cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cschnei...@apache.org
Subject svn commit: r1036748 - in /cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport: http/HTTPConduit.java https/CertConstraintsInterceptor.java https/HttpsMessageTrustDecider.java
Date Fri, 19 Nov 2010 07:17:21 GMT
Author: cschneider
Date: Fri Nov 19 07:17:21 2010
New Revision: 1036748

URL: http://svn.apache.org/viewvc?rev=1036748&view=rev
Log:
Small refactoring of http transport

Added:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
  (with props)
Modified:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?rev=1036748&r1=1036747&r2=1036748&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
Fri Nov 19 07:17:21 2010
@@ -364,66 +364,61 @@ public class HTTPConduit 
         }
     }
     
-    /**
-     * This call gets called by the HTTPTransportFactory after it
-     * causes an injection of the Spring configuration properties
-     * of this Conduit.
-     */
-    protected void finalizeConfig() {
-        // See if not set by configuration, if there are defaults
-        // in order from the Endpoint, Service, or Bus.
-        
-        configureConduitFromEndpointInfo(this, endpointInfo);
-
+    private void logConfig() {
+        if (!LOG.isLoggable(Level.FINE)) {
+            return;
+        }
         if (trustDecider == null) {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE,
+            LOG.log(Level.FINE,
                     "No Trust Decider configured for Conduit '"
                     + getConduitName() + "'");
-            }
         } else {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE, "Message Trust Decider of class '" 
+            LOG.log(Level.FINE, "Message Trust Decider of class '" 
                     + trustDecider.getClass().getName()
                     + "' with logical name of '"
                     + trustDecider.getLogicalName()
                     + "' has been configured for Conduit '" 
                     + getConduitName()
                     + "'");
-            }
         }
         if (authSupplier == null) {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE,
+            LOG.log(Level.FINE,
                     "No Auth Supplier configured for Conduit '"
                     + getConduitName() + "'");
-            }
         } else {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE, "HttpAuthSupplier of class '" 
+            LOG.log(Level.FINE, "HttpAuthSupplier of class '" 
                     + authSupplier.getClass().getName()
                     + "' with logical name of '"
                     + authSupplier.getLogicalName()
                     + "' has been configured for Conduit '" 
                     + getConduitName()
                     + "'");
-            }
         }
         if (this.tlsClientParameters != null) {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE, "Conduit '" + getConduitName()
+            LOG.log(Level.FINE, "Conduit '" + getConduitName()
                     + "' has been configured for TLS "
                     + "keyManagers " + Arrays.toString(tlsClientParameters.getKeyManagers())
                     + "trustManagers " + Arrays.toString(tlsClientParameters.getTrustManagers())
                     + "secureRandom " + tlsClientParameters.getSecureRandom()
                     + "Disable Common Name (CN) Check: " + tlsClientParameters.isDisableCNCheck());
-            }
+
         } else {
-            if (LOG.isLoggable(Level.FINE)) {
-                LOG.log(Level.FINE, "Conduit '" + getConduitName()
+            LOG.log(Level.FINE, "Conduit '" + getConduitName()
                     + "' has been configured for plain http.");
-            }
         }
+    }
+    
+    /**
+     * This call gets called by the HTTPTransportFactory after it
+     * causes an injection of the Spring configuration properties
+     * of this Conduit.
+     */
+    protected void finalizeConfig() {
+        // See if not set by configuration, if there are defaults
+        // in order from the Endpoint, Service, or Bus.
+        
+        configureConduitFromEndpointInfo(this, endpointInfo);
+        logConfig();
 
         // Get the correct URLConnection factory based on the 
         // configuration.

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java?rev=1036748&r1=1036747&r2=1036748&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
Fri Nov 19 07:17:21 2010
@@ -33,7 +33,6 @@ import org.apache.cxf.phase.AbstractPhas
 import org.apache.cxf.phase.Phase;
 import org.apache.cxf.security.transport.TLSSessionInfo;
 import org.apache.cxf.transport.http.MessageTrustDecider;
-import org.apache.cxf.transport.http.URLConnectionInfo;
 import org.apache.cxf.transport.http.UntrustedURLConnectionIOException; 
 
 /**
@@ -62,31 +61,7 @@ public final class CertConstraintsInterc
                 
                 if (connection instanceof HttpsURLConnection) {
                     final MessageTrustDecider orig = message.get(MessageTrustDecider.class);
-                    MessageTrustDecider trust = new MessageTrustDecider() {
-                        public void establishTrust(String conduitName,
-                                URLConnectionInfo connectionInfo,
-                                Message message)
-                            throws UntrustedURLConnectionIOException {
-                            if (orig != null) {
-                                orig.establishTrust(conduitName, connectionInfo, message);
-                            }
-                            HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo;
-
-                            if (info.getServerCertificates() == null 
-                                    || info.getServerCertificates().length == 0) {
-                                throw new UntrustedURLConnectionIOException(
-                                    "No server certificates were found"
-                                );
-                            } else {
-                                X509Certificate[] certs = (X509Certificate[])info.getServerCertificates();
-                                if (!certConstraints.matches(certs[0])) {
-                                    throw new UntrustedURLConnectionIOException(
-                                        "The server certificate(s) do not match the defined
cert constraints"
-                                    );
-                                }
-                            }
-                        }
-                    };
+                    MessageTrustDecider trust = new HttpsMessageTrustDecider(certConstraints,
orig);
                     message.put(MessageTrustDecider.class, trust);
                 } else {
                     throw new UntrustedURLConnectionIOException(

Added: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java?rev=1036748&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
(added)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
Fri Nov 19 07:17:21 2010
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.transport.https;
+
+import java.security.cert.X509Certificate;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.transport.http.MessageTrustDecider;
+import org.apache.cxf.transport.http.URLConnectionInfo;
+import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
+
+final class HttpsMessageTrustDecider extends MessageTrustDecider {
+    private final CertConstraints certConstraints;
+    private final MessageTrustDecider orig;
+
+    HttpsMessageTrustDecider(CertConstraints certConstraints,
+            MessageTrustDecider orig) {
+        this.certConstraints = certConstraints;
+        this.orig = orig;
+    }
+
+    public void establishTrust(String conduitName,
+            URLConnectionInfo connectionInfo,
+            Message message)
+        throws UntrustedURLConnectionIOException {
+        if (orig != null) {
+            orig.establishTrust(conduitName, connectionInfo, message);
+        }
+        HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo;
+
+        if (info.getServerCertificates() == null 
+                || info.getServerCertificates().length == 0) {
+            throw new UntrustedURLConnectionIOException(
+                "No server certificates were found"
+            );
+        } else {
+            X509Certificate[] certs = (X509Certificate[])info.getServerCertificates();
+            if (!certConstraints.matches(certs[0])) {
+                throw new UntrustedURLConnectionIOException(
+                    "The server certificate(s) do not match the defined cert constraints"
+                );
+            }
+        }
+    }
+}
\ No newline at end of file

Propchange: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain



Mime
View raw message