Example 21 with SSLSession
use of javax.net.ssl.SSLSession in project wildfly by wildfly.
the class RemotingLoginModule method login.
@SuppressWarnings("unchecked")
@Override
public boolean login() throws LoginException {
if (super.login() == true) {
log.debug("super.login()==true");
return true;
}
Object credential = getCredential();
if (credential instanceof RemotingConnectionCredential) {
Connection con = ((RemotingConnectionCredential) credential).getConnection();
Principal up = null;
SecurityIdentity localIdentity = con.getLocalIdentity();
if (localIdentity != null) {
up = new RealmUser(localIdentity.getPrincipal().getName());
}
// If we found a principal from the connection then authentication succeeded.
if (up != null) {
identity = up;
if (getUseFirstPass()) {
String userName = identity.getName();
log.debugf("Storing username '%s'", userName);
// Add the username to the shared state map
sharedState.put("javax.security.auth.login.name", identity);
if (useNewClientCert) {
SSLSession session = con.getSslSession();
if (session != null) {
try {
credential = session.getPeerCertificates()[0];
log.debug("Using new certificate as credential.");
} catch (SSLPeerUnverifiedException e) {
log.debugf("No peer certificate available for '%s'", userName);
}
}
} else if (useClientCert) {
SSLSession session = con.getSslSession();
if (session != null) {
try {
credential = session.getPeerCertificateChain()[0];
log.debug("Using certificate as credential.");
} catch (SSLPeerUnverifiedException e) {
log.debugf("No peer certificate available for '%s'", userName);
}
}
}
sharedState.put("javax.security.auth.login.password", credential);
}
loginOk = true;
return true;
}
}
// username and password has been supplied to a web auth.
return false;
}
Also used :
SecurityIdentity(org.wildfly.security.auth.server.SecurityIdentity)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
Connection(org.jboss.remoting3.Connection)
RealmUser(org.jboss.as.core.security.RealmUser)
SSLSession(javax.net.ssl.SSLSession)
Principal(java.security.Principal)
Example 22 with SSLSession
use of javax.net.ssl.SSLSession in project cubrid-manager by CUBRID.
the class ClientHttp method setUpConnection.
/**
* Set up a http client
*
* @throws UnknownHostException a possible exception
* @throws IOException a possible exception
*/
private void setUpConnection() {
tearDownConnection();
this.requestUrl = "https://" + hostAddress + ":" + port + METHOD;
// support https
try {
// KeyStore trustStore =
// KeyStore.getInstance(KeyStore.getDefaultType());
// instream = new FileInputStream(new File("cm.keystore"));
// trustStore.load(instream, "admin1".toCharArray());
// SSLSocketFactory socketFactory = new
// SSLSocketFactory(trustStore);
// Scheme sch = new Scheme("https", 443, socketFactory);
// this.httpClient.getConnectionManager().getSchemeRegistry().register(sch);
X509TrustManager tm = new X509TrustManager() {
public void checkClientTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] xcs, String string) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
};
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, new TrustManager[] { tm }, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(ctx.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
URL url = new URL(requestUrl);
conn = (HttpsURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setConnectTimeout(timeout);
conn.setDoInput(true);
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/json");
} catch (Exception e) {
LOGGER.error("Make to support HTTPS failed.", e);
}
}
Also used :
X509TrustManager(javax.net.ssl.X509TrustManager)
SSLSession(javax.net.ssl.SSLSession)
SecureRandom(java.security.SecureRandom)
SSLContext(javax.net.ssl.SSLContext)
X509Certificate(java.security.cert.X509Certificate)
URL(java.net.URL)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
Example 23 with SSLSession
use of javax.net.ssl.SSLSession in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_getSession.
public void test_SSLSocket_getSession() throws Exception {
SSLSocketFactory sf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket ssl = (SSLSocket) sf.createSocket();
SSLSession session = ssl.getSession();
assertNotNull(session);
assertFalse(session.isValid());
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
SSLSession(javax.net.ssl.SSLSession)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
Example 24 with SSLSession
use of javax.net.ssl.SSLSession in project robovm by robovm.
the class SSLSocketTest method test_SSLSocket_HandshakeCompletedListener.
