Examples with Scheme - org.apache.http.conn.scheme.Scheme

Example 11 with Scheme

use of org.apache.http.conn.scheme.Scheme in project ribbon by Netflix.

the class RestClient method resetSSLSocketFactory.

public void resetSSLSocketFactory(AbstractSslContextFactory abstractContextFactory) {
    try {
        KeyStoreAwareSocketFactory awareSocketFactory = isHostnameValidationRequired ? new KeyStoreAwareSocketFactory(abstractContextFactory) : new KeyStoreAwareSocketFactory(abstractContextFactory, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        httpClient4.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 443, awareSocketFactory));
    } catch (Exception e) {
        throw new IllegalArgumentException("Unable to configure custom secure socket factory", e);
    }
}

Also used : Scheme(org.apache.http.conn.scheme.Scheme) KeyStoreAwareSocketFactory(com.netflix.http4.ssl.KeyStoreAwareSocketFactory) URISyntaxException(java.net.URISyntaxException) ClientException(com.netflix.client.ClientException) SocketException(java.net.SocketException) SocketTimeoutException(java.net.SocketTimeoutException) ClientSslSocketFactoryException(com.netflix.client.ssl.ClientSslSocketFactoryException)

Example 12 with Scheme

use of org.apache.http.conn.scheme.Scheme in project OpenAttestation by OpenAttestation.

the class SslUtil method getServerCertificates.

public static X509Certificate[] getServerCertificates(URL url) throws NoSuchAlgorithmException, KeyManagementException, IOException {
    if (!"https".equals(url.getProtocol())) {
        throw new IllegalArgumentException("URL scheme must be https");
    }
    int port = url.getPort();
    if (port == -1) {
        port = 443;
    }
    X509HostnameVerifier hostnameVerifier = new NopX509HostnameVerifierApache();
    CertificateStoringX509TrustManager trustManager = new CertificateStoringX509TrustManager();
    SSLContext sslcontext = SSLContext.getInstance("TLS");
    sslcontext.init(null, new X509TrustManager[] { trustManager }, null);
    SSLSocketFactory sf = new SSLSocketFactory(sslcontext, hostnameVerifier);
    Scheme https = new Scheme("https", port, sf);
    SchemeRegistry sr = new SchemeRegistry();
    sr.register(https);
    BasicClientConnectionManager connectionManager = new BasicClientConnectionManager(sr);
    HttpParams httpParams = new BasicHttpParams();
    httpParams.setParameter(ClientPNames.HANDLE_REDIRECTS, false);
    HttpClient httpClient = new DefaultHttpClient(connectionManager, httpParams);
    log.debug("Saving certificates from server URL: {}", url.toExternalForm());
    HttpHead request = new HttpHead(url.toExternalForm());
    HttpResponse response = httpClient.execute(request);
    log.debug("Server status line: {} {} ({})", new String[] { response.getProtocolVersion().getProtocol(), response.getStatusLine().getReasonPhrase(), String.valueOf(response.getStatusLine().getStatusCode()) });
    httpClient.getConnectionManager().shutdown();
    return trustManager.getStoredCertificates();
}

Also used : Scheme(org.apache.http.conn.scheme.Scheme) HttpResponse(org.apache.http.HttpResponse) SSLContext(javax.net.ssl.SSLContext) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) HttpHead(org.apache.http.client.methods.HttpHead) BasicHttpParams(org.apache.http.params.BasicHttpParams) HttpParams(org.apache.http.params.HttpParams) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) HttpClient(org.apache.http.client.HttpClient) BasicClientConnectionManager(org.apache.http.impl.conn.BasicClientConnectionManager) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) BasicHttpParams(org.apache.http.params.BasicHttpParams)

Example 13 with Scheme

use of org.apache.http.conn.scheme.Scheme in project OpenAttestation by OpenAttestation.

the class ApacheHttpClient method initSchemeRegistryWithPolicy.

