本文整理汇总了Java中org.apache.cxf.configuration.jsse.TLSClientParameters.setDisableCNCheck方法的典型用法代码示例。如果您正苦于以下问题:Java TLSClientParameters.setDisableCNCheck方法的具体用法?Java TLSClientParameters.setDisableCNCheck怎么用?Java TLSClientParameters.setDisableCNCheck使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.apache.cxf.configuration.jsse.TLSClientParameters的用法示例。
在下文中一共展示了TLSClientParameters.setDisableCNCheck方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: disableCertificateChecks
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
private void disableCertificateChecks(Client cxfClient) {
HTTPConduit httpConduit = (HTTPConduit) cxfClient.getConduit();
TLSClientParameters tlsCP = new TLSClientParameters();
tlsCP.setTrustManagers(getNoCertificationCheckTrustManager());
tlsCP.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsCP);
}
示例2: setClientAuthentication
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
private static void setClientAuthentication(Object client, String userName, String password) {
// Properties p = new Properties(); //PropertiesLoader.getPropertiesFromFile("config.properties");
ClientConfiguration config = WebClient.getConfig(client);
HTTPConduit httpConduit = (HTTPConduit) config.getConduit();
AuthorizationPolicy authorization = new AuthorizationPolicy();
authorization.setUserName(userName);
authorization.setPassword(password);
httpConduit.setAuthorization(authorization);
TLSClientParameters tlsParams = new TLSClientParameters();
TrustManager[] trustAllCerts = new TrustManager[] { new TrustManager() };
tlsParams.setTrustManagers(trustAllCerts);
// disables verification of the common name (the host for which the certificate has been issued)
tlsParams.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsParams);
}
示例3: createTrustedWebClient
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public static WebClient createTrustedWebClient( String url )
{
WebClient client = WebClient.create( url );
HTTPConduit httpConduit = ( HTTPConduit ) WebClient.getConfig( client ).getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout( defaultConnectionTimeout );
httpClientPolicy.setReceiveTimeout( defaultReceiveTimeout );
httpClientPolicy.setMaxRetransmits( defaultMaxRetransmits );
httpConduit.setClient( httpClientPolicy );
SSLManager sslManager = new SSLManager( null, null, null, null );
TLSClientParameters tlsClientParameters = new TLSClientParameters();
tlsClientParameters.setDisableCNCheck( true );
tlsClientParameters.setTrustManagers( sslManager.getClientFullTrustManagers() );
httpConduit.setTlsClientParameters( tlsClientParameters );
return client;
}
示例4: build
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
/**
* Build a client proxy, for a specific proxy type.
*
* @param proxyType proxy type class
* @return client proxy stub
*/
protected <T> T build(Class<T> proxyType) {
String address = generateAddress();
T rootResource;
// Synchronized on the class to correlate with the scope of clientStaticResources
// We want to ensure that the shared bean isn't set concurrently in multiple callers
synchronized (AmbariClientBuilder.class) {
JAXRSClientFactoryBean bean = cleanFactory(clientStaticResources.getUnchecked(proxyType));
bean.setAddress(address);
if (username != null) {
bean.setUsername(username);
bean.setPassword(password);
}
if (enableLogging) {
bean.setFeatures(Arrays.<AbstractFeature> asList(new LoggingFeature()));
}
rootResource = bean.create(proxyType);
}
boolean isTlsEnabled = address.startsWith("https://");
ClientConfiguration config = WebClient.getConfig(rootResource);
HTTPConduit conduit = (HTTPConduit) config.getConduit();
if (isTlsEnabled) {
TLSClientParameters tlsParams = new TLSClientParameters();
if (!validateCerts) {
tlsParams.setTrustManagers(new TrustManager[] { new AcceptAllTrustManager() });
} else if (trustManagers != null) {
tlsParams.setTrustManagers(trustManagers);
}
tlsParams.setDisableCNCheck(!validateCn);
conduit.setTlsClientParameters(tlsParams);
}
HTTPClientPolicy policy = conduit.getClient();
policy.setConnectionTimeout(connectionTimeoutUnits.toMillis(connectionTimeout));
policy.setReceiveTimeout(receiveTimeoutUnits.toMillis(receiveTimeout));
return rootResource;
}
示例5: configureSSLOnTheClient
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public void configureSSLOnTheClient(Client client) {
//NOTE: The below order matters!
