Example 1 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.
the class AbstractServletWebServerFactoryTests method sslDisabled.
@Test
public void sslDisabled() throws Exception {
AbstractServletWebServerFactory factory = getFactory();
Ssl ssl = getSsl(null, "password", "classpath:test.jks");
ssl.setEnabled(false);
factory.setSsl(ssl);
this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
this.webServer.start();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
this.thrown.expect(SSLException.class);
getResponse(getLocalUrl("https", "/hello"), requestFactory);
}
Also used :
ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean)
HttpClient(org.apache.http.client.HttpClient)
HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory)
Ssl(org.springframework.boot.web.server.Ssl)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
Test(org.junit.Test)
Example 2 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.
the class AbstractServletWebServerFactoryTests method sslNeedsClientAuthenticationFailsWithoutClientCertificate.
@Test(expected = IOException.class)
public void sslNeedsClientAuthenticationFailsWithoutClientCertificate() throws Exception {
AbstractServletWebServerFactory factory = getFactory();
addTestTxtFile(factory);
factory.setSsl(getSsl(ClientAuth.NEED, "password", "classpath:test.jks"));
this.webServer = factory.getWebServer();
this.webServer.start();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
getResponse(getLocalUrl("https", "/test.txt"), requestFactory);
}
Also used :
HttpClient(org.apache.http.client.HttpClient)
HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
Test(org.junit.Test)
Example 3 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.
the class AbstractServletWebServerFactoryTests method serverHeaderCanBeCustomizedWhenUsingSsl.
@Test
public void serverHeaderCanBeCustomizedWhenUsingSsl() throws Exception {
AbstractServletWebServerFactory factory = getFactory();
factory.setServerHeader("MyServer");
factory.setSsl(getSsl(null, "password", "src/test/resources/test.jks"));
this.webServer = factory.getWebServer(new ServletRegistrationBean<>(new ExampleServlet(true, false), "/hello"));
this.webServer.start();
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
ClientHttpResponse response = getClientResponse(getLocalUrl("https", "/hello"), HttpMethod.GET, new HttpComponentsClientHttpRequestFactory(httpClient));
assertThat(response.getHeaders().get("Server")).containsExactly("MyServer");
}
Also used :
ServletRegistrationBean(org.springframework.boot.web.servlet.ServletRegistrationBean)
HttpClient(org.apache.http.client.HttpClient)
HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
Test(org.junit.Test)
Example 4 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project spring-boot by spring-projects.
the class EndpointWebMvcAutoConfigurationTests method assertContent.
private void assertContent(String scheme, String url, int port, Object expected) throws Exception {
SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).build());
HttpClient httpClient = HttpClients.custom().setSSLSocketFactory(socketFactory).build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
ClientHttpRequest request = requestFactory.createRequest(new URI(scheme + "://localhost:" + port + url), HttpMethod.GET);
try {
ClientHttpResponse response = request.execute();
if (HttpStatus.NOT_FOUND.equals(response.getStatusCode())) {
throw new FileNotFoundException();
}
try {
String actual = StreamUtils.copyToString(response.getBody(), Charset.forName("UTF-8"));
if (expected instanceof Matcher) {
assertThat(actual).is(Matched.by((Matcher<?>) expected));
} else {
assertThat(actual).isEqualTo(expected);
}
} finally {
response.close();
}
} catch (Exception ex) {
if (expected == null) {
if (SocketException.class.isInstance(ex) || FileNotFoundException.class.isInstance(ex)) {
return;
}
}
throw ex;
}
}
Also used :
Matcher(org.hamcrest.Matcher)
HttpClient(org.apache.http.client.HttpClient)
FileNotFoundException(java.io.FileNotFoundException)
HttpComponentsClientHttpRequestFactory(org.springframework.http.client.HttpComponentsClientHttpRequestFactory)
ClientHttpRequest(org.springframework.http.client.ClientHttpRequest)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
URI(java.net.URI)
ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)
TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy)
FileNotFoundException(java.io.FileNotFoundException)
WebServerException(org.springframework.boot.web.server.WebServerException)
SocketException(java.net.SocketException)
ExpectedException(org.junit.rules.ExpectedException)
Example 5 with SSLContextBuilder
use of org.apache.http.ssl.SSLContextBuilder in project pact-jvm by DiUS.
the class InsecureHttpsRequest method setupInsecureSSL.
private void setupInsecureSSL() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
HttpClientBuilder b = HttpClientBuilder.create();
// setup a Trust Strategy that allows all certificates.
//
TrustStrategy trustStrategy = (chain, authType) -> true;
SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, trustStrategy).build();
b.setSSLContext(sslContext);
// don't check Hostnames, either.
// -- use SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want to weaken
HostnameVerifier hostnameVerifier = new NoopHostnameVerifier();
// here's the special part:
// -- need to create an SSL Socket Factory, to use our weakened "trust strategy";
// -- and create a Registry, to register it.
//
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext, hostnameVerifier);
Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", sslSocketFactory).build();
// now, we create connection-manager using our Registry.
// -- allows multi-threaded use
PoolingHttpClientConnectionManager connMgr = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
b.setConnectionManager(connMgr);
// finally, build the HttpClient;
// -- done!
this.httpclient = b.build();
}
Also used :
HttpPost(org.apache.http.client.methods.HttpPost)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
TrustStrategy(org.apache.http.ssl.TrustStrategy)
SSLContext(javax.net.ssl.SSLContext)
RegistryBuilder(org.apache.http.config.RegistryBuilder)
HttpOptions(org.apache.http.client.methods.HttpOptions)
IOException(java.io.IOException)
KeyManagementException(java.security.KeyManagementException)
KeyStoreException(java.security.KeyStoreException)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
HttpPut(org.apache.http.client.methods.HttpPut)
Registry(org.apache.http.config.Registry)
HttpGet(org.apache.http.client.methods.HttpGet)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
URI(java.net.URI)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
TrustStrategy(org.apache.http.ssl.TrustStrategy)
ConnectionSocketFactory(org.apache.http.conn.socket.ConnectionSocketFactory)
PlainConnectionSocketFactory(org.apache.http.conn.socket.PlainConnectionSocketFactory)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
SSLContext(javax.net.ssl.SSLContext)
SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder)
SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory)
NoopHostnameVerifier(org.apache.http.conn.ssl.NoopHostnameVerifier)
HostnameVerifier(javax.net.ssl.HostnameVerifier)
PoolingHttpClientConnectionManager(org.apache.http.impl.conn.PoolingHttpClientConnectionManager)
Aggregations
SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)21
SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)20
HttpClient (org.apache.http.client.HttpClient)15
TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)15
HttpComponentsClientHttpRequestFactory (org.springframework.http.client.HttpComponentsClientHttpRequestFactory)14
Test (org.junit.Test)12
ServletRegistrationBean (org.springframework.boot.web.servlet.ServletRegistrationBean)6
File (java.io.File)5
FileInputStream (java.io.FileInputStream)5
KeyStore (java.security.KeyStore)5
SSLContext (javax.net.ssl.SSLContext)5
IOException (java.io.IOException)4
NoopHostnameVerifier (org.apache.http.conn.ssl.NoopHostnameVerifier)3
TrustStrategy (org.apache.http.conn.ssl.TrustStrategy)3
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)3
HttpClientBuilder (org.apache.http.impl.client.HttpClientBuilder)3
URI (java.net.URI)2
URISyntaxException (java.net.URISyntaxException)2
KeyManagementException (java.security.KeyManagementException)2
KeyStoreException (java.security.KeyStoreException)2
