Examples with TLSClientParameters - org.apache.cxf.configuration.jsse.TLSClientParameters

Example 1 with TLSClientParameters

use of org.apache.cxf.configuration.jsse.TLSClientParameters in project camel by apache.

the class ServiceNowClient method configureTls.

private static void configureTls(CamelContext camelContext, ServiceNowConfiguration configuration, WebClient client) throws Exception {
    SSLContextParameters sslContextParams = configuration.getSslContextParameters();
    if (sslContextParams != null) {
        HTTPConduit conduit = WebClient.getConfig(client).getHttpConduit();
        TLSClientParameters tlsClientParams = conduit.getTlsClientParameters();
        if (tlsClientParams == null) {
            tlsClientParams = new TLSClientParameters();
        }
        SSLContext sslContext = sslContextParams.createSSLContext(camelContext);
        tlsClientParams.setSSLSocketFactory(sslContext.getSocketFactory());
        conduit.setTlsClientParameters(tlsClientParams);
    }
}

Also used : HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) SSLContext(javax.net.ssl.SSLContext) SSLContextParameters(org.apache.camel.util.jsse.SSLContextParameters)

Example 2 with TLSClientParameters

use of org.apache.cxf.configuration.jsse.TLSClientParameters in project opennms by OpenNMS.

the class TsrmTicketerPlugin method getService.

private SHSIMPINCPortType getService() {
    final SHSIMPINC service = new SHSIMPINC();
    port = service.getSHSIMPINCSOAP12Port();
    final Client cxfClient = ClientProxy.getClient(port);
    try {
        cxfClient.getRequestContext().put(Message.ENDPOINT_ADDRESS, getProperties().getProperty("tsrm.url"));
        final HTTPConduit http = (HTTPConduit) cxfClient.getConduit();
        String stictSSL = getProperties().getProperty("tsrm.ssl.strict");
        if (!Boolean.parseBoolean(stictSSL)) {
            LOG.debug("Disabling strict SSL checking.");
            // Accept all certificates
            final TrustManager[] simpleTrustManager = new TrustManager[] { new AnyServerX509TrustManager() };
            final TLSClientParameters tlsParams = new TLSClientParameters();
            tlsParams.setTrustManagers(simpleTrustManager);
            tlsParams.setDisableCNCheck(true);
            http.setTlsClientParameters(tlsParams);
        }
    } catch (IOException e) {
        LOG.error("Unable to load tsrm properties ", e);
    }
    // Log incoming and outgoing requests
    LoggingInInterceptor loggingInInterceptor = new LoggingInInterceptor();
    loggingInInterceptor.setPrettyLogging(true);
    cxfClient.getInInterceptors().add(loggingInInterceptor);
    LoggingOutInterceptor loggingOutInterceptor = new LoggingOutInterceptor();
    loggingOutInterceptor.setPrettyLogging(true);
    cxfClient.getOutInterceptors().add(loggingOutInterceptor);
    return port;
}

Also used : HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) LoggingOutInterceptor(org.apache.cxf.interceptor.LoggingOutInterceptor) LoggingInInterceptor(org.apache.cxf.interceptor.LoggingInInterceptor) AnyServerX509TrustManager(org.opennms.core.utils.AnyServerX509TrustManager) IOException(java.io.IOException) Client(org.apache.cxf.endpoint.Client) SHSIMPINC(com.ibm.maximo.wsdl.shsimpinc.SHSIMPINC) AnyServerX509TrustManager(org.opennms.core.utils.AnyServerX509TrustManager) TrustManager(javax.net.ssl.TrustManager) X509TrustManager(javax.net.ssl.X509TrustManager)

Example 3 with TLSClientParameters

use of org.apache.cxf.configuration.jsse.TLSClientParameters in project OpenAM by OpenRock.

the class SoapSTSConsumer method handleSTSServerCertCNDNSMismatch.

/**
     * This method must be called in case the CN in the Certificate presented by the container hosting the published sts
     * instance does not match the DNS name of this server. This check should not be relied-upon in production, and is
     * only present to facilitate testing.
     * @param stsClient The stsClient which will make the sts invocations
     */
private void handleSTSServerCertCNDNSMismatch(STSClient stsClient) throws SoapSTSConsumerException {
    javax.net.ssl.HttpsURLConnection.setDefaultHostnameVerifier(new javax.net.ssl.HostnameVerifier() {

        public boolean verify(String hostname, javax.net.ssl.SSLSession sslSession) {
            return true;
        }
    });
    /*
        CXF client also needs to have disabled the CN check in server-presented cert for TLS cases, if cert CN
        does not match DNS
         */
    TLSClientParameters tlsClientParameters = new TLSClientParameters();
    tlsClientParameters.setDisableCNCheck(true);
    try {
        ((HTTPConduit) stsClient.getClient().getConduit()).setTlsClientParameters(tlsClientParameters);
    } catch (BusException | EndpointException e) {
        throw new SoapSTSConsumerException(e.getMessage(), e);
    }
}

Also used : HTTPConduit(org.apache.cxf.transport.http.HTTPConduit) TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters) EndpointException(org.apache.cxf.endpoint.EndpointException) BusException(org.apache.cxf.BusException)

Example 4 with TLSClientParameters

use of org.apache.cxf.configuration.jsse.TLSClientParameters in project camel by apache.

the class AbstractHostnameVerifierEndpointConfigurer method setupHttpConduit.

protected void setupHttpConduit(HTTPConduit httpConduit) {
    TLSClientParameters tlsClientParameters = tryToGetTLSClientParametersFromConduit(httpConduit);
    tlsClientParameters.setHostnameVerifier(hostnameVerifier);
    httpConduit.setTlsClientParameters(tlsClientParameters);
}

Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters)

Example 5 with TLSClientParameters

use of org.apache.cxf.configuration.jsse.TLSClientParameters in project camel by apache.

the class AbstractSslEndpointConfigurer method setupHttpConduit.

protected void setupHttpConduit(HTTPConduit httpConduit) {
    TLSClientParameters tlsClientParameters = tryToGetTLSClientParametersFromConduit(httpConduit);
    tlsClientParameters.setSSLSocketFactory(tryToGetSSLSocketFactory());
    httpConduit.setTlsClientParameters(tlsClientParameters);
}

Also used : TLSClientParameters(org.apache.cxf.configuration.jsse.TLSClientParameters)

Aggregations

TLSClientParameters (org.apache.cxf.configuration.jsse.TLSClientParameters)6 HTTPConduit (org.apache.cxf.transport.http.HTTPConduit)4 IOException (java.io.IOException)2 SHSIMPINC (com.ibm.maximo.wsdl.shsimpinc.SHSIMPINC)1 InputStream (java.io.InputStream)1 Path (java.nio.file.Path)1 KeyStore (java.security.KeyStore)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 UnrecoverableKeyException (java.security.UnrecoverableKeyException)1 CertificateException (java.security.cert.CertificateException)1 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)1 SSLContext (javax.net.ssl.SSLContext)1 TrustManager (javax.net.ssl.TrustManager)1 TrustManagerFactory (javax.net.ssl.TrustManagerFactory)1 X509TrustManager (javax.net.ssl.X509TrustManager)1 SSLContextParameters (org.apache.camel.util.jsse.SSLContextParameters)1 Bus (org.apache.cxf.Bus)1 BusException (org.apache.cxf.BusException)1 Client (org.apache.cxf.endpoint.Client)1