cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r568252 - in /incubator/cxf/trunk: rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf
Date Tue, 21 Aug 2007 20:18:00 GMT
Author: dkulp
Date: Tue Aug 21 13:18:00 2007
New Revision: 568252

URL: http://svn.apache.org/viewvc?rev=568252&view=rev
Log:
[CXF-929] Store the SSLSocketFactory so the URL connection can actually honor the Keep-Alive
stuff.


Modified:
    incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
    incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf

Modified: incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
URL: http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java?rev=568252&r1=568251&r2=568252&view=diff
==============================================================================
--- incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
(original)
+++ incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Tue Aug 21 13:18:00 2007
@@ -34,6 +34,7 @@
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
@@ -59,6 +60,8 @@
     private static final Logger LOG =
         LogUtils.getL7dLogger(HttpsURLConnectionFactory.class);
     
+    private static final HostnameVerifier VERIFIER = new AlwaysTrueHostnameVerifier();
+    
     /*
      *  For development and testing only
      */
@@ -82,6 +85,12 @@
      * this factory.
      */
     TLSClientParameters tlsClientParameters;
+    
+    
+    /**
+     * Cache the last SSLContext to avoid recreation
+     */
+    SSLSocketFactory socketFactory;
 
     /**
      * This constructor initialized the factory with the configured TLS
@@ -156,7 +165,7 @@
      * returning true, delegate the trust decision to the 
      * MessageTrustDecider.
      */
-    private class AlwaysTrueHostnameVerifier implements HostnameVerifier {
+    private static class AlwaysTrueHostnameVerifier implements HostnameVerifier {
 
         public boolean verify(
             String      hostname,
@@ -171,43 +180,42 @@
      * This method assigns the various TLS parameters on the HttpsURLConnection
      * from the TLS Client Parameters.
      */
-    protected void decorateWithTLS(HttpsURLConnection connection)
+    protected synchronized void decorateWithTLS(HttpsURLConnection connection)
         throws NoSuchAlgorithmException,
                NoSuchProviderException,
                KeyManagementException {
-        String provider = tlsClientParameters.getJsseProvider();
-        
-        String protocol = tlsClientParameters.getSecureSocketProtocol() != null
-                  ? tlsClientParameters.getSecureSocketProtocol()
-                  : "TLS";
-                  
-        SSLContext ctx = provider == null
-                  ? SSLContext.getInstance(protocol)
-                  : SSLContext.getInstance(protocol, provider);
-        
-        ctx.init(
-            tlsClientParameters.getKeyManagers(), 
-            tlsClientParameters.getTrustManagers(), 
-            tlsClientParameters.getSecureRandom());
-        
-        // The "false" argument means opposite of exclude.
-        String[] cipherSuites =
-            SSLUtils.getCiphersuites(tlsClientParameters.getCipherSuites(),
-                                     SSLUtils.getSupportedCipherSuites(ctx),
-                                     tlsClientParameters.getCipherSuitesFilter(),
-                                     LOG, false);
-
-        connection.setHostnameVerifier(
-                    new AlwaysTrueHostnameVerifier());
-        
-        // The SSLSocketFactoryWrapper enables certain cipher suites
-        // from the policy.
-        connection.setSSLSocketFactory(
-            new SSLSocketFactoryWrapper(ctx.getSocketFactory(),
-                                        cipherSuites));
-        
         
+        if (socketFactory == null) {
+            String provider = tlsClientParameters.getJsseProvider();
+            
+            String protocol = tlsClientParameters.getSecureSocketProtocol() != null
+                      ? tlsClientParameters.getSecureSocketProtocol()
+                      : "TLS";
+                      
+            SSLContext ctx = provider == null
+                      ? SSLContext.getInstance(protocol)
+                      : SSLContext.getInstance(protocol, provider);
+            
+            ctx.init(
+                tlsClientParameters.getKeyManagers(), 
+                tlsClientParameters.getTrustManagers(), 
+                tlsClientParameters.getSecureRandom());
+            
+            // The "false" argument means opposite of exclude.
+            String[] cipherSuites =
+                SSLUtils.getCiphersuites(tlsClientParameters.getCipherSuites(),
+                                         SSLUtils.getSupportedCipherSuites(ctx),
+                                         tlsClientParameters.getCipherSuitesFilter(),
+                                         LOG, false);
+            // The SSLSocketFactoryWrapper enables certain cipher suites
+            // from the policy.
+            socketFactory = new SSLSocketFactoryWrapper(ctx.getSocketFactory(),
+                                                        cipherSuites);
+        }
+        connection.setHostnameVerifier(VERIFIER);        
+        connection.setSSLSocketFactory(socketFactory);
     }
+
     /*
      *  For development and testing only
      */

Modified: incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf
URL: http://svn.apache.org/viewvc/incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf?rev=568252&r1=568251&r2=568252&view=diff
==============================================================================
--- incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf
(original)
+++ incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/http/resources/BethalClientConfig.cxf
Tue Aug 21 13:18:00 2007
@@ -60,7 +60,7 @@
 	     <sec:UserName>Betty</sec:UserName>
 	     <sec:Password>password</sec:Password>
 	  </http:authorization>
-      <http:client AutoRedirect="true"/>
+      <http:client AutoRedirect="true" Connection="Keep-Alive"/>
     
    </http:conduit>
 



Mime
View raw message