Package org.apache.camel.util.jsse

Examples of org.apache.camel.util.jsse.SSLContextParameters

79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
        // NOTE: Needed since the client uses a loose trust configuration when no ssl context
        // is provided.  We turn on WANT client-auth to prefer using authentication
        SSLContextServerParameters scsp = new SSLContextServerParameters();
        scsp.setClientAuthentication(ClientAuthentication.WANT.name());

        SSLContextParameters sslContextParameters = new SSLContextParameters();
        sslContextParameters.setKeyManagers(kmp);
        sslContextParameters.setTrustManagers(tmp);
        sslContextParameters.setServerParameters(scsp);
        // use SSLv3 to avoid issue with (eg disable TLS)
        // Caused by: javax.net.ssl.SSLException: bad record MAC
        sslContextParameters.setSecureSocketProtocol("SSLv3");

        registry.bind("sslContextParameters", sslContextParameters);
    }
View Full Code Here
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
public class JsseUtilTest extends OSGiIntegrationSpringTestSupport {
   
    @Test
    public void testSslContextParameters() throws Exception {
       
        SSLContextParameters scp = this.applicationContext.getBean(SSLContextParameters.class);
       
        assertEquals("TLS", scp.getSecureSocketProtocol());
       
        assertNotNull(scp.getKeyManagers());
        assertEquals("changeit", scp.getKeyManagers().getKeyPassword());
        assertNull(scp.getKeyManagers().getProvider());
        assertNotNull(scp.getKeyManagers().getKeyStore());
        assertNull(scp.getKeyManagers().getKeyStore().getType());
       
        assertNotNull(scp.getTrustManagers());
        assertNull(scp.getTrustManagers().getProvider());
        assertNotNull(scp.getTrustManagers().getKeyStore());
        assertNull(scp.getTrustManagers().getKeyStore().getType());
       
        assertNull(scp.getSecureRandom());
       
        assertNull(scp.getClientParameters());
       
        assertNull(scp.getServerParameters());
       
        // Test that the instantiation will work when running in OSGi and using
        // class path resources.
        scp.createSSLContext();
    }
View Full Code Here
51
52
53
54
55
56
57
58
59
60
61
62
63
64
        // NOTE: Needed since the client uses a loose trust configuration when no ssl context
        // is provided.  We turn on WANT client-auth to prefer using authentication
        SSLContextServerParameters scsp = new SSLContextServerParameters();
        scsp.setClientAuthentication(ClientAuthentication.WANT.name());

        SSLContextParameters sslContextParameters = new SSLContextParameters();
        sslContextParameters.setKeyManagers(kmp);
        sslContextParameters.setTrustManagers(tmp);
        sslContextParameters.setServerParameters(scsp);

        JndiRegistry registry = super.createRegistry();
        registry.bind("sslContextParameters", sslContextParameters);
        return registry;
    }
View Full Code Here
181
182
183
184
185
186
187
188
189
190
191
        X509HostnameVerifier x509HostnameVerifier = resolveAndRemoveReferenceParameter(parameters, "x509HostnameVerifier", X509HostnameVerifier.class);
        if (x509HostnameVerifier == null) {
            x509HostnameVerifier = this.x509HostnameVerifier;
        }
       
        SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParametersRef", SSLContextParameters.class);
        if (sslContextParameters == null) {
            sslContextParameters = this.sslContextParameters;
        }
       
        boolean secure = HttpHelper.isSecureConnection(uri);
View Full Code Here
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
        Boolean enableMultipartFilter = getAndRemoveParameter(parameters, "enableMultipartFilter",
                                                              Boolean.class, true);
        Filter multipartFilter = resolveAndRemoveReferenceParameter(parameters, "multipartFilterRef", Filter.class);
        Long continuationTimeout = getAndRemoveParameter(parameters, "continuationTimeout", Long.class);
        Boolean useContinuation = getAndRemoveParameter(parameters, "useContinuation", Boolean.class);
        SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParametersRef", SSLContextParameters.class);
       
       
        // configure http client if we have url configuration for it
        // http client is only used for jetty http producer (hence not very commonly used)
        HttpClient client = null;
        if (IntrospectionSupport.hasProperties(parameters, "httpClient.") || sslContextParameters != null) {
            client = getNewHttpClient();
           
            if (IntrospectionSupport.hasProperties(parameters, "httpClient.")) {
                if (isExplicitHttpClient) {
                    LOG.warn("The user explicitly set an HttpClient instance on the component, "
                             + "but this endpoint provides HttpClient configuration.  Are you sure that "
                             + "this is what was intended?  Applying endpoint configuration to a new HttpClient instance "
                             + "to avoid altering existing HttpClient instances.");
                }
           
                // set additional parameters on http client
                IntrospectionSupport.setProperties(client, parameters, "httpClient.");
                // validate that we could resolve all httpClient. parameters as this component is lenient
                validateParameters(uri, parameters, "httpClient.");
            }
           
            // Note that the component level instance is already configured in getNewHttpClient.
            // We replace it here for endpoint level config.
            if (sslContextParameters != null) {
                if (isExplicitHttpClient) {
                    LOG.warn("The user explicitly set an HttpClient instance on the component, "
                             + "but this endpoint provides SSLContextParameters configuration.  Are you sure that "
                             + "this is what was intended?  Applying endpoint configuration to a new HttpClient instance "
                             + "to avoid altering existing HttpClient instances.");
                }
               
                ((CamelHttpClient) client).setSSLContext(sslContextParameters.createSSLContext());
            }
        } else {
            // Either we use the default one created by the component or we are using
            // one explicitly set by the end user, either way, we just use it as is.
            client = getHttpClient();
View Full Code Here
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
       
