Examples of TLSClientParameters

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
        // Configure Turststore and KeyStore for SSL Client Authentication.

        Client client = ClientProxy.getClient(port);
        HTTPConduit conduit = (HTTPConduit) client.getConduit();

        TLSClientParameters tlsParams = new TLSClientParameters();
       
        /*Set whether or not JSEE should omit checking if the host name
        specified in the URL matches that of the Common Name (CN)
        on the server's certificate. Default is false; this attribute
        should not be set to true during production use*/
        //tlsParams.setDisableCNCheck(true);
       
        //CXF 2.1.3 will give IllegalExpection if you set portocal to SSL.
        tlsParams.setSecureSocketProtocol("SSLv3");
       
        //provide trust password
        KeyStore keyStore = KeyStore.getInstance("JKS");
        String trustpass = "REDACTED";
       
        // provide your truststore file path
        File truststore = new File(
                "/usr/local/jdk1.5.0_06/jre/lib/security/cacerts");
       
        keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
        TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustFactory.init(keyStore);
        TrustManager[] tm = trustFactory.getTrustManagers();
        tlsParams.setTrustManagers(tm);

        // LabDc certs
        //truststore = new File("/home/lakshmi/x509CRLLocation/LabDctestCert/untrusted.key");  // LabDc-untrusted
        //truststore = new File("/home/lakshmi/x509CRLLocation/LabDctestCert/wrongcn.key");  //LabDc-wrongcn
        //truststore = new File("/home/lakshmi/x509CRLLocation/LabDctestCert/expired.key");  //LabDc-expired
       
        // provide your client store file path
        truststore = new File("/home/lakshmi/x509CRLLocation/WijisServices.key");
        keyStore.load(new FileInputStream(truststore), trustpass.toCharArray());
        KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyFactory.init(keyStore, trustpass.toCharArray());
        KeyManager[] km = keyFactory.getKeyManagers();
        tlsParams.setKeyManagers(km);

        /*FiltersType filter = new FiltersType();
        filter.getInclude().add(".*_EXPORT_.*");
        filter.getInclude().add(".*_EXPORT1024_.*");
        filter.getInclude().add(".*_WITH_DES_.*");
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
    static TLSClientParameters createTLSClientParametersFromType(TLSClientParametersType params)
        throws GeneralSecurityException,
               IOException {

        TLSClientParameters ret = new TLSClientParameters();
        if (params.isDisableCNCheck()) {
            ret.setDisableCNCheck(true);
        }
        if (params.isSetSecureSocketProtocol()) {
            ret.setSecureSocketProtocol(params.getSecureSocketProtocol());
        }
        if (params.isSetCipherSuitesFilter()) {
            ret.setCipherSuitesFilter(params.getCipherSuitesFilter());
        }
        if (params.isSetCipherSuites()) {
            ret.setCipherSuites(params.getCipherSuites().getCipherSuite());
        }
        if (params.isSetJsseProvider()) {
            ret.setJsseProvider(params.getJsseProvider());
        }
        if (params.isSetSecureRandomParameters()) {
            ret.setSecureRandom(
                TLSParameterJaxBUtils.getSecureRandom(
                        params.getSecureRandomParameters()));
        }
        if (params.isSetKeyManagers()) {
            ret.setKeyManagers(
                TLSParameterJaxBUtils.getKeyManagers(params.getKeyManagers()));
        }
        if (params.isSetTrustManagers()) {
            ret.setTrustManagers(
                TLSParameterJaxBUtils.getTrustManagers(
                        params.getTrustManagers()));
        }
        return ret;
    }
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

473
474
475
476
477
478
479
480
481
482
483
            (HTTPConduit) client.getConduit();
       
        HTTPClientPolicy httpClientPolicy = http.getClient();
        assertEquals("the httpClientPolicy's autoRedirect should be true",
                     true, httpClientPolicy.isAutoRedirect());
        TLSClientParameters tlsParameters = http.getTlsClientParameters();
        assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
       
       
        // If we set any name, but Edward, Mary, or George,
        // and a password of "password" we will get through
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

90
91
92
93
94
95
96
97
98
99
100
                                   ? url.openConnection(proxy)
                                   : url.openConnection());
        if (HTTPS_URL_PROTOCOL_ID.equals(url.getProtocol())) {
           
            if (tlsClientParameters == null) {
                tlsClientParameters = new TLSClientParameters();
            }

            Exception ex = null;
            try {
                decorateWithTLS(tlsClientParameters, connection);
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
    static TLSClientParameters createTLSClientParametersFromType(TLSClientParametersType params)
        throws GeneralSecurityException,
               IOException {

