From: Mark P. <msp...@gm...> - 2011-01-16 02:48:18
|
Answering my own question (at least partially), this may be as good as it gets, with most of this sample code lifted from Bill Burke's book. The business end is SSLClient.doSomething(); package org.petrovic.rest; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; import org.jboss.resteasy.client.ProxyFactory; import org.jboss.resteasy.client.core.executors.ApacheHttpClient4Executor; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import java.io.File; import java.io.FileInputStream; import java.io.IOException; import java.security.KeyManagementException; import java.security.KeyStore; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.UnrecoverableKeyException; import java.security.cert.CertificateException; public class SSLClient extends DefaultHttpClient { public SSLClient() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, KeyManagementException, UnrecoverableKeyException { super(); KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); FileInputStream fis = new FileInputStream(new File("my.keystore")); try { trustStore.load(fis, "storepass".toCharArray()); } finally { fis.close(); } SSLSocketFactory socketFactory = new SSLSocketFactory(trustStore); Scheme scheme = new Scheme("http", socketFactory, 443); getConnectionManager().getSchemeRegistry().register(scheme); } // The money method public void doSomething() { TestResource testResource = ProxyFactory.create(TestResource.class, "http://www.example.com", new ApacheHttpClient4Executor(this)); String foo = testResource.getSomething("foo"); } @Path("/test") public class TestResource { @GET @Produces("application/xml") @Path("something") public String getSomething(@PathParam("something") String something) { return "foo"; } } } On Sat, Jan 15, 2011 at 3:37 PM, Mark Petrovic <msp...@gm...> wrote: > Thanks for a very nice impl of JSR-311. > > Is there a high level RESTEasy client interface that allows one to provide > the underlying HTTP client with a custom SSLContext or socket factory to > cleanly accomodate certs not in the client JRE cacerts file? > > I'm new to RESTEasy, and admittedly only skimmed the code and javadocs. I > could have missed application-provided SSL context stuff. > > Thanks. > -- Mark |