Menu
▾
▴
[ebxmlms-commits] ebxmlms/src/hk/hku/cecid/phoenix/message/transport Http.java,1.5,1.6
|
From: <bob...@us...> - 2003-09-10 04:47:13
|
Update of /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/transport
In directory sc8-pr-cvs1:/tmp/cvs-serv3802/src/hk/hku/cecid/phoenix/message/transport
Modified Files:
Http.java
Log Message:
Change KeyStoreTrustManager to make it 1.3 compilance
add AlwaysTrueHostnameVerifier to easy debugging.
change Http.java to support SSL Server authentication
Note that in order to support JSDK 1.3, it use some deprecated functions.
Also note that the settings to support SSL maybe dependent to the
app. server.
Index: Http.java
===================================================================
RCS file: /cvsroot/ebxmlms/ebxmlms/src/hk/hku/cecid/phoenix/message/transport/Http.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** Http.java 9 Sep 2003 04:06:18 -0000 1.5
--- Http.java 10 Sep 2003 04:47:02 -0000 1.6
***************
*** 75,82 ****
--- 75,84 ----
// import hk.hku.cecid.phoenix.message.handler.Utility;
import hk.hku.cecid.phoenix.message.packaging.EbxmlMessage;
+ import hk.hku.cecid.phoenix.pki.KeyStoreTrustManager;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
+ import java.io.FileInputStream;
import java.io.File;
import java.io.OutputStream;
***************
*** 85,96 ****
--- 87,109 ----
import java.security.Provider;
import java.security.Security;
+ import java.security.KeyStore;
import java.util.Iterator;
import java.util.Map;
// import java.util.Map.Entry;
import java.util.StringTokenizer;
+ /*
import javax.net.ssl.KeyManager;
+ import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
+ */
+ import com.sun.net.ssl.KeyManager;
+ import com.sun.net.ssl.SSLContext;
+ import com.sun.net.ssl.TrustManager;
+ import com.sun.net.ssl.HostnameVerifier;
+ import com.sun.net.ssl.HttpsURLConnection;
+
+ import javax.net.ssl.SSLSocketFactory;
import javax.xml.soap.MessageFactory;
// import javax.xml.soap.MimeHeader;
***************
*** 128,131 ****
--- 141,146 ----
Constants.DEFAULT_CONTENT_TRANSFER_ENCODING;
+ private static HostnameVerifier hostnameVerifier;
+ private static SSLSocketFactory sslSocketFactory;
public static void configure(Property prop) throws InitializationException {
String s = prop.get(Constants.PROPERTY_CONTENT_TRANSFER_ENCODING);
***************
*** 148,152 ****
logger.debug("Use custom Hostname Verifier on SSL : "
+ hostnameVerifierClassname);
! HostnameVerifier hostnameVerifier = null;
try {
hostnameVerifier = (HostnameVerifier)
--- 163,167 ----
logger.debug("Use custom Hostname Verifier on SSL : "
+ hostnameVerifierClassname);
! //HostnameVerifier hostnameVerifier = null;
try {
hostnameVerifier = (HostnameVerifier)
***************
*** 158,162 ****
throw new InitializationException(err);
}
! HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
}
/*
--- 173,177 ----
throw new InitializationException(err);
}
! //HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
}
/*
***************
*** 170,175 ****
(Constants.PROPERTY_SSL_TRUST_KEY_STORE_PASSWORD, "");
if (trustedStorePath.equals("")) {
! trustedStorePath = System.getProperty
! (Constants.PROPERTY_USER_HOME);
}
String realTrustedStorePath = trustedStorePath + File.separator
--- 185,190 ----
(Constants.PROPERTY_SSL_TRUST_KEY_STORE_PASSWORD, "");
if (trustedStorePath.equals("")) {
! trustedStorePath = System.getProperty(
! Constants.PROPERTY_USER_HOME);
}
String realTrustedStorePath = trustedStorePath + File.separator
***************
*** 177,182 ****
--- 192,228 ----
File realTrustStoreFile = new File(trustedStorePath + File.separator
+ trustedStoreFile);
+ TrustManager[] trustManagers = null;
+ KeyManager[] keyManagers = null;
if (realTrustStoreFile.exists() && realTrustStoreFile.isFile()) {
logger.debug("Use SSL trusted keystore : " + realTrustStoreFile);
+ KeyStore keystore = null;
+ InputStream istream = null;
+ /*
+ load the trust certificate keystore.
+ */
+ try {
+ keystore = KeyStore.getInstance("JKS");
+ istream = new FileInputStream(realTrustStoreFile);
+ keystore.load(istream, trustedStorePassword.toCharArray());
+ /*
+ init the trust manager using trust certificate keystore.
+ */
+ trustManagers = new TrustManager[]{
+ new KeyStoreTrustManager(keystore)};
+ } catch (Exception e) {
+ logger.warn("Cannot load SSL Trust Keystore : "
+ + e.getMessage());
+ logger.warn("Use Default SSL Trust Keystore settings");
+ } finally {
+ try {
+ if (istream != null) {
+ istream.close();
+ }
+ } catch (IOException e) {
+ }
+ }
+ }
+ if (trustManagers != null || keyManagers != null) {
+ configureHTTPS(keyManagers, trustManagers);
}
}
***************
*** 184,188 ****
private static void configureHTTPS(KeyManager[] keyManagers,
TrustManager[] trustManagers) throws InitializationException {
!
}
--- 230,247 ----
private static void configureHTTPS(KeyManager[] keyManagers,
TrustManager[] trustManagers) throws InitializationException {
! try {
! SSLContext context = SSLContext.getInstance("SSL");
! context.init(keyManagers, trustManagers, null);
! /*
! HttpsURLConnection.setDefaultSSLSocketFactory(
! context.getSocketFactory());
! */
! sslSocketFactory = context.getSocketFactory();
! } catch (Exception e) {
! String err = ErrorMessages.getMessage
! (ErrorMessages.ERR_HERMES_INIT_ERROR, e.getMessage());
! logger.error(err, e);
! throw new InitializationException(err);
! }
}
***************
*** 262,271 ****
SSL_WWW_PROTOCOL + "|" + pkgs);
System.setProperty(PROTOCOL_HANDLER_PKGS, pkgs);
- Security.addProvider((Provider) Class.forName
- (SSL_SSL_PROVIDER).newInstance());
}
}
HttpURLConnection connection = (HttpURLConnection)
url.openConnection();
connection.setRequestMethod(HTTP_METHOD);
connection.setDoInput(true);
--- 321,335 ----
SSL_WWW_PROTOCOL + "|" + pkgs);
System.setProperty(PROTOCOL_HANDLER_PKGS, pkgs);
}
}
HttpURLConnection connection = (HttpURLConnection)
url.openConnection();
+ if (connection instanceof com.sun.net.ssl.HttpsURLConnection) {
+ logger.info("Connect to a HTTPS connection");
+ HttpsURLConnection httpsConnection
+ = (HttpsURLConnection) connection;
+ httpsConnection.setHostnameVerifier(hostnameVerifier);
+ httpsConnection.setSSLSocketFactory(sslSocketFactory);
+ }
connection.setRequestMethod(HTTP_METHOD);
connection.setDoInput(true);
|