        TLSClientParameters ret = new TLSClientParameters();
        boolean usingDefaults = params.isUseHttpsURLConnectionDefaultSslSocketFactory();
       
        if (params.isDisableCNCheck()) {
            ret.setDisableCNCheck(true);
        }
        if (params.isUseHttpsURLConnectionDefaultHostnameVerifier()) {
            ret.setUseHttpsURLConnectionDefaultHostnameVerifier(true);
        }
        if (params.isUseHttpsURLConnectionDefaultSslSocketFactory()) {
            ret.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
        }
        if (params.isSetSecureSocketProtocol()) {
            ret.setSecureSocketProtocol(params.getSecureSocketProtocol());
        }
        if (params.isSetCipherSuitesFilter()) {
            ret.setCipherSuitesFilter(params.getCipherSuitesFilter());
        }
        if (params.isSetCipherSuites()) {
            ret.setCipherSuites(params.getCipherSuites().getCipherSuite());
        }
        if (params.isSetJsseProvider()) {
            ret.setJsseProvider(params.getJsseProvider());
        }
        if (params.isSetSecureRandomParameters() && !usingDefaults) {
            ret.setSecureRandom(
                TLSParameterJaxBUtils.getSecureRandom(
                        params.getSecureRandomParameters()));
        }
        if (params.isSetKeyManagers() && !usingDefaults) {
            ret.setKeyManagers(
                TLSParameterJaxBUtils.getKeyManagers(params.getKeyManagers()));
        }
        if (params.isSetTrustManagers() && !usingDefaults) {
            ret.setTrustManagers(
                TLSParameterJaxBUtils.getTrustManagers(
                        params.getTrustManagers()));
        }
        if (params.isSetCertConstraints()) {
            ret.setCertConstraints(params.getCertConstraints());
        }
        if (params.isSetSslCacheTimeout()) {
            ret.setSslCacheTimeout(params.getSslCacheTimeout());
        }
        return ret;
    }
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

158
159
160
161
162
163
164
165
166
167
168
        HTTPConduit conduit = new HTTPConduit(bus, ei, null);
        conduit.finalizeConfig();
   
        Message message = getNewMessage();
        // We need an SSL policy, or we can't use "https".
        conduit.setTlsClientParameters(new TLSClientParameters());
       
        // Test call
        conduit.prepare(message);
       
        return message.get("http.connection");
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

481
482
483
484
485
486
487
488
489
490
491
            (HTTPConduit) client.getConduit();
       
        HTTPClientPolicy httpClientPolicy = http.getClient();
        assertEquals("the httpClientPolicy's autoRedirect should be true",
                     true, httpClientPolicy.isAutoRedirect());
        TLSClientParameters tlsParameters = http.getTlsClientParameters();
        assertNotNull("the http conduit's tlsParameters should not be null", tlsParameters);
       
       
        // If we set any name, but Edward, Mary, or George,
        // and a password of "password" we will get through
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

841
842
843
844
845
846
847
848
849
850
851
852
853
854
        sslState = null;
        return ctx;
    }

    public void initializeSSLEngine(SSLContext sslcontext, SSLEngine sslengine) {
        TLSClientParameters tlsClientParameters = getTlsClientParameters();
        if (tlsClientParameters == null) {
            tlsClientParameters = new TLSClientParameters();
        }
        String[] cipherSuites = SSLUtils.getCiphersuites(tlsClientParameters.getCipherSuites(),
                                                         SSLUtils.getSupportedCipherSuites(sslcontext),
                                                         tlsClientParameters.getCipherSuitesFilter(), LOG, false);
        sslengine.setEnabledCipherSuites(cipherSuites);
    }
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
        }
    }

    private void applyTlsClientParameters(Dictionary<String, String> d, HTTPConduit c) {
        Enumeration<String> keys = d.keys();
        TLSClientParameters p = c.getTlsClientParameters();
        SecureRandomParameters srp = null;
        KeyManagersType kmt = null;
        TrustManagersType tmt = null;
        while (keys.hasMoreElements()) {
            String k = keys.nextElement();
            if (k.startsWith("tlsClientParameters.")) {
                if (p == null) {
                    p = new TLSClientParameters();
                    c.setTlsClientParameters(p);
                }
                String v = d.get(k);
                k = k.substring("tlsClientParameters.".length());

