add hostname validation to httpclient 3.1, which is assumed by openSAML 2.x

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-11-04 09:51:26 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2016-11-04 09:51:26 +0100
commit: 72e86431b59c466673214d330bbd9baa295449cf (patch)
tree: f6e17783d0fe6250974e95c052b2c3afcf1bbd2e /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
parent: 518839d9ade1e97d878e494903e088a5b0cf0359 (diff)
download: moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.gz
moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.bz2
moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
index 0d1f54249..e02ecb662 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
@@ -35,6 +35,7 @@ import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
 import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
@@ -70,6 +71,7 @@ public class MOASAMLSOAPClient {
 		HttpClientBuilder clientBuilder = new HttpClientBuilder();
 		if (destination.startsWith("https")) {
 			try {
+				//FIX: change hostname validation default flag to true when httpClient is updated to > 4.4
 				SecureProtocolSocketFactory sslprotocolsocketfactory = 
 						new MOAHttpProtocolSocketFactory(
 								PVPConstants.SSLSOCKETFACTORYNAME,  
@@ -77,7 +79,9 @@ public class MOASAMLSOAPClient {
 								null,
 								AuthConfigurationProviderFactory.getInstance().getDefaultChainingMode(), 
 								AuthConfigurationProviderFactory.getInstance().isTrustmanagerrevoationchecking(),
-								AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder());
+								AuthConfigurationProviderFactory.getInstance().getRevocationMethodOrder(),
+								AuthConfigurationProviderFactory.getInstance().getBasicMOAIDConfigurationBoolean(
+										AuthConfiguration.PROP_KEY_SSL_HOSTNAME_VALIDATION, false));
 				clientBuilder.setHttpsProtocolSocketFactory(sslprotocolsocketfactory );
 				
 			} catch (MOAHttpProtocolSocketFactoryException e) {
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-11-04 09:51:26 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2016-11-04 09:51:26 +0100
commit	72e86431b59c466673214d330bbd9baa295449cf (patch)
tree	f6e17783d0fe6250974e95c052b2c3afcf1bbd2e /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/utils/MOASAMLSOAPClient.java
parent	518839d9ade1e97d878e494903e088a5b0cf0359 (diff)
download	moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.gz moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.tar.bz2 moa-id-spss-72e86431b59c466673214d330bbd9baa295449cf.zip