HTTPConduit httpConduit = (HTTPConduit)client.getConduit();
KeyStore keyStore = getInstanceOfKeyStore();
loadKeyStore(keyStore, config.getKeystorePath(), config.getKeystorePassword());
KeyManagerFactory keyFactory = getInstanceOfKeyManagerFactory(keyStore, config.getKeyManagerPassword());
loadKeyStore(keyStore, config.getTruststorePath(), config.getTruststorePassword());
TrustManagerFactory trustFactory = getInstanceOfTrustManagerFactory(keyStore);
FiltersType filter = new FiltersType();
filter.getInclude().add(".*_WITH_3DES_.*");
filter.getInclude().add(".*_WITH_DES_.*");
filter.getInclude().add(".*_WITH_NULL_.*");
filter.getExclude().add(".*_DH_anon_.*");
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setDisableCNCheck(true);
tlsParams.setTrustManagers(trustFactory.getTrustManagers());
tlsParams.setKeyManagers(keyFactory.getKeyManagers());
tlsParams.setCipherSuitesFilter(filter);
httpConduit.setTlsClientParameters(tlsParams);
}
示例6: configureBean
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
@Override
public void configureBean(String name, Object beanInstance) {
if (beanInstance instanceof HTTPConduit) {
HTTPConduit http = (HTTPConduit) beanInstance;
TLSClientParameters tls = new TLSClientParameters();
tls.setTrustManagers(trustManagers);
tls.setKeyManagers(keyManagers);
tls.setDisableCNCheck(true);
tls.setCipherSuitesFilter(getCipherSuites());
http.setTlsClientParameters(tls);
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout(36000);
httpClientPolicy.setAllowChunking(false);
httpClientPolicy.setReceiveTimeout(120000);
http.setClient(httpClientPolicy);
} else {
parentConfigurer.configureBean(name, beanInstance);
}
}
示例7: setupTLS
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
private static void setupTLS(Greeter port)
throws FileNotFoundException, IOException, GeneralSecurityException {
String keyStoreLoc = "src/main/config/clientKeystore.jks";
HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();
TLSClientParameters tlsCP = new TLSClientParameters();
String keyPassword = "ckpass";
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
tlsCP.setKeyManagers(myKeyManagers);
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
tlsCP.setTrustManagers(myTrustStoreKeyManagers);
tlsCP.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsCP);
}
示例8: getWsClientProxy
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public static Object getWsClientProxy(
Class<?> clientClass,
String wsUrl,
String wsUserName,
String wsPassword,
String authType,
boolean generateTimestamp,
boolean logCalls,
boolean disableCnCheck,
Integer timeout) {
ClientProxyFactoryBean factory = new JaxWsProxyFactoryBean();
factory.setAddress(wsUrl);
factory.setServiceClass(clientClass);
if (logCalls) {
factory.getInInterceptors().add(new LoggingInInterceptor());
factory.getOutInterceptors().add(new LoggingOutInterceptor());
}
String authTypeBo = authType;
if (authTypeBo == null || authTypeBo.length() == 0) {
if (wsUserName != null && wsUserName.length() > 0)
authTypeBo = "BASIC";
}
if ("BASIC".equalsIgnoreCase(authTypeBo)) {
factory.setUsername(wsUserName);
factory.setPassword(wsPassword);
} else if ("USERNAMETOKEN".equalsIgnoreCase(authTypeBo)) {
Map<String, Object> wss4jInterceptorProps = new HashMap<String, Object>();
if (generateTimestamp) {
wss4jInterceptorProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.TIMESTAMP + " " + WSHandlerConstants.USERNAME_TOKEN);
} else {
wss4jInterceptorProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN);
}
wss4jInterceptorProps.put(WSHandlerConstants.USER, wsUserName);
wss4jInterceptorProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
ClientPasswordCallback cp = new ClientPasswordCallback(wsPassword);
wss4jInterceptorProps.put(WSHandlerConstants.PW_CALLBACK_REF, cp);
factory.getOutInterceptors().add(new WSS4JOutInterceptor(wss4jInterceptorProps));
}
Object c = factory.create();
Client client = ClientProxy.getClient(c);
HTTPConduit httpConduit = (HTTPConduit)client.getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
if (timeout != null) {
httpClientPolicy.setConnectionTimeout(timeout);
httpClientPolicy.setReceiveTimeout(timeout);
}
// Envio chunked
httpClientPolicy.setAllowChunking(isWsClientChunked());
httpConduit.setClient(httpClientPolicy);
if (disableCnCheck) {
TLSClientParameters tlsParams = new TLSClientParameters();
tlsParams.setDisableCNCheck(true);
httpConduit.setTlsClientParameters(tlsParams);
}
return c;
}
示例9: buildEnvironmentWebClient
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public static WebClient buildEnvironmentWebClient( final PeerInfo peerInfo, final String path,
final Object provider )
{
String effectiveUrl = String.format( ENVIRONMENT_URL_TEMPLATE, peerInfo.getIp(), peerInfo.getPublicSecurePort(),
path.startsWith( "/" ) ? path : "/" + path );
