cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ashaki...@apache.org
Subject git commit: [CXF-5652]: enhanced HttpsConnectionFactory to check JVM properties in order to initialize key managers, if they are not specified explicitly
Date Mon, 21 Jul 2014 11:05:52 GMT
Repository: cxf
Updated Branches:
  refs/heads/master 95bfefb65 -> 2f4c97ffa


[CXF-5652]: enhanced HttpsConnectionFactory to check JVM properties in order to initialize
key managers, if they are not specified explicitly


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2f4c97ff
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2f4c97ff
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2f4c97ff

Branch: refs/heads/master
Commit: 2f4c97ffa5679ad6f9a80a0f210b6e990a90bbea
Parents: 95bfefb
Author: Andrei Shakirin <andrei.shakirin@gmail.com>
Authored: Mon Jul 21 13:05:36 2014 +0200
Committer: Andrei Shakirin <andrei.shakirin@gmail.com>
Committed: Mon Jul 21 13:05:36 2014 +0200

----------------------------------------------------------------------
 .../apache/cxf/configuration/jsse/SSLUtils.java | 29 ++++++++++++++++++++
 .../https/HttpsURLConnectionFactory.java        |  4 +++
 2 files changed, 33 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2f4c97ff/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
index aaa58f3..07f7485 100644
--- a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
+++ b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java
@@ -144,6 +144,35 @@ public final class SSLUtils {
         return keystoreManagers;
     }
 
+    public static KeyManager[] getDefaultKeyStoreManagers(Logger log) {
+        String location = getKeystore(null, log);
+        String keyStorePassword = getKeystorePassword(null, log);
+        String keyPassword = getKeyPassword(null, log);
+        FileInputStream fis = null;
+        
+        try {
+            KeyManagerFactory kmf = 
+                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); 

+            KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+            
+            fis = new FileInputStream(location);
+            ks.load(fis, (keyStorePassword != null) ? keyStorePassword.toCharArray() : null);
+            kmf.init(ks, (keyPassword != null) ? keyPassword.toCharArray() : null);
+            return kmf.getKeyManagers();
+        } catch (Exception e) {
+            log.warning("Default key managers cannot be initialized: " + e.getMessage());
+            return null;
+        } finally {
+            if (fis != null) {
+                try {
+                    fis.close();
+                } catch (IOException e) {
+                    log.warning("Keystore stream cannot be closed: " + e.getMessage());
+                }
+            }
+        }
+    }
+
     public static KeyManager[] loadKeyStore(KeyManagerFactory kmf,
                                                KeyStore ks,
                                                ByteArrayInputStream bin,

http://git-wip-us.apache.org/repos/asf/cxf/blob/2f4c97ff/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
index 56637ee..5b0f025 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
@@ -164,6 +164,10 @@ public class HttpsURLConnectionFactory {
             if (tlsClientParameters.getCertAlias() != null) {
                 getKeyManagersWithCertAlias(tlsClientParameters, keyManagers);
             }
+            
+            if (keyManagers == null) {
+                keyManagers = SSLUtils.getDefaultKeyStoreManagers(LOG);
+            }
             ctx.init(keyManagers, tlsClientParameters.getTrustManagers(),
                      tlsClientParameters.getSecureRandom());
 


Mime
View raw message