Examples with SSLContextParameters org.apache.camel.util.jsse.SSLContextParameters used on opensource projects

Example 21 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class FileToFtpsImplicitTLSWithClientAuthAndSSLContextParametersTest method createRegistry.

@Override
protected JndiRegistry createRegistry() throws Exception {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource("server.jks");
    ksp.setPassword("password");
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyPassword("password");
    kmp.setKeyStore(ksp);
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);
    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setSecureSocketProtocol("TLS");
    sslContextParameters.setKeyManagers(kmp);
    sslContextParameters.setTrustManagers(tmp);
    JndiRegistry registry = super.createRegistry();
    registry.bind("sslContextParameters", sslContextParameters);
    return registry;
}

Example 22 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class WssProducerTest method defineSSLContextServerParameters.

private static SSLContextParameters defineSSLContextServerParameters() {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource("jsse/localhost.ks");
    ksp.setPassword(PW);
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyPassword(PW);
    kmp.setKeyStore(ksp);
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);
    // NOTE: Needed since the client uses a loose trust configuration when no ssl context
    // is provided.  We turn on WANT client-auth to prefer using authentication
    SSLContextServerParameters scsp = new SSLContextServerParameters();
    scsp.setClientAuthentication(ClientAuthentication.WANT.name());
    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setKeyManagers(kmp);
    sslContextParameters.setTrustManagers(tmp);
    sslContextParameters.setServerParameters(scsp);
    return sslContextParameters;
}

Example 23 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class HttpComponent method createEndpoint.

@Override
protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {
    Map<String, Object> httpClientParameters = new HashMap<String, Object>(parameters);
    final Map<String, Object> httpClientOptions = new HashMap<>();
    final HttpClientBuilder clientBuilder = createHttpClientBuilder(uri, parameters, httpClientOptions);
    HttpBinding httpBinding = resolveAndRemoveReferenceParameter(parameters, "httpBinding", HttpBinding.class);
    HttpContext httpContext = resolveAndRemoveReferenceParameter(parameters, "httpContext", HttpContext.class);
    SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParameters", SSLContextParameters.class);
    if (sslContextParameters == null) {
        sslContextParameters = getSslContextParameters();
    }
    String httpMethodRestrict = getAndRemoveParameter(parameters, "httpMethodRestrict", String.class);
    HeaderFilterStrategy headerFilterStrategy = resolveAndRemoveReferenceParameter(parameters, "headerFilterStrategy", HeaderFilterStrategy.class);
    UrlRewrite urlRewrite = resolveAndRemoveReferenceParameter(parameters, "urlRewrite", UrlRewrite.class);
    boolean secure = HttpHelper.isSecureConnection(uri) || sslContextParameters != null;
    // need to set scheme on address uri depending on if its secure or not
    String addressUri = (secure ? "https://" : "http://") + remaining;
    addressUri = UnsafeUriCharactersEncoder.encodeHttpURI(addressUri);
    URI uriHttpUriAddress = new URI(addressUri);
    // validate http uri that end-user did not duplicate the http part that can be a common error
    int pos = uri.indexOf("//");
    if (pos != -1) {
        String part = uri.substring(pos + 2);
        if (part.startsWith("http:") || part.startsWith("https:")) {
            throw new ResolveEndpointFailedException(uri, "The uri part is not configured correctly. You have duplicated the http(s) protocol.");
        }
    }
    // create the configurer to use for this endpoint
    HttpClientConfigurer configurer = createHttpClientConfigurer(parameters, secure);
    URI endpointUri = URISupport.createRemainingURI(uriHttpUriAddress, httpClientParameters);
    // the endpoint uri should use the component name as scheme, so we need to re-create it once more
    String scheme = ObjectHelper.before(uri, "://");
    endpointUri = URISupport.createRemainingURI(new URI(scheme, endpointUri.getUserInfo(), endpointUri.getHost(), endpointUri.getPort(), endpointUri.getPath(), endpointUri.getQuery(), endpointUri.getFragment()), httpClientParameters);
    // create the endpoint and set the http uri to be null
    String endpointUriString = endpointUri.toString();
    LOG.debug("Creating endpoint uri {}", endpointUriString);
    final HttpClientConnectionManager localConnectionManager = createConnectionManager(parameters, sslContextParameters);
    HttpEndpoint endpoint = new HttpEndpoint(endpointUriString, this, clientBuilder, localConnectionManager, configurer);
    // configure the endpoint with the common configuration from the component
    if (getHttpConfiguration() != null) {
        Map<String, Object> properties = new HashMap<>();
        IntrospectionSupport.getProperties(getHttpConfiguration(), properties, null);
        setProperties(endpoint, properties);
    }
    if (urlRewrite != null) {
        // let CamelContext deal with the lifecycle of the url rewrite
        // this ensures its being shutdown when Camel shutdown etc.
        getCamelContext().addService(urlRewrite);
        endpoint.setUrlRewrite(urlRewrite);
    }
    // configure the endpoint
    setProperties(endpoint, parameters);
    // determine the portnumber (special case: default portnumber)
    //int port = getPort(uriHttpUriAddress);
    // we can not change the port of an URI, we must create a new one with an explicit port value
    URI httpUri = URISupport.createRemainingURI(new URI(uriHttpUriAddress.getScheme(), uriHttpUriAddress.getUserInfo(), uriHttpUriAddress.getHost(), uriHttpUriAddress.getPort(), uriHttpUriAddress.getPath(), uriHttpUriAddress.getQuery(), uriHttpUriAddress.getFragment()), parameters);
    endpoint.setHttpUri(httpUri);
    if (headerFilterStrategy != null) {
        endpoint.setHeaderFilterStrategy(headerFilterStrategy);
    } else {
        setEndpointHeaderFilterStrategy(endpoint);
    }
    endpoint.setBinding(getHttpBinding());
    if (httpBinding != null) {
        endpoint.setBinding(httpBinding);
    }
    if (httpMethodRestrict != null) {
        endpoint.setHttpMethodRestrict(httpMethodRestrict);
    }
    endpoint.setHttpContext(getHttpContext());
    if (httpContext != null) {
        endpoint.setHttpContext(httpContext);
    }
    if (endpoint.getCookieStore() == null) {
        endpoint.setCookieStore(getCookieStore());
    }
    endpoint.setHttpClientOptions(httpClientOptions);
    return endpoint;
}

