Examples of javax.net.ssl.HttpsURLConnection$DefaultHostnameVerifier

• javax.net.ssl.HttpsURLConnection
  3.org/pub/WWW/Protocols/"> http://www.w3.org/pub/WWW/Protocols/ and RFC 2818 for more details on the https specification.

  This class uses HostnameVerifier and SSLSocketFactory. There are default implementations defined for both classes. However, the implementations can be replaced on a per-class (static) or per-instance basis. All new HttpsURLConnections instances will be assigned the "default" static values at instance creation, but they can be overriden by calling the appropriate per-instance set method(s) before connecting. @since 1.4

      if ( reqUrl.getProtocol().equalsIgnoreCase("https")){

          // see ConfigurationChecker for SSL client defaults

        HttpsURLConnection ssl_con = (HttpsURLConnection)reqUrl.openConnection();

          // allow for certs that contain IP addresses rather than dns names

        ssl_con.setHostnameVerifier(
            new HostnameVerifier() {
              public boolean verify(String host, SSLSession session) {
                return( true );
              }
            });

              if ( url.getProtocol().equalsIgnoreCase("https")){

                  // see ConfigurationChecker for SSL client defaults

                HttpsURLConnection ssl_con = (HttpsURLConnection)url.openConnection();

                  // allow for certs that contain IP addresses rather than dns names

                ssl_con.setHostnameVerifier(
                    new HostnameVerifier()
                    {
                      public boolean
                      verify(
                          String    host,

     if ( reqUrl.getProtocol().equalsIgnoreCase("https")){

       // see ConfigurationChecker for SSL client defaults

       HttpsURLConnection ssl_con = (HttpsURLConnection)reqUrl.openConnection();

       // allow for certs that contain IP addresses rather than dns names

       ssl_con.setHostnameVerifier(
           new HostnameVerifier()
           {
             public boolean
             verify(
                 String    host,

          + ":" + httpHost.getInetSocketAddress().getPort() + httpHost.getUri();

      URL url = new URL(urlString);
      http = (HttpURLConnection) url.openConnection();
      if (httpHost.isSecure()) {
        HttpsURLConnection https = (HttpsURLConnection) http;

        makeSSLSocketFactory();

        https.setSSLSocketFactory(sslSocketFactory);
        https.setHostnameVerifier(vf);
      }
      http.setRequestMethod("GET");
      http.setDoOutput(true);
      http.setReadTimeout(httpHost.getTimeout());

        throw new IOException(mue.getMessage());
      }
  } else if (sSourceURI.startsWith("https://")) {
    try {
        URL oUrl = new URL(sSourceURI);
      HttpsURLConnection oCon = (HttpsURLConnection) oUrl.openConnection();
      int iResponseCode = oCon.getResponseCode();
      oCon.disconnect();
      bExists = (iResponseCode>=200 && iResponseCode<=299);
      } catch (MalformedURLException mue) {
        throw new IOException(mue.getMessage());
      }
  }

    {
      LoginState state = null;
    String url = this.buildUrl(user, img);
    try {
          URL doUrl = new URL(url);
          HttpsURLConnection conn = (HttpsURLConnection) doUrl.openConnection();
          int status = conn.getResponseCode();
          logger.debug("SSISignV4:status="+status);

          switch(status){

            case 401:
                logger.debug("Invalid password...");
                state = LoginState.SSI_AUTH_FAIL;
                break;

              case 421:
                Element e = XMLHelper.build(conn.getErrorStream());
              Element vn = XMLHelper.find(e, "/results/verification");
              this.processVerifyAction(vn.getAttributeValue("algorithm"), vn.getAttributeValue("type"),
                  vn.getAttributeValue("text"), vn.getAttributeValue("tips"));
              return LoginState.SSI_NEED_VERIFY;


              case 420:
                logger.debug("SSISignV4: invalid verify code.");
                Element e1 = XMLHelper.build(conn.getErrorStream());
              Element vn1 = XMLHelper.find(e1, "/results/verification");
              this.processVerifyAction(vn1.getAttributeValue("algorithm"), vn1.getAttributeValue("type"),
                  vn1.getAttributeValue("text"), vn1.getAttributeValue("tips"));
                state = LoginState.SSI_VERIFY_FAIL;
                break;

              case 433:
                logger.debug("SSISignV4: User account suspend.");
                state = LoginState.SSI_ACCOUNT_SUSPEND;
                break;

              case 404:
                logger.debug("SSISignV4: User not found..");
                state = LoginState.SSI_ACCOUNT_NOT_FOUND;
                break;

              case 503:
                logger.debug("SSISignV4: SSIServer overload...");
                state = LoginState.SSI_CONNECT_FAIL;
                break;

              case 200:
                logger.debug("SSISignIn: sign in success.");
                state = LoginState.SSI_SIGN_IN_SUCCESS;