        // Note that this was set on the endpoint when it was constructed.  It was
        // either explicitly set at the component or on the endpoint, but either way,
        // the value is already set.  We therefore do not need to look at the component
        // level SSLContextParameters again in this method.
        SSLContextParameters endpointSslContextParameters = endpoint.getSslContextParameters();
       
        if (endpointSslContextParameters != null) {
            SslContextFactory contextFact = new SslContextFactory() {
                /**
                 * We are going to provide the context so none of the configuration options
                 * matter in the factory.  This method does not account for this scenario so
                 * we short-circuit it here to just let things go when the context is already
                 * provided.
                 */
                @Override
                public boolean checkConfig() {
                    if (getSslContext() == null) {
                        return super.checkConfig();
                    } else {
                        return true;
                    }
                }
               
            };
            contextFact.setSslContext(endpointSslContextParameters.createSSLContext());
            answer = new SslSelectChannelConnector(contextFact);
        } else {
            answer = new SslSelectChannelConnector();
            // with default null values, jetty ssl system properties
            // and console will be read by jetty implementation
View Full Code Here
252
253
254
255
256
257
258
259
260
261
262
    }

    @Override
    protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {

        SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParametersRef", SSLContextParameters.class);
        Boolean enableJmx = getAndRemoveParameter(parameters, "enableJmx", Boolean.class);
        String staticResources = getAndRemoveParameter(parameters, "staticResources", String.class);
        int port = extractPortNumber(remaining);
        String host = extractHostName(remaining);
View Full Code Here
128
129
130
131
132
133
134
135
136
137
138
        kmp.setKeyStore(ksp);

        TrustManagersParameters tmp = new TrustManagersParameters();
        tmp.setKeyStore(ksp);
       
        SSLContextParameters sslContextParameters = new SSLContextParameters();
        sslContextParameters.setKeyManagers(kmp);
        sslContextParameters.setTrustManagers(tmp);

        registry.bind("sslContextParameters", sslContextParameters);
    }
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
        X509HostnameVerifier x509HostnameVerifier = resolveAndRemoveReferenceParameter(parameters, "x509HostnameVerifier", X509HostnameVerifier.class);
        if (x509HostnameVerifier == null) {
            x509HostnameVerifier = getX509HostnameVerifier();
        }
       
        SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParametersRef", SSLContextParameters.class);
        if (sslContextParameters == null) {
            sslContextParameters = getSslContextParameters();
        }
       
        boolean secure = HttpHelper.isSecureConnection(uri);
View Full Code Here
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
                                                              Boolean.class, true);
        Filter multipartFilter = resolveAndRemoveReferenceParameter(parameters, "multipartFilterRef", Filter.class);
        List<Filter> filters = resolveAndRemoveReferenceListParameter(parameters, "filtersRef", Filter.class);
        Long continuationTimeout = getAndRemoveParameter(parameters, "continuationTimeout", Long.class);
        Boolean useContinuation = getAndRemoveParameter(parameters, "useContinuation", Boolean.class);
        SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParametersRef", SSLContextParameters.class);
       
       
        // configure http client if we have url configuration for it
        // http client is only used for jetty http producer (hence not very commonly used)
        HttpClient client = null;
        if (IntrospectionSupport.hasProperties(parameters, "httpClient.") || sslContextParameters != null) {
            client = getNewHttpClient();
           
            if (IntrospectionSupport.hasProperties(parameters, "httpClient.")) {
                if (isExplicitHttpClient) {
                    LOG.warn("The user explicitly set an HttpClient instance on the component, "
                             + "but this endpoint provides HttpClient configuration.  Are you sure that "
                             + "this is what was intended?  Applying endpoint configuration to a new HttpClient instance "
                             + "to avoid altering existing HttpClient instances.");
                }
           
                // set additional parameters on http client
                IntrospectionSupport.setProperties(client, parameters, "httpClient.");
                // validate that we could resolve all httpClient. parameters as this component is lenient
                validateParameters(uri, parameters, "httpClient.");
            }
           
            // Note that the component level instance is already configured in getNewHttpClient.
            // We replace it here for endpoint level config.
            if (sslContextParameters != null) {
                if (isExplicitHttpClient) {
                    LOG.warn("The user explicitly set an HttpClient instance on the component, "
                             + "but this endpoint provides SSLContextParameters configuration.  Are you sure that "
                             + "this is what was intended?  Applying endpoint configuration to a new HttpClient instance "
                             + "to avoid altering existing HttpClient instances.");
                }
               
                ((CamelHttpClient) client).setSSLContext(sslContextParameters.createSSLContext());
            }
        } else {
            // Either we use the default one created by the component or we are using
            // one explicitly set by the end user, either way, we just use it as is.
            client = getHttpClient();
View Full Code Here
TOP

Related Classes of org.apache.camel.util.jsse.SSLContextParameters

  • org.apache.camel.component.ahc.BaseAhcTest
  • org.apache.camel.component.ahc.ws.WssProducerTest
  • org.apache.camel.component.apns.util.ApnsUtils
  • org.apache.camel.component.box.internal.BoxClientHelper
  • org.apache.camel.component.box.internal.LoginAuthFlowUI
  • org.apache.camel.component.cometd.SslContextParametersCometdProducerConsumerTest
  • org.apache.camel.component.cometd.SslContextParametersInUriCometdProducerConsumerTest
  • org.apache.camel.component.file.remote.FileToFtpsExplicitSSLWithClientAuthAndSSLContextParametersTest
  • org.apache.camel.component.file.remote.FileToFtpsExplicitSSLWithoutClientAuthAndSSLContextParametersTest
  • org.apache.camel.component.file.remote.FileToFtpsExplicitTLSWithClientAuthAndSSLContextParametersTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.