Examples with SSLSession javax.net.ssl.SSLSession used on opensource projects

Example 96 with SSLSession

use of javax.net.ssl.SSLSession in project apjp by jvansteirteghem.

the class HTTPRequest method open.

public void open() throws HTTPRequestException {
    try {
        url = new URL(APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_URL[i]);
        Proxy proxy = Proxy.NO_PROXY;
        if (url.getProtocol().equalsIgnoreCase("HTTP") == true) {
            if (APJP.APJP_HTTP_PROXY_SERVER_ADDRESS.equalsIgnoreCase("") == false) {
                proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(APJP.APJP_HTTP_PROXY_SERVER_ADDRESS, APJP.APJP_HTTP_PROXY_SERVER_PORT));
            }
        } else {
            if (url.getProtocol().equalsIgnoreCase("HTTPS") == true) {
                if (APJP.APJP_HTTPS_PROXY_SERVER_ADDRESS.equalsIgnoreCase("") == false) {
                    proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(APJP.APJP_HTTPS_PROXY_SERVER_ADDRESS, APJP.APJP_HTTPS_PROXY_SERVER_PORT));
                }
            }
        }
        urlConnection = url.openConnection(proxy);
        if (urlConnection instanceof HttpsURLConnection) {
            ((HttpsURLConnection) urlConnection).setHostnameVerifier(new HostnameVerifier() {

                public boolean verify(String hostname, SSLSession sslSession) {
                    String value1 = APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_URL[i];
                    String[] values1 = value1.split("/", -1);
                    String value2 = values1[2];
                    String[] values2 = value2.split(":");
                    String value3 = values2[0];
                    if (value3.equalsIgnoreCase(hostname)) {
                        return true;
                    } else {
                        return false;
                    }
                }
            });
        }
        if (url.getProtocol().equalsIgnoreCase("HTTP") == true) {
            if (APJP.APJP_HTTP_PROXY_SERVER_ADDRESS.equalsIgnoreCase("") == false && APJP.APJP_HTTP_PROXY_SERVER_USERNAME.equalsIgnoreCase("") == false) {
                urlConnection.setRequestProperty("Proxy-Authorization", "Basic " + new String(BASE64.encode((APJP.APJP_HTTP_PROXY_SERVER_USERNAME + ":" + APJP.APJP_HTTP_PROXY_SERVER_PASSWORD).getBytes())));
            }
        } else {
            if (url.getProtocol().equalsIgnoreCase("HTTPS") == true) {
                if (APJP.APJP_HTTPS_PROXY_SERVER_ADDRESS.equalsIgnoreCase("") == false && APJP.APJP_HTTPS_PROXY_SERVER_USERNAME.equalsIgnoreCase("") == false) {
                    urlConnection.setRequestProperty("Proxy-Authorization", "Basic " + new String(BASE64.encode((APJP.APJP_HTTPS_PROXY_SERVER_USERNAME + ":" + APJP.APJP_HTTPS_PROXY_SERVER_PASSWORD).getBytes())));
                }
            }
        }
        for (int j = 0; j < APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_PROPERTY_KEY[i].length; j = j + 1) {
            if (APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_PROPERTY_KEY[i][j].equalsIgnoreCase("") == false) {
                urlConnection.setRequestProperty(APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_PROPERTY_KEY[i][j], APJP.APJP_REMOTE_HTTP_SERVER_REQUEST_PROPERTY_VALUE[i][j]);
            }
        }
        urlConnection.setDoOutput(true);
        urlConnection.setDoInput(true);
        urlConnection.connect();
    } catch (Exception e) {
        throw new HTTPRequestException("HTTP_REQUEST/OPEN", e);
    }
}

Example 97 with SSLSession

use of javax.net.ssl.SSLSession in project KJFrameForAndroid by kymjs.

the class HTTPSTrustManager method allowAllSSL.

public static void allowAllSSL() {
    HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {

        @Override
        public boolean verify(String arg0, SSLSession arg1) {
            return true;
        }
    });
    SSLContext context = null;
    if (trustManagers == null) {
        trustManagers = new TrustManager[] { new HTTPSTrustManager() };
    }
    try {
        context = SSLContext.getInstance("TLS");
        context.init(null, trustManagers, new SecureRandom());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }
    HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory());
}

Example 98 with SSLSession

use of javax.net.ssl.SSLSession in project openhab1-addons by openhab.