WebClient client = WebClient.create( effectiveUrl, Arrays.asList( provider ) );
client.type( MediaType.APPLICATION_JSON );
client.accept( MediaType.APPLICATION_JSON );
HTTPConduit httpConduit = ( HTTPConduit ) WebClient.getConfig( client ).getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout( DEFAULT_CONNECTION_TIMEOUT );
httpClientPolicy.setReceiveTimeout( DEFAULT_RECEIVE_TIMEOUT );
httpClientPolicy.setMaxRetransmits( DEFAULT_MAX_RETRANSMITS );
httpConduit.setClient( httpClientPolicy );
KeyStoreTool keyStoreManager = new KeyStoreTool();
KeyStoreData keyStoreData = new KeyStoreData();
keyStoreData.setupKeyStorePx2();
keyStoreData.setAlias( SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS );
KeyStore keyStore = keyStoreManager.load( keyStoreData );
LOG.debug( String.format( "Getting key with alias: %s for url: %s", SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS,
effectiveUrl ) );
KeyStoreData trustStoreData = new KeyStoreData();
trustStoreData.setupTrustStorePx2();
KeyStore trustStore = keyStoreManager.load( trustStoreData );
SSLManager sslManager = new SSLManager( keyStore, keyStoreData, trustStore, trustStoreData );
TLSClientParameters tlsClientParameters = new TLSClientParameters();
tlsClientParameters.setDisableCNCheck( true );
tlsClientParameters.setTrustManagers( sslManager.getClientTrustManagers() );
tlsClientParameters.setKeyManagers( sslManager.getClientKeyManagers() );
tlsClientParameters.setCertAlias( SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS );
httpConduit.setTlsClientParameters( tlsClientParameters );
return client;
}
示例10: getTLSClientParameters
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
private TLSClientParameters getTLSClientParameters() {
final TLSClientParameters tlsCP = new TLSClientParameters();
if (trustAllCerts) {
final TrustManager[] myTrustStoreKeyManagers = getTrustManagers();
tlsCP.setTrustManagers(myTrustStoreKeyManagers);
}
tlsCP.setDisableCNCheck(disableCNCheck);
return tlsCP;
}
示例11: getTLSClientParameters
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
private static TLSClientParameters getTLSClientParameters(final boolean trustAllCerts, final boolean disableCNCheck) {
final TLSClientParameters tlsCP = new TLSClientParameters();
if (trustAllCerts) {
final TrustManager[] myTrustStoreKeyManagers = getTrustManagers();
tlsCP.setTrustManagers(myTrustStoreKeyManagers);
}
tlsCP.setDisableCNCheck(disableCNCheck);
return tlsCP;
}
示例12: buildPeerWebClient
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public static WebClient buildPeerWebClient( final PeerInfo peerInfo, final String path, final Object provider,
long connectTimeoutMs, long readTimeoutMs, int maxAttempts )
{
String effectiveUrl = String.format( PEER_URL_TEMPLATE, peerInfo.getIp(), peerInfo.getPublicSecurePort(),
path.startsWith( "/" ) ? path : "/" + path );
WebClient client;
if ( provider == null )
{
client = WebClient.create( effectiveUrl );
}
else
{
client = WebClient.create( effectiveUrl, Collections.singletonList( provider ) );
}
client.type( MediaType.APPLICATION_JSON );
client.accept( MediaType.APPLICATION_JSON );
HTTPConduit httpConduit = ( HTTPConduit ) WebClient.getConfig( client ).getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout( connectTimeoutMs );
httpClientPolicy.setReceiveTimeout( readTimeoutMs );
httpClientPolicy.setMaxRetransmits( maxAttempts );
httpConduit.setClient( httpClientPolicy );
KeyStoreTool keyStoreManager = new KeyStoreTool();
KeyStoreData keyStoreData = new KeyStoreData();
keyStoreData.setupKeyStorePx2();
keyStoreData.setAlias( SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS );
KeyStore keyStore = keyStoreManager.load( keyStoreData );
LOG.debug( String.format( "Getting key with alias: %s for url: %s", SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS,
effectiveUrl ) );
KeyStoreData trustStoreData = new KeyStoreData();
trustStoreData.setupTrustStorePx2();
KeyStore trustStore = keyStoreManager.load( trustStoreData );
SSLManager sslManager = new SSLManager( keyStore, keyStoreData, trustStore, trustStoreData );
TLSClientParameters tlsClientParameters = new TLSClientParameters();
tlsClientParameters.setDisableCNCheck( true );
tlsClientParameters.setTrustManagers( sslManager.getClientTrustManagers() );
tlsClientParameters.setKeyManagers( sslManager.getClientKeyManagers() );
tlsClientParameters.setCertAlias( SecuritySettings.KEYSTORE_PX2_ROOT_ALIAS );
httpConduit.setTlsClientParameters( tlsClientParameters );
return client;
}
示例13: createTrustedWebClientWithAuth
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
public static WebClient createTrustedWebClientWithAuth( String url, KeyStore keyStore, char[] keyStorePassword,
byte[] serverFingerprint ) throws HubManagerException
{
try
{
WebClient client = WebClient.create( url );
// A client certificate is not provided in SSL context if async connection is used.