public void test_SSLSocket_HandshakeCompletedListener() throws Exception {
final TestSSLContext c = TestSSLContext.create();
final SSLSocket client = (SSLSocket) c.clientContext.getSocketFactory().createSocket(c.host, c.port);
final SSLSocket server = (SSLSocket) c.serverSocket.accept();
ExecutorService executor = Executors.newSingleThreadExecutor();
Future<Void> future = executor.submit(new Callable<Void>() {
@Override
public Void call() throws Exception {
server.startHandshake();
return null;
}
});
executor.shutdown();
final boolean[] handshakeCompletedListenerCalled = new boolean[1];
client.addHandshakeCompletedListener(new HandshakeCompletedListener() {
public void handshakeCompleted(HandshakeCompletedEvent event) {
try {
SSLSession session = event.getSession();
String cipherSuite = event.getCipherSuite();
Certificate[] localCertificates = event.getLocalCertificates();
Certificate[] peerCertificates = event.getPeerCertificates();
javax.security.cert.X509Certificate[] peerCertificateChain = event.getPeerCertificateChain();
Principal peerPrincipal = event.getPeerPrincipal();
Principal localPrincipal = event.getLocalPrincipal();
Socket socket = event.getSocket();
if (false) {
System.out.println("Session=" + session);
System.out.println("CipherSuite=" + cipherSuite);
System.out.println("LocalCertificates=" + Arrays.toString(localCertificates));
System.out.println("PeerCertificates=" + Arrays.toString(peerCertificates));
System.out.println("PeerCertificateChain=" + Arrays.toString(peerCertificateChain));
System.out.println("PeerPrincipal=" + peerPrincipal);
System.out.println("LocalPrincipal=" + localPrincipal);
System.out.println("Socket=" + socket);
}
assertNotNull(session);
byte[] id = session.getId();
assertNotNull(id);
assertEquals(32, id.length);
assertNotNull(c.clientContext.getClientSessionContext().getSession(id));
assertNotNull(cipherSuite);
assertTrue(Arrays.asList(client.getEnabledCipherSuites()).contains(cipherSuite));
assertTrue(Arrays.asList(c.serverSocket.getEnabledCipherSuites()).contains(cipherSuite));
assertNull(localCertificates);
assertNotNull(peerCertificates);
TestKeyStore.assertChainLength(peerCertificates);
assertNotNull(peerCertificates[0]);
TestSSLContext.assertServerCertificateChain(c.clientTrustManager, peerCertificates);
TestSSLContext.assertCertificateInKeyStore(peerCertificates[0], c.serverKeyStore);
assertNotNull(peerCertificateChain);
TestKeyStore.assertChainLength(peerCertificateChain);
assertNotNull(peerCertificateChain[0]);
TestSSLContext.assertCertificateInKeyStore(peerCertificateChain[0].getSubjectDN(), c.serverKeyStore);
assertNotNull(peerPrincipal);
TestSSLContext.assertCertificateInKeyStore(peerPrincipal, c.serverKeyStore);
assertNull(localPrincipal);
assertNotNull(socket);
assertSame(client, socket);
synchronized (handshakeCompletedListenerCalled) {
handshakeCompletedListenerCalled[0] = true;
handshakeCompletedListenerCalled.notify();
}
handshakeCompletedListenerCalled[0] = true;
} catch (RuntimeException e) {
throw e;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
});
client.startHandshake();
future.get();
if (!TestSSLContext.sslServerSocketSupportsSessionTickets()) {
assertNotNull(c.serverContext.getServerSessionContext().getSession(client.getSession().getId()));
}
synchronized (handshakeCompletedListenerCalled) {
while (!handshakeCompletedListenerCalled[0]) {
handshakeCompletedListenerCalled.wait();
}
}
client.close();
server.close();
c.close();
}
Also used :
SSLSocket(javax.net.ssl.SSLSocket)
SSLSession(javax.net.ssl.SSLSession)
SocketException(java.net.SocketException)
SocketTimeoutException(java.net.SocketTimeoutException)
SSLProtocolException(javax.net.ssl.SSLProtocolException)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SSLException(javax.net.ssl.SSLException)
SSLPeerUnverifiedException(javax.net.ssl.SSLPeerUnverifiedException)
HandshakeCompletedListener(javax.net.ssl.HandshakeCompletedListener)
HandshakeCompletedEvent(javax.net.ssl.HandshakeCompletedEvent)
ExecutorService(java.util.concurrent.ExecutorService)
Principal(java.security.Principal)
Socket(java.net.Socket)
SSLSocket(javax.net.ssl.SSLSocket)
ServerSocket(java.net.ServerSocket)
SSLServerSocket(javax.net.ssl.SSLServerSocket)
Example 25 with SSLSession
use of javax.net.ssl.SSLSession in project robovm by robovm.
the class MySSLSession method test_getSession.
/**
* javax.net.ssl.SSLSessionBindingEvent#getSession()
*/
public void test_getSession() {
SSLSession ses = new MySSLSession();
SSLSessionBindingEvent event = new SSLSessionBindingEvent(ses, "test");
assertEquals("Incorrect session", ses, event.getSession());
}
Also used :
SSLSessionBindingEvent(javax.net.ssl.SSLSessionBindingEvent)
SSLSession(javax.net.ssl.SSLSession)
Aggregations
SSLSession (javax.net.ssl.SSLSession)340
HostnameVerifier (javax.net.ssl.HostnameVerifier)121
SSLContext (javax.net.ssl.SSLContext)74
IOException (java.io.IOException)65
X509Certificate (java.security.cert.X509Certificate)64
CertificateException (java.security.cert.CertificateException)49
SSLSocket (javax.net.ssl.SSLSocket)49
TrustManager (javax.net.ssl.TrustManager)45
X509TrustManager (javax.net.ssl.X509TrustManager)43
Test (org.junit.Test)39
Certificate (java.security.cert.Certificate)33
SecureRandom (java.security.SecureRandom)31
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)29
SSLPeerUnverifiedException (javax.net.ssl.SSLPeerUnverifiedException)28
SSLSocketFactory (javax.net.ssl.SSLSocketFactory)28
URL (java.net.URL)24
HttpsURLConnection (javax.net.ssl.HttpsURLConnection)24
KeyManagementException (java.security.KeyManagementException)23
SSLException (javax.net.ssl.SSLException)22
InputStream (java.io.InputStream)18