                if ("secureSocketProtocol".equals(k)) {
                    p.setSecureSocketProtocol(v);
                } else if ("sslCacheTimeout".equals(k)) {
                    p.setSslCacheTimeout(Integer.parseInt(v));
                } else if ("jsseProvider".equals(k)) {
                    p.setJsseProvider(v);
                } else if ("disableCNCheck".equals(k)) {
                    p.setDisableCNCheck(Boolean.parseBoolean(v));
                } else if ("useHttpsURLConnectionDefaultHostnameVerifier".equals(k)) {
                    p.setUseHttpsURLConnectionDefaultHostnameVerifier(Boolean.parseBoolean(v));
                } else if ("useHttpsURLConnectionDefaultSslSocketFactory".equals(k)) {
                    p.setUseHttpsURLConnectionDefaultSslSocketFactory(Boolean.parseBoolean(v));
                } else if (k.startsWith("certConstraints.")) {
                    k = k.substring("certConstraints.".length());
                    CertificateConstraintsType cct = p.getCertConstraints();
                    if (cct == null) {
                        cct = new CertificateConstraintsType();
                        p.setCertConstraints(cct);
                    }
                    DNConstraintsType dnct = null;
                    if (k.startsWith("SubjectDNConstraints.")) {
                        dnct = cct.getSubjectDNConstraints();
                        if (dnct == null) {
                            dnct = new DNConstraintsType();
                            cct.setSubjectDNConstraints(dnct);
                        }
                        k = k.substring("SubjectDNConstraints.".length());
                    } else if (k.startsWith("IssuerDNConstraints.")) {
                        dnct = cct.getIssuerDNConstraints();
                        if (dnct == null) {
                            dnct = new DNConstraintsType();
                            cct.setIssuerDNConstraints(dnct);
                        }
                        k = k.substring("IssuerDNConstraints.".length());
                    }
                    if (dnct != null) {
                        if ("combinator".equals(k)) {
                            dnct.setCombinator(CombinatorType.fromValue(v));
                        } else if ("RegularExpression".equals(k)) {
                            dnct.getRegularExpression().add(k);
                        }
                    }
                } else if (k.startsWith("secureRandomParameters.")) {
                    k = k.substring("secureRandomParameters.".length());
                    if (srp == null) {
                        srp = new SecureRandomParameters();
                    }
                    if ("algorithm".equals(k)) {
                        srp.setAlgorithm(v);
                    } else if ("provider".equals(k)) {
                        srp.setProvider(v);
                    }
                } else if (k.startsWith("cipherSuitesFilter.")) {
                    k = k.substring("cipherSuitesFilter.".length());
                    StringTokenizer st = new StringTokenizer(v, ",");
                    FiltersType ft = p.getCipherSuitesFilter();
                    if (ft == null) {
                        ft = new FiltersType();
                        p.setCipherSuitesFilter(ft);
                    }
                    List<String> lst = "include".equals(k) ? ft.getInclude() : ft.getExclude();
                    while (st.hasMoreTokens()) {
                        lst.add(st.nextToken());
                    }
                } else if (k.startsWith("cipherSuites")) {
                    StringTokenizer st = new StringTokenizer(v, ",");
                    while (st.hasMoreTokens()) {
                        p.getCipherSuites().add(st.nextToken());
                    }
                } else if (k.startsWith("trustManagers.")) {
                    tmt = getTrustManagers(tmt,
                                          k.substring("trustManagers.".length()),
                                          v);
                } else if (k.startsWith("keyManagers.")) {
                    kmt = getKeyManagers(kmt,
                                         k.substring("keyManagers.".length()),
                                         v);
                }
            }
        }
       
        try {
            if (srp != null) {
                p.setSecureRandom(TLSParameterJaxBUtils.getSecureRandom(srp));
            }
            if (kmt != null) {
                p.setKeyManagers(TLSParameterJaxBUtils.getKeyManagers(kmt));
            }
            if (tmt != null) {
                p.setTrustManagers(TLSParameterJaxBUtils.getTrustManagers(tmt));
            }
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e) {
            throw new RuntimeException(e);
View Full Code Here

Examples of org.apache.cxf.configuration.jsse.TLSClientParameters

478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
            final AsyncSchemeRegistry reg = new AsyncSchemeRegistry();
            reg.register(new AsyncScheme("http", 80, null));
            if ("https".equals(url.getScheme())) {
                try {
                    // check tlsClientParameters from message header
                    TLSClientParameters tlsClientParameters = outMessage.get(TLSClientParameters.class);
                    if (tlsClientParameters == null) {
                        tlsClientParameters = getTlsClientParameters();
                    }
                    if (tlsClientParameters == null) {
                        tlsClientParameters = new TLSClientParameters();
                    }

                    final SSLContext sslcontext = getSSLContext(tlsClientParameters);
                    reg.register(new AsyncScheme("https", 443, new SSLLayeringStrategy(sslcontext) {
                        @Override
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.