/*
    public final void setBaseURL(URL baseURL) {
        this.baseURL = baseURL;
    }
    public final void setKeystore(SimpleKeystore keystore) {
        this.keystore = keystore;
    }    
    public final void setRequireTrustedCertificate(boolean value) {
        requireTrustedCertificate = value;
    }
    public final void setVerifyHostname(boolean value) {
        verifyHostname = value;
    }
    * 
    */
/**
     * Used in Mt Wilson 1.0-RC2
     * 
     * Base URL and other configuration must already be set before calling this
     * method.
     *
     * @param protocol either "http" or "https"
     * @param port such as 80 for http, 443 for https
     * @throws KeyManagementException
     * @throws NoSuchAlgorithmException 
     */
/*
    private SchemeRegistry initSchemeRegistry(String protocol, int port) throws KeyManagementException, NoSuchAlgorithmException {
        SchemeRegistry sr = new SchemeRegistry();
        if( "http".equals(protocol) ) {
            Scheme http = new Scheme("http", port, PlainSocketFactory.getSocketFactory());
            sr.register(http);
        }
        if( "https".equals(protocol) ) {
            X509HostnameVerifier hostnameVerifier; // secure by default (default verifyHostname = true)
            X509TrustManager trustManager; // secure by default, using Java's implementation which verifies the peer and using java's trusted keystore as default if user does not provide a specific keystore
            if( verifyHostname ) {
                hostnameVerifier = SSLSocketFactory.STRICT_HOSTNAME_VERIFIER;
            }
            else { // if( !config.getBoolean("mtwilson.api.ssl.verifyHostname", true) ) {
                hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
            }
            
            if( requireTrustedCertificate && keystore != null ) {
                trustManager = SslUtil.createX509TrustManagerWithKeystore(keystore);                
            }
            else if( requireTrustedCertificate ) { // config.getBoolean("mtwilson.api.ssl.requireTrustedCertificate", true) ) {
                //String truststore = config.getString("mtwilson.api.keystore", System.getProperty("javax.net.ssl.trustStorePath")); // if null use default java trust store...
                //String truststorePassword = config.getString("mtwilson.api.keystore.password", System.getProperty("javax.net.ssl.trustStorePassword"));
//                String truststore = System.getProperty("javax.net.ssl.trustStorePath");
                String truststore = System.getProperty("javax.net.ssl.trustStore");
                String truststorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
                
                // create a trust manager using only our trusted ssl certificates
                if( truststore == null || truststorePassword == null ) {
                    throw new IllegalArgumentException("Require trusted certificates is enabled but truststore is not configured");
                }
                keystore = new SimpleKeystore(new File(truststore), truststorePassword);
                trustManager = SslUtil.createX509TrustManagerWithKeystore(keystore);
            }
            else {
                // user does not want to ensure certificates are trusted, so use a no-op trust manager
                trustManager = new NopX509TrustManager();
            }
            SSLContext sslcontext = SSLContext.getInstance("TLS");
            sslcontext.init(null, new X509TrustManager[] { trustManager }, null); // key manager, trust manager, securerandom
            SSLSocketFactory sf = new SSLSocketFactory(
                sslcontext,
                hostnameVerifier
                );
            Scheme https = new Scheme("https", port, sf); // URl defaults to 443 for https but if user specified a different port we use that instead
            sr.register(https);            
        }        
        return sr;
    }
    */
/**
     * Used in Mt Wilson 1.1
     * 
     * @param protocol
     * @param port
     * @param policy
     * @return
     * @throws KeyManagementException
     * @throws NoSuchAlgorithmException 
     */
private SchemeRegistry initSchemeRegistryWithPolicy(String protocol, int port, ApacheTlsPolicy policy) throws KeyManagementException, NoSuchAlgorithmException {
    SchemeRegistry sr = new SchemeRegistry();
    if ("http".equals(protocol)) {
        Scheme http = new Scheme("http", port, PlainSocketFactory.getSocketFactory());
        sr.register(http);
    }
    if ("https".equals(protocol)) {
        SSLContext sslcontext = SSLContext.getInstance("TLS");
        // key manager, trust manager, securerandom
        sslcontext.init(null, new X509TrustManager[] { policy.getTrustManager() }, null);
        SSLSocketFactory sf = new SSLSocketFactory(sslcontext, policy.getApacheHostnameVerifier());
        // URl defaults to 443 for https but if user specified a different port we use that instead
        Scheme https = new Scheme("https", port, sf);
        sr.register(https);
    }
    return sr;
}