// See details: #311 - Registration failure due to inability to find fingerprint.
Map<String, Object> requestContext = WebClient.getConfig( client ).getRequestContext();
requestContext.put( "use.async.http.conduit", Boolean.FALSE );
HTTPConduit httpConduit = ( HTTPConduit ) WebClient.getConfig( client ).getConduit();
HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
httpClientPolicy.setConnectionTimeout( SECONDS_15 );
httpClientPolicy.setReceiveTimeout( SECONDS_30 );
httpClientPolicy.setMaxRetransmits( DEFAULT_MAX_RETRANSMITS );
httpConduit.setClient( httpClientPolicy );
KeyManagerFactory keyManagerFactory =
KeyManagerFactory.getInstance( KeyManagerFactory.getDefaultAlgorithm() );
keyManagerFactory.init( keyStore, keyStorePassword );
TLSClientParameters tlsClientParameters = new TLSClientParameters();
tlsClientParameters.setDisableCNCheck( true );
tlsClientParameters
.setTrustManagers( new TrustManager[] { new FingerprintTrustManager( serverFingerprint ) } );
tlsClientParameters.setKeyManagers( keyManagerFactory.getKeyManagers() );
httpConduit.setTlsClientParameters( tlsClientParameters );
return client;
}
catch ( Exception e )
{
throw new HubManagerException( e );
}
}
示例14: applyCertificates
import org.apache.cxf.configuration.jsse.TLSClientParameters; //导入方法依赖的package包/类
/**
* If a custom key or trust store is specified, perform required additional setup to CXF HTTP handling to use it
*
* @param http
* The HTTP conduit being used for communication
* @return The provided conduit
* @throws Exception
* If there is an error finding or applying key/trust store data
*/
protected HTTPConduit applyCertificates(HTTPConduit http) throws Exception {
StoreParameters trustStoreParams = StoreParameters.getTrustStoreParameters();
StoreParameters keyStoreParams = StoreParameters.getKeyStoreParameters();
// Only enable for debugging if you are working with a non exact match on the hostname in the SSL Certificate
// bad security practice for this to be true for production use
boolean disableCnCheck = false;
if (disableCnCheck || trustStoreParams.isCustomLocation() || keyStoreParams.isCustomLocation()) {
TLSClientParameters tlsClientParameters = new TLSClientParameters();
if (disableCnCheck) {
tlsClientParameters.setDisableCNCheck(true);
logger.warn("Disabling CN Host checking - not recommended for production operations!");
}
// Trust store setup
if (trustStoreParams.isCustomLocation()) {
TrustManagerFactory trustFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustFactory.init(trustStoreParams.asKeyStore());
TrustManager[] tm = trustFactory.getTrustManagers();
tlsClientParameters.setTrustManagers(tm);
logger.info("Configuring CXF with explicit trust store");
}
// Key store setup
if (keyStoreParams.isCustomLocation()) {
KeyManagerFactory keyFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyFactory.init(keyStoreParams.asKeyStore(), keyStoreParams.getStorePassword());
KeyManager[] km = keyFactory.getKeyManagers();
tlsClientParameters.setKeyManagers(km);
logger.info("Configuring CXF with explicit key store");
}
http.setTlsClientParameters(tlsClientParameters);
}
return http;
}