abdera-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jmsn...@apache.org
Subject svn commit: r482291 - in /incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client: Client.java util/ClientAuthSSLProtocolSocketFactory.java
Date Mon, 04 Dec 2006 18:58:28 GMT
Author: jmsnell
Date: Mon Dec  4 10:58:27 2006
New Revision: 482291

URL: http://svn.apache.org/viewvc?view=rev&rev=482291
Log:
Supporting SSL with Abdera client is a bit suboptimal right now.
This change makes it possible to register a secure socket factory capable of SSL Client Auth

  ClientAuthSSLProtocolSocketFactory factory = 
    new ClientAuthSSLProtocolSocketFactory(
      "/home/jasnell/mykeystore.jks", "JKS", 
      "storepass", "TLS", "ibmx509", null);
  CommonsClient.registerFactory(factory, 8443);
  CommonsClient client = new CommonsClient(new Abdera());
  Document<Element> doc = client.get("https://example.org/test").getDocument();
  ...

Assuming the keystore contains a cert trusted by the server, 
the factory will use it to do SSL auth as requested by the server.

Added:
    incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/util/ClientAuthSSLProtocolSocketFactory.java
Modified:
    incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/Client.java

Modified: incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/Client.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/Client.java?view=diff&rev=482291&r1=482290&r2=482291
==============================================================================
--- incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/Client.java
(original)
+++ incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/Client.java
Mon Dec  4 10:58:27 2006
@@ -37,6 +37,7 @@
 import org.apache.commons.httpclient.methods.RequestEntity;
 import org.apache.commons.httpclient.protocol.Protocol;
 import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
 
 /**
  * An Atom Publishing Protocol client.
@@ -263,6 +264,16 @@
     SimpleSSLProtocolSocketFactory f = 
       new SimpleSSLProtocolSocketFactory();
     registerFactory(f,port);
+  }
+  
+  public static void registerFactory(
+    SecureProtocolSocketFactory factory, 
+    int port) {
+      Protocol.registerProtocol(
+        "https",
+        new Protocol(
+          "https", 
+          (ProtocolSocketFactory)factory, port));
   }
   
   private static void registerFactory(

Added: incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/util/ClientAuthSSLProtocolSocketFactory.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/util/ClientAuthSSLProtocolSocketFactory.java?view=auto&rev=482291
==============================================================================
--- incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/util/ClientAuthSSLProtocolSocketFactory.java
(added)
+++ incubator/abdera/java/trunk/client/src/main/java/org/apache/abdera/protocol/client/util/ClientAuthSSLProtocolSocketFactory.java
Mon Dec  4 10:58:27 2006
@@ -0,0 +1,138 @@
+package org.apache.abdera.protocol.client.util;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.UnknownHostException;
+import java.security.KeyStore;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+import org.apache.commons.httpclient.ConnectTimeoutException;
+import org.apache.commons.httpclient.params.HttpConnectionParams;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
+
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  The ASF licenses this file to You
+* under the Apache License, Version 2.0 (the "License"); you may not
+* use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.  For additional information regarding
+* copyright in this work, please see the NOTICE file in the top level
+* directory of this distribution.
+*/
+
+public class ClientAuthSSLProtocolSocketFactory 
+  implements SecureProtocolSocketFactory {
+
+  private String keyStore = null;
+  private String keyStoreType = null;
+  private String keyPass = null;
+  private String protocol = "TLS";
+  private String kmfFactory = "ibmX509";
+  private TrustManager tm = null;
+  
+  public ClientAuthSSLProtocolSocketFactory(
+    String keyStore, 
+    String keyStoreType,
+    String keyPass,
+    String protocol,
+    String kmfFactory,
+    TrustManager tm) {
+      this.keyStore = keyStore;
+      this.keyStoreType = keyStoreType;
+      this.keyPass = keyPass;
+      if (protocol != null) this.protocol = protocol;
+      if (kmfFactory != null) this.kmfFactory = kmfFactory;
+      if (tm != null) this.tm = tm;
+  }
+  
+  public Socket createSocket(
+    Socket socket, 
+    String host, 
+    int port, 
+    boolean close) 
+      throws IOException, 
+             UnknownHostException {
+    return createSocket(host,port,null,0,null);
+  }
+
+  public Socket createSocket(
+    String host, 
+    int port) 
+      throws IOException, 
+             UnknownHostException {
+    return createSocket(host,port,null,0,null);
+  }
+
+  public Socket createSocket(
+    String host, 
+    int port, 
+    InetAddress chost, 
+    int cport) 
+      throws IOException, 
+             UnknownHostException {
+    return createSocket(host,port,chost,cport,null);
+  }
+
+  public Socket createSocket(
+    String host, 
+    int port, 
+    InetAddress chost, 
+    int cport, 
+    HttpConnectionParams params) 
+      throws IOException, 
+             UnknownHostException, 
+             ConnectTimeoutException {
+    
+    SSLContext context;
+    SSLSocketFactory factory = null;
+    SSLSocket socket = null;
+    try {
+      KeyManagerFactory kmf;
+      KeyStore ks;
+      char[] passphrase = keyPass.toCharArray();
+
+      context = SSLContext.getInstance(protocol);
+      kmf = KeyManagerFactory.getInstance(kmfFactory);
+      ks = KeyStore.getInstance(keyStoreType);
+      ks.load(new FileInputStream(keyStore), passphrase);
+
+      TrustManager tm = (this.tm != null) ? this.tm : new X509TrustManager() {
+        public void checkClientTrusted(X509Certificate[] arg0, String arg1) 
+          throws CertificateException {}
+        public void checkServerTrusted(X509Certificate[] arg0, String arg1) 
+          throws CertificateException {}
+        public X509Certificate[] getAcceptedIssuers() {
+          return null;
+        }
+      };
+      
+      kmf.init(ks, passphrase);
+      context.init(kmf.getKeyManagers(), new TrustManager[] {tm}, null);
+      
+      factory = context.getSocketFactory();
+
+      socket = (SSLSocket) factory.createSocket(host, port);
+      return socket;
+    } catch (Exception e) {
+      e.printStackTrace();
+    }
+    return null;
+  }
+}
\ No newline at end of file



Mime
View raw message