Also used : Scheme(org.apache.http.conn.scheme.Scheme) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) SSLContext(javax.net.ssl.SSLContext) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)

Example 14 with Scheme

use of org.apache.http.conn.scheme.Scheme in project OpenMEAP by OpenMEAP.

the class SSLUtils method getRelaxedSSLVerificationHttpClient.

public static HttpClient getRelaxedSSLVerificationHttpClient() {
    try {
        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
        trustStore.load(null, null);
        SSLSocketFactory sf = new MySSLSocketFactory(trustStore);
        sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        HttpParams params = new BasicHttpParams();
        HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(params, FormConstants.CHAR_ENC_DEFAULT);
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", sf, 443));
        ClientConnectionManager ccm = new ThreadSafeClientConnManager(params, registry);
        return new DefaultHttpClient(ccm, params);
    } catch (Exception e) {
        return new DefaultHttpClient();
    }
}

Also used : BasicHttpParams(org.apache.http.params.BasicHttpParams) HttpParams(org.apache.http.params.HttpParams) Scheme(org.apache.http.conn.scheme.Scheme) ThreadSafeClientConnManager(org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) BasicHttpParams(org.apache.http.params.BasicHttpParams) KeyStore(java.security.KeyStore) ClientConnectionManager(org.apache.http.conn.ClientConnectionManager) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) KeyStoreException(java.security.KeyStoreException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) IOException(java.io.IOException) KeyManagementException(java.security.KeyManagementException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 15 with Scheme

use of org.apache.http.conn.scheme.Scheme in project SmartAndroidSource by jaychou2012.

the class AbstractAjaxCallback method getClient.

private static DefaultHttpClient getClient() {
    if (client == null || !REUSE_CLIENT) {
        AQUtility.debug("creating http client");
        HttpParams httpParams = new BasicHttpParams();
        //httpParams.setParameter(CoreProtocolPNames.PROTOCOL_VERSION, HttpVersion.HTTP_1_1);
        HttpConnectionParams.setConnectionTimeout(httpParams, NET_TIMEOUT);
        HttpConnectionParams.setSoTimeout(httpParams, NET_TIMEOUT);
        //ConnManagerParams.setMaxConnectionsPerRoute(httpParams, new ConnPerRouteBean(NETWORK_POOL));
        ConnManagerParams.setMaxConnectionsPerRoute(httpParams, new ConnPerRouteBean(25));
        //Added this line to avoid issue at: http://stackoverflow.com/questions/5358014/android-httpclient-oom-on-4g-lte-htc-thunderbolt
        HttpConnectionParams.setSocketBufferSize(httpParams, 8192);
        SchemeRegistry registry = new SchemeRegistry();
        registry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 80));
        registry.register(new Scheme("https", ssf == null ? SSLSocketFactory.getSocketFactory() : ssf, 443));
        ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager(httpParams, registry);
        client = new DefaultHttpClient(cm, httpParams);
    }
    return client;
}

Aggregations

Scheme (org.apache.http.conn.scheme.Scheme)103 SchemeRegistry (org.apache.http.conn.scheme.SchemeRegistry)63 SSLSocketFactory (org.apache.http.conn.ssl.SSLSocketFactory)53 ClientConnectionManager (org.apache.http.conn.ClientConnectionManager)40 DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)39 BasicHttpParams (org.apache.http.params.BasicHttpParams)32 HttpParams (org.apache.http.params.HttpParams)30 ThreadSafeClientConnManager (org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager)29 HttpClient (org.apache.http.client.HttpClient)19 AllowAllHostnameVerifier (org.apache.http.conn.ssl.AllowAllHostnameVerifier)17 SSLContext (javax.net.ssl.SSLContext)16 HttpResponse (org.apache.http.HttpResponse)15 CertificateException (java.security.cert.CertificateException)13 HttpHost (org.apache.http.HttpHost)13 MockResponse (com.google.mockwebserver.MockResponse)12 RecordedRequest (com.google.mockwebserver.RecordedRequest)12 IOException (java.io.IOException)12 TestSSLContext (libcore.javax.net.ssl.TestSSLContext)12 HttpGet (org.apache.http.client.methods.HttpGet)12 InetAddress (java.net.InetAddress)9