the class IhcConnectionPool method init.

private void init() {
    // Create a local instance of cookie store
    cookieStore = new BasicCookieStore();
    // Create local HTTP context
    localContext = HttpClientContext.create();
    // Bind custom cookie store to the local context
    localContext.setCookieStore(cookieStore);
    httpClientBuilder = HttpClientBuilder.create();
    // Setup a Trust Strategy that allows all certificates.
    logger.debug("Initialize SSL context");
    // Create a trust manager that does not validate certificate chains,
    // but accept all.
    TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() {

        @Override
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        @Override
        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }

        @Override
        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
            logger.trace("Trusting server cert: " + certs[0].getIssuerDN());
        }
    } };
    try {
        // Controller supports only SSLv3 and TLSv1
        sslContext = SSLContext.getInstance("TLSv1");
        sslContext.init(null, trustAllCerts, new java.security.SecureRandom());
    } catch (NoSuchAlgorithmException e) {
        logger.warn("Exception", e);
    } catch (KeyManagementException e) {
        logger.warn("Exception", e);
    }
    httpClientBuilder.setSslcontext(sslContext);
    // Controller accepts only HTTPS connections and because normally IP
    // address are used on home network rather than DNS names, create custom
    // host name verifier.
    HostnameVerifier hostnameVerifier = new HostnameVerifier() {

        @Override
        public boolean verify(String arg0, SSLSession arg1) {
            logger.trace("HostnameVerifier: arg0 = " + arg0);
            logger.trace("HostnameVerifier: arg1 = " + arg1);
            return true;
        }
    };
    // Create an SSL Socket Factory, to use our weakened "trust strategy"
    SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, new String[] { "TLSv1" }, null, hostnameVerifier);
    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("https", sslSocketFactory).build();
    // Create connection-manager using our Registry. Allows multi-threaded
    // use
    PoolingHttpClientConnectionManager connMngr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
    // Increase max connection counts
    connMngr.setMaxTotal(20);
    connMngr.setDefaultMaxPerRoute(6);
    httpClientBuilder.setConnectionManager(connMngr);
}

Example 99 with SSLSession

use of javax.net.ssl.SSLSession in project netty by netty.

the class SSLEngineTest method testSessionInvalidate.

@Test
public void testSessionInvalidate() throws Exception {
    clientSslCtx = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).sslProvider(sslClientProvider()).build();
    SelfSignedCertificate ssc = new SelfSignedCertificate();
    serverSslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey()).sslProvider(sslServerProvider()).build();
    SSLEngine clientEngine = null;
    SSLEngine serverEngine = null;
    try {
        clientEngine = clientSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);
        serverEngine = serverSslCtx.newEngine(UnpooledByteBufAllocator.DEFAULT);
        handshake(clientEngine, serverEngine);
        SSLSession session = serverEngine.getSession();
        assertTrue(session.isValid());
        session.invalidate();
        assertFalse(session.isValid());
    } finally {
        cleanupClientSslEngine(clientEngine);
        cleanupServerSslEngine(serverEngine);
    }
}

Example 100 with SSLSession

use of javax.net.ssl.SSLSession in project hadoop by apache.

the class LdapAuthenticationHandler method authenticateWithTlsExtension.

private void authenticateWithTlsExtension(String userDN, String password) throws AuthenticationException {
    LdapContext ctx = null;
    Hashtable<String, Object> env = new Hashtable<String, Object>();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, providerUrl);
    try {
        // Create initial context
        ctx = new InitialLdapContext(env, null);
        // Establish TLS session
        StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new StartTlsRequest());
        if (disableHostNameVerification) {
            tls.setHostnameVerifier(new HostnameVerifier() {

                @Override
                public boolean verify(String hostname, SSLSession session) {
                    return true;
                }
            });
        }
        tls.negotiate();
        // Initialize security credentials & perform read operation for
        // verification.
        ctx.addToEnvironment(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION);
        ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, userDN);
        ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, password);
        ctx.lookup(userDN);
        logger.debug("Authentication successful for {}", userDN);
    } catch (NamingException | IOException ex) {
        throw new AuthenticationException("Error validating LDAP user", ex);
    } finally {
        if (ctx != null) {
            try {
                ctx.close();
            } catch (NamingException e) {
            /* Ignore. */
            }
        }
    }
}