Example 24 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class BaseAhcTest method addSslContextParametersToRegistry.

protected void addSslContextParametersToRegistry(JndiRegistry registry) {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString());
    ksp.setPassword(KEY_STORE_PASSWORD);
    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyPassword(KEY_STORE_PASSWORD);
    kmp.setKeyStore(ksp);
    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);
    // NOTE: Needed since the client uses a loose trust configuration when no ssl context
    // is provided.  We turn on WANT client-auth to prefer using authentication
    SSLContextServerParameters scsp = new SSLContextServerParameters();
    scsp.setClientAuthentication(ClientAuthentication.WANT.name());
    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setKeyManagers(kmp);
    sslContextParameters.setTrustManagers(tmp);
    sslContextParameters.setServerParameters(scsp);
    // use SSLv3 to avoid issue with (eg disable TLS)
    // Caused by: javax.net.ssl.SSLException: bad record MAC
    sslContextParameters.setSecureSocketProtocol("SSLv3");
    registry.bind("sslContextParameters", sslContextParameters);
}

Example 25 with SSLContextParameters

use of org.apache.camel.util.jsse.SSLContextParameters in project camel by apache.

the class SslContextParametersCometdProducerConsumerTest method createRouteBuilder.

@Override
protected RouteBuilder createRouteBuilder() throws Exception {
    return new RouteBuilder() {

        @Override
        public void configure() throws Exception {
            KeyStoreParameters ksp = new KeyStoreParameters();
            ksp.setResource("jsse/localhost.ks");
            ksp.setPassword("changeit");
            KeyManagersParameters kmp = new KeyManagersParameters();
            kmp.setKeyPassword("changeit");
            kmp.setKeyStore(ksp);
            TrustManagersParameters tmp = new TrustManagersParameters();
            tmp.setKeyStore(ksp);
            SSLContextParameters sslContextParameters = new SSLContextParameters();
            sslContextParameters.setKeyManagers(kmp);
            sslContextParameters.setTrustManagers(tmp);
            CometdComponent component = (CometdComponent) context.getComponent("cometds");
            component.setSslContextParameters(sslContextParameters);
            from("direct:input").to(uri);
            from(uri).to("mock:test");
        }
    };
}