Example 1 with InvalidConfigurationException
use of org.apache.synapse.transport.exceptions.InvalidConfigurationException in project wso2-synapse by wso2.
the class ClientConnFactoryBuilder method getCustomSSLContexts.
/**
* Looks for a transport parameter named customSSLProfiles and initializes zero or more
* custom SSLContext instances. The syntax for defining custom SSL profiles is as follows.
* <p>
* <parameter name="customSSLProfiles>
* <profile>
* <servers>www.test.org:80, www.test2.com:9763</servers>
* <KeyStore>
* <Location>/path/to/identity/store</Location>
* <Type>JKS</Type>
* <Password>password</Password>
* <KeyPassword>password</KeyPassword>
* </KeyStore>
* <TrustStore>
* <Location>path/tp/trust/store</Location>
* <Type>JKS</Type>
* <Password>password</Password>
* </TrustStore>
* </profile>
* </parameter>
* <p>
* Any number of profiles can be defined under the customSSLProfiles parameter.
*
* @param transportOut transport out description
* @return a map of server addresses and SSL contexts
* @throws AxisFault if at least on SSL profile is not properly configured
*/
private Map<String, SSLContext> getCustomSSLContexts(TransportOutDescription transportOut) throws AxisFault {
TransportOutDescription customSSLProfileTransport = loadDynamicSSLConfig(transportOut);
Parameter customProfilesParam = customSSLProfileTransport.getParameter("customSSLProfiles");
if (customProfilesParam == null) {
return null;
}
if (log.isInfoEnabled()) {
log.info(name + " Loading custom SSL profiles for the HTTPS sender");
}
OMElement customProfilesElt = customProfilesParam.getParameterElement();
Utils.resolveOMElementChildValues(customProfilesElt);
SecretResolver secretResolver = SecretResolverFactory.create(customProfilesElt, true);
Iterator<?> profiles = customProfilesElt.getChildrenWithName(new QName("profile"));
Map<String, SSLContext> contextMap = new HashMap<String, SSLContext>();
while (profiles.hasNext()) {
OMElement profile = (OMElement) profiles.next();
OMElement serversElt = profile.getFirstChildWithName(new QName("servers"));
if (serversElt == null || serversElt.getText() == null) {
String msg = "Each custom SSL profile must define at least one host:port " + "pair under the servers element";
log.error(name + " " + msg);
throw new AxisFault(msg);
}
String[] servers = serversElt.getText().split(",");
OMElement ksElt = profile.getFirstChildWithName(new QName("KeyStore"));
OMElement trElt = profile.getFirstChildWithName(new QName("TrustStore"));
String noValCert = profile.getAttributeValue(new QName("novalidatecert"));
boolean novalidatecert = "true".equals(noValCert);
SSLContext sslContext = null;
try {
sslContext = createSSLContext(ksElt, trElt, novalidatecert, secretResolver);
} catch (AxisFault axisFault) {
String err = "Error occurred while creating SSL context for the servers " + serversElt.getText();
// This runtime exception stop the server startup But it will not affect for dynamic change
throw new InvalidConfigurationException(err, axisFault);
}
for (String server : servers) {
server = server.trim();
if (!contextMap.containsKey(server)) {
contextMap.put(server, sslContext);
} else {
if (log.isWarnEnabled()) {
log.warn(name + " Multiple SSL profiles were found for the server : " + server + ". Ignoring the excessive profiles.");
}
}
}
}
if (contextMap.size() > 0) {
if (log.isInfoEnabled()) {
log.info(name + " Custom SSL profiles initialized for " + contextMap.size() + " servers");
}
return contextMap;
}
return null;
}
Also used :
AxisFault(org.apache.axis2.AxisFault)
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
OMElement(org.apache.axiom.om.OMElement)
SSLContext(javax.net.ssl.SSLContext)
InvalidConfigurationException(org.apache.synapse.transport.exceptions.InvalidConfigurationException)
SecretResolver(org.wso2.securevault.SecretResolver)
Parameter(org.apache.axis2.description.Parameter)
TransportOutDescription(org.apache.axis2.description.TransportOutDescription)
Example 2 with InvalidConfigurationException
use of org.apache.synapse.transport.exceptions.InvalidConfigurationException in project wso2-synapse by wso2.
the class HttpCoreNIOSender method reload.
/**
* Reload SSL configurations and reset all connections
*
* @param transportOut TransportOutDescriptin of the configuration
* @throws AxisFault
*/
public void reload(TransportOutDescription transportOut) throws AxisFault {
log.info("HttpCoreNIOSender reloading SSL Config..");
try {
// create new connection factory
ClientConnFactoryBuilder contextBuilder = initConnFactoryBuilder(transportOut, this.configurationContext);
connFactory = contextBuilder.createConnFactory(params);
// set new connection factory
handler.setConnFactory(connFactory);
iodispatch.setConnFactory(connFactory);
// close existing connections to apply new settings
handler.resetConnectionPool(connFactory.getHostList());
log.info("HttpCoreNIO " + name + " Sender updated with Dynamic Configuration Updates ...");
} catch (InvalidConfigurationException configFault) {
log.error("Ignoring reload SSL config since there is an invalid configuration.", configFault);
}
}
Also used :
ClientConnFactoryBuilder(org.apache.synapse.transport.nhttp.config.ClientConnFactoryBuilder)
InvalidConfigurationException(org.apache.synapse.transport.exceptions.InvalidConfigurationException)
Example 3 with InvalidConfigurationException
use of org.apache.synapse.transport.exceptions.InvalidConfigurationException in project wso2-synapse by wso2.
the class PassThroughHttpSender method reloadDynamicSSLConfig.
/**
* Reload SSL configurations from configurations, reset all connections and restart the thread
*
* @param transport TransportOutDescription of the configuration
* @throws AxisFault
*/
public void reloadDynamicSSLConfig(TransportOutDescription transport) throws AxisFault {
log.info("PassThroughHttpSender reloading SSL Config..");
try {
ClientConnFactoryBuilder connFactoryBuilder = initConnFactoryBuilder(transport, this.configurationContext);
connFactory = connFactoryBuilder.createConnFactory(targetConfiguration.getHttpParams());
// Set new configurations
handler.setConnFactory(connFactory);
ioEventDispatch.setConnFactory(connFactory);
// close existing connections to apply new settings
targetConnections.resetConnectionPool(connFactory.getHostList());
log.info("Pass-through " + namePrefix + " Sender updated with Dynamic Configuration Updates ...");
} catch (InvalidConfigurationException configFault) {
log.error("Ignoring reload SSL config since there is an invalid configuration.", configFault);
}
}
Also used :
ClientConnFactoryBuilder(org.apache.synapse.transport.nhttp.config.ClientConnFactoryBuilder)
InvalidConfigurationException(org.apache.synapse.transport.exceptions.InvalidConfigurationException)
Aggregations
InvalidConfigurationException (org.apache.synapse.transport.exceptions.InvalidConfigurationException)3
ClientConnFactoryBuilder (org.apache.synapse.transport.nhttp.config.ClientConnFactoryBuilder)2
HashMap (java.util.HashMap)1
SSLContext (javax.net.ssl.SSLContext)1
QName (javax.xml.namespace.QName)1
OMElement (org.apache.axiom.om.OMElement)1
AxisFault (org.apache.axis2.AxisFault)1
Parameter (org.apache.axis2.description.Parameter)1
TransportOutDescription (org.apache.axis2.description.TransportOutDescription)1
SecretResolver (org.wso2.securevault.SecretResolver)1
