Search in sources :

Example 1 with SchemeSocketFactory

use of org.apache.http.conn.scheme.SchemeSocketFactory in project platformlayer by platformlayer.

the class MetricClientImpl method buildHttpClient.

private HttpClient buildHttpClient(CertificateAndKey certificateAndKey, List<String> trustKeys) {
    int port = metricBaseUrl.getPort();
    if (port == -1) {
        String scheme = metricBaseUrl.getScheme();
        if (scheme.equals("https")) {
            port = 443;
        } else if (scheme.equals("http")) {
            port = 80;
        } else {
            throw new IllegalArgumentException("Unknown scheme: " + scheme);
        }
    }
    SchemeSocketFactory schemeSocketFactory;
    try {
        KeyManager keyManager = new SimpleClientCertificateKeyManager(certificateAndKey);
        TrustManager trustManager;
        X509HostnameVerifier hostnameVerifier;
        if (trustKeys != null) {
            trustManager = new PublicKeyTrustManager(trustKeys);
            hostnameVerifier = SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
        } else {
            trustManager = null;
            hostnameVerifier = SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
        }
        javax.net.ssl.SSLSocketFactory sslSocketFactory = SslHelpers.buildSslSocketFactory(keyManager, trustManager);
        schemeSocketFactory = new SSLSocketFactory(sslSocketFactory, hostnameVerifier);
    } catch (GeneralSecurityException e) {
        throw new IllegalArgumentException("Error building SSL client", e);
    }
    SchemeRegistry schemeRegistry = new SchemeRegistry();
    schemeRegistry.register(new Scheme("https", port, schemeSocketFactory));
    PoolingClientConnectionManager connectionManager = new PoolingClientConnectionManager(schemeRegistry);
    HttpClient httpClient = new DefaultHttpClient(connectionManager);
    httpClient = new DecompressingHttpClient(httpClient);
    return httpClient;
}
Also used : SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager) Scheme(org.apache.http.conn.scheme.Scheme) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) GeneralSecurityException(java.security.GeneralSecurityException) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) TrustManager(javax.net.ssl.TrustManager) PublicKeyTrustManager(com.fathomdb.crypto.ssl.PublicKeyTrustManager) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory) SimpleClientCertificateKeyManager(com.fathomdb.crypto.SimpleClientCertificateKeyManager) KeyManager(javax.net.ssl.KeyManager)

Example 2 with SchemeSocketFactory

use of org.apache.http.conn.scheme.SchemeSocketFactory in project platformlayer by platformlayer.

the class ApacheCommonsHttpConfiguration method buildHttpClient.

HttpClient buildHttpClient(SslConfiguration sslConfiguration) {
    HttpParams httpParams = null;
    if (sslConfiguration == null || sslConfiguration.isEmpty()) {
        sslConfiguration = null;
    }
    ClientConnectionManager connectionManager;
    if (sslConfiguration != null) {
        SchemeSocketFactory schemeSocketFactory;
        try {
            javax.net.ssl.SSLSocketFactory sslSocketFactory = sslConfiguration.getSslSocketFactory();
            X509HostnameVerifier apacheHostnameVerifier = null;
            if (sslConfiguration.getHostnameVerifier() != null) {
                apacheHostnameVerifier = new ApacheHostnameVerifierAdapter(sslConfiguration.getHostnameVerifier());
            } else {
                apacheHostnameVerifier = new ApacheHostnameVerifierAdapter(SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
            }
            schemeSocketFactory = new SSLSocketFactory(sslSocketFactory, apacheHostnameVerifier);
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("Error building SSL client", e);
        }
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("https", 443, schemeSocketFactory));
        connectionManager = buildConnectionManager(schemeRegistry);
    } else {
        SchemeRegistry schemeRegistry = SchemeRegistryFactory.createDefault();
        connectionManager = buildConnectionManager(schemeRegistry);
    }
    HttpClient httpClient = buildDefaultHttpClient(connectionManager, httpParams);
    httpClient = wrapHttpClient(httpClient);
    return httpClient;
}
Also used : Scheme(org.apache.http.conn.scheme.Scheme) SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) GeneralSecurityException(java.security.GeneralSecurityException) ClientConnectionManager(org.apache.http.conn.ClientConnectionManager) PoolingClientConnectionManager(org.apache.http.impl.conn.PoolingClientConnectionManager) HttpParams(org.apache.http.params.HttpParams) X509HostnameVerifier(org.apache.http.conn.ssl.X509HostnameVerifier) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) DefaultHttpClient(org.apache.http.impl.client.DefaultHttpClient) DecompressingHttpClient(org.apache.http.impl.client.DecompressingHttpClient) HttpClient(org.apache.http.client.HttpClient) SSLSocketFactory(org.apache.http.conn.ssl.SSLSocketFactory)

Example 3 with SchemeSocketFactory

use of org.apache.http.conn.scheme.SchemeSocketFactory in project ribbon by Netflix.

the class RestClient method getKeyStore.

public KeyStore getKeyStore() {
    SchemeRegistry registry = httpClient4.getConnectionManager().getSchemeRegistry();
    if (!registry.getSchemeNames().contains("https")) {
        throw new IllegalStateException("Registry does not include an 'https' entry.");
    }
    SchemeSocketFactory awareSocketFactory = httpClient4.getConnectionManager().getSchemeRegistry().getScheme("https").getSchemeSocketFactory();
    if (awareSocketFactory instanceof KeyStoreAwareSocketFactory) {
        return ((KeyStoreAwareSocketFactory) awareSocketFactory).getKeyStore();
    } else {
        throw new IllegalStateException("Cannot extract keystore from scheme socket factory of type: " + awareSocketFactory.getClass().getName());
    }
}
Also used : SchemeSocketFactory(org.apache.http.conn.scheme.SchemeSocketFactory) SchemeRegistry(org.apache.http.conn.scheme.SchemeRegistry) KeyStoreAwareSocketFactory(com.netflix.http4.ssl.KeyStoreAwareSocketFactory)

Aggregations

SchemeRegistry (org.apache.http.conn.scheme.SchemeRegistry)3 SchemeSocketFactory (org.apache.http.conn.scheme.SchemeSocketFactory)3 GeneralSecurityException (java.security.GeneralSecurityException)2 HttpClient (org.apache.http.client.HttpClient)2 Scheme (org.apache.http.conn.scheme.Scheme)2 SSLSocketFactory (org.apache.http.conn.ssl.SSLSocketFactory)2 X509HostnameVerifier (org.apache.http.conn.ssl.X509HostnameVerifier)2 DecompressingHttpClient (org.apache.http.impl.client.DecompressingHttpClient)2 DefaultHttpClient (org.apache.http.impl.client.DefaultHttpClient)2 PoolingClientConnectionManager (org.apache.http.impl.conn.PoolingClientConnectionManager)2 SimpleClientCertificateKeyManager (com.fathomdb.crypto.SimpleClientCertificateKeyManager)1 PublicKeyTrustManager (com.fathomdb.crypto.ssl.PublicKeyTrustManager)1 KeyStoreAwareSocketFactory (com.netflix.http4.ssl.KeyStoreAwareSocketFactory)1 KeyManager (javax.net.ssl.KeyManager)1 TrustManager (javax.net.ssl.TrustManager)1 ClientConnectionManager (org.apache.http.conn.ClientConnectionManager)1 HttpParams (org.apache.http.params.HttpParams)1