket which will be used by server side
ServerSocket ss = new ServerSocket(0);
// create the HostnameVerifier to check that Hostname verification
// is done
TestHostnameVerifier hnv = new TestHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
// create HttpsURLConnection to be tested
URL url = new URL("https://requested.host:55556/requested.data");
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(new Proxy(Proxy.Type.HTTP, new InetSocketAddress("localhost", ss.getLocalPort())));
connection.setSSLSocketFactory(getContext().getSocketFactory());
// perform the interaction between the peers and check the results
SSLSocket peerSocket = (SSLSocket) doInteraction(connection, ss);
checkConnectionStateParameters(connection, peerSocket);
// should silently exit
connection.connect();
}
use of javax.net.ssl.SSLServerSocket in project robovm by robovm.
the class HttpsURLConnectionTest method testProxyAuthConnection_doOutput.
/**
* Tests HTTPS connection process made through the proxy server.
* Proxy server needs authentication.
* Client sends data to the server.
*/
public void testProxyAuthConnection_doOutput() throws Throwable {
// setting up the properties pointing to the key/trust stores
setUpStoreProperties();
// create the SSLServerSocket which will be used by server side
ServerSocket ss = new ServerSocket(0);
// create the HostnameVerifier to check that Hostname verification
// is done
TestHostnameVerifier hnv = new TestHostnameVerifier();
HttpsURLConnection.setDefaultHostnameVerifier(hnv);
Authenticator.setDefault(new Authenticator() {
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication("user", "password".toCharArray());
}
});
// create HttpsURLConnection to be tested
URL url = new URL("https://requested.host:55554/requested.data");
HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(new Proxy(Proxy.Type.HTTP, new InetSocketAddress("localhost", ss.getLocalPort())));
connection.setSSLSocketFactory(getContext().getSocketFactory());
connection.setDoOutput(true);
// perform the interaction between the peers and check the results
SSLSocket peerSocket = (SSLSocket) doInteraction(connection, ss, OK_CODE, true);
checkConnectionStateParameters(connection, peerSocket);
}
Aggregations