                String h = conn.getHeaderField("Set-Cookie");
              int s = h.indexOf("ssic=");
              int m = h.indexOf(';');
              user.setSsiCredential( h.substring(s+5,m) );

              Element root = XMLHelper.build(conn.getInputStream());
              Element userEl = XMLHelper.find(root, "/results/user");
              user.setUri(userEl.getAttributeValue("uri"));
              user.setUserId(Integer.parseInt(userEl.getAttributeValue("user-id")));
              String mobileStr = userEl.getAttributeValue("mobile-no");
              if(mobileStr!=null && mobileStr.length()>0)

  private LoginState signIn(User user, String pid, String pic)
  {
    LoginState state = null;
    String url = this.buildUrl(user, pid, pic);
    try {
          HttpsURLConnection conn = (HttpsURLConnection) this.getConnection(url);
          conn.addRequestProperty("User-Agent", "IIC2.0/PC "+FetionClient.PROTOCOL_VERSION);
          logger.debug("SSISignIn: status="+Integer.toString(conn.getResponseCode()));
          int status = conn.getResponseCode();
          switch(status) {
          case 401:
            logger.debug("Invalid password...");
            state = LoginState.SSI_AUTH_FAIL;
            break;

          case 421:
          case 422:
            logger.debug("SSISignIn: need verify.");
            state = LoginState.SSI_NEED_VERIFY;
            break;

          case 420:
            logger.debug("SSISignIn: invalid verify code.");
            state = LoginState.SSI_VERIFY_FAIL;
            break;

          case 433:
            logger.debug("SSISignIn: User account suspend.");
            state = LoginState.SSI_ACCOUNT_SUSPEND;
            break;

          case 404:
            logger.debug("SSISginIn: User not found..");
            state = LoginState.SSI_ACCOUNT_NOT_FOUND;
            break;

          case 503:
            logger.debug("SSIServer overload...");
            state = LoginState.SSI_CONNECT_FAIL;
            break;

          case 200:
            logger.debug("SSISignIn: sign in success.");
            state = LoginState.SSI_SIGN_IN_SUCCESS;

            String header = conn.getHeaderField("Set-Cookie");
            int s = header.indexOf("ssic=");
            int e = header.indexOf(';');
            String ssic = header.substring(s+5,e);

            Element root = XMLHelper.build(conn.getInputStream());
            String statusCode = root.getAttributeValue("status-code");
            Element userEl = root.getChild("user");
            String uri = userEl.getAttributeValue("uri");
            String uid = userEl.getAttributeValue("user-id");
            user.setSsiCredential(ssic);

            verifier = CertificateHostnameVerifier.DEFAULT;
        }

        if (connection instanceof HttpsURLConnection) {
            // handle the expected case (javax.net.ssl)
            HttpsURLConnection conn = (HttpsURLConnection) connection;
            conn.setHostnameVerifier(verifier);
            conn.setSSLSocketFactory(socketFactory);
        } else {
            // handle the deprecated sun case and other possible hidden API's
            // that are similar to the Sun cases
            try {
                Method method = connection.getClass().getMethod("getHostnameVerifier");

   * @param map Key-value map.
   * @return the response input stream.
   */
  private InputStream doRequest(String url, String requestMethod, Map<String, String> map) {
    try {
      HttpsURLConnection conn = (HttpsURLConnection) new URL(url)
          .openConnection();
      conn.setRequestProperty("Accept-Encoding", "gzip, deflate");
            conn.setDoOutput(requestMethod.equals(METHOD_POST) || requestMethod.equals(METHOD_PUT));
            conn.setRequestMethod(requestMethod);

            if(map != null && !map.isEmpty()) {
                StringBuilder sb = new StringBuilder();
                for (String key : map.keySet()) {
                    sb.append(sb.length() > 0 ? "&" : "")
                        .append(key)
                        .append("=")
                        .append(URLEncoder.encode(map.get(key), "UTF-8"));
                }
                conn.getOutputStream().write(sb.toString().getBytes());
                conn.getOutputStream().close();
            }

      if (conn.getResponseCode() > 399) {
        return null;
      } else {
        return getWrappedInputStream(
                    conn.getInputStream(), GZIP_ENCODING.equalsIgnoreCase(conn.getContentEncoding())
                );
      }
    } catch (IOException e) {
      throw new TrelloException(e.getMessage());
    }

   * Verify hostname verifier is set and accepts all
   */
  @Test
  public void verifierAccepts() {
    HttpRequest request = get("https://localhost");
    HttpsURLConnection connection = (HttpsURLConnection) request
        .getConnection();
    request.trustAllHosts();
    assertNotNull(connection.getHostnameVerifier());
    assertTrue(connection.getHostnameVerifier().verify(null, null));
  }