本文整理汇总了Java中org.apache.http.conn.ssl.SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER属性的典型用法代码示例。如果您正苦于以下问题:Java SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER属性的具体用法?Java SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER怎么用?Java SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类org.apache.http.conn.ssl.SSLConnectionSocketFactory
的用法示例。
在下文中一共展示了SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER属性的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createSSLConnectionSocketFactory
private static SSLConnectionSocketFactory createSSLConnectionSocketFactory(Path path, char[] password, boolean strict, KeystoreType keystoreType) {
try {
SSLContextBuilder builder = SSLContexts.custom();
if (path != null) {
KeyStore trustStore = KeyStore.getInstance(keystoreType.name());
try (InputStream is = Files.newInputStream(path)) {
trustStore.load(is, password);
}
builder.loadTrustMaterial(trustStore);
} else {
builder.loadTrustMaterial(null, new TrustEverythingStrategy());
}
X509HostnameVerifier verifier;
if (strict) {
verifier = SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
} else {
verifier = SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;
}
return new SSLConnectionSocketFactory(builder.build(), new String[] {"TLSv1", "TLSv1.2"}, null, verifier);
} catch (IOException | GeneralSecurityException ex) {
throw new RuntimeException("Can't create SSL connection factory", ex);
}
}
示例2: getHostNameVerifier
@ReviewBeforeRelease("Need to have a way to communicate with HTTP impl supports disabling of strict" +
"hostname verification. If it doesn't we either need to fail in S3 or switch to path style" +
"addressing.")
private HostnameVerifier getHostNameVerifier(AttributeMap standardOptions) {
// TODO Need to find a better way to handle these deprecations.
return standardOptions.get(SdkHttpConfigurationOption.USE_STRICT_HOSTNAME_VERIFICATION)
? SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER
: SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
}
示例3:
private HostnameVerifier getHostNameVerifier
(HttpClientSettings options) {
// TODO Need to find a better way to handle these deprecations.
return options.useBrowserCompatibleHostNameVerifier()
? SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
: SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER;
}
示例4: _prepareSSL
private void _prepareSSL(HttpClientBuilder clientBuilder) {
try {
SSLContext sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new TrustManager[]{TRUST_ALL_TRUST_MANAGER}, new SecureRandom());
SSLConnectionSocketFactory sslConnectionSocketFactory = new SSLConnectionSocketFactory(sslContext,
verifyServer ? SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER : SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
clientBuilder.setSSLSocketFactory(sslConnectionSocketFactory);
} catch (NoSuchAlgorithmException | KeyManagementException e) {
throw new IllegalStateException(e);
}
}
示例5: buildHttpClient
/**
* Build an Http client using our set of default.
*
* @return HttpClient object
*/
private static HttpClient buildHttpClient()
{
// set timeout so that we don't wait forever.
// Setup the default configuration for all requests on this client
DefaultRequestConfig =
RequestConfig.custom()
.setConnectTimeout(DEFAULT_CONNECTION_TIMEOUT)
.setConnectionRequestTimeout(DEFAULT_CONNECTION_TIMEOUT)
.setSocketTimeout(DEFAULT_HTTP_CLIENT_SOCKET_TIMEOUT)
.build();
// enforce using tlsv1.2
SSLContext sslContext = SSLContexts.createDefault();
// cipher suites need to be picked up in code explicitly for jdk 1.7
// https://stackoverflow.com/questions/44378970/
String[] cipherSuites = decideCipherSuites();
if (logger.isTraceEnabled())
{
logger.trace("Cipher suites used: {}", Arrays.toString(cipherSuites));
}
SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(
sslContext,
new String[] {"TLSv1.2"},
cipherSuites,
SSLConnectionSocketFactory.STRICT_HOSTNAME_VERIFIER);
Registry<ConnectionSocketFactory> registry =
RegistryBuilder.<ConnectionSocketFactory>create()
.register("https", sslSocketFactory)
.register("http",
PlainConnectionSocketFactory.getSocketFactory())
.build();
// Build a connection manager with enough connections
connectionManager = new PoolingHttpClientConnectionManager(registry);
connectionManager.setMaxTotal(DEFAULT_MAX_CONNECTIONS);
connectionManager.setDefaultMaxPerRoute(DEFAULT_MAX_CONNECTIONS_PER_ROUTE);
httpClient =
HttpClientBuilder.create()
.setDefaultRequestConfig(DefaultRequestConfig)
.setConnectionManager(connectionManager)
// Support JVM proxy settings
.useSystemProperties()
.setRedirectStrategy(new DefaultRedirectStrategy())
.setUserAgent("-") // needed for Okta
.build();
return httpClient;
}