aboutsummaryrefslogtreecommitdiff
path: root/id/server/moa-id-commons/src/main/java/at/gv/egovernment
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/moa-id-commons/src/main/java/at/gv/egovernment')
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java14
-rw-r--r--id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/HttpClientWithProxySupport.java73
2 files changed, 70 insertions, 17 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
index 2a8f8727a..d2c827d55 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
@@ -11,7 +11,12 @@ import iaik.pki.revocation.RevocationSourceTypes;
public interface AuthConfiguration extends ConfigurationProvider{
+ public static final String PROP_KEY_SSL_HOSTNAME_VALIDATION = "configuration.ssl.validation.hostname";
+ public static final String PROP_KEY_OVS_SSL_HOSTNAME_VALIDATION = "service.onlinemandates.ssl.validation.hostname";
+
public static final String DEFAULT_X509_CHAININGMODE = "pkix";
+
+
public Properties getGeneralPVP2ProperiesConfig();
@@ -187,4 +192,13 @@ public interface AuthConfiguration extends ConfigurationProvider{
* @return Array of {@link RevocationSourceTypes} values
*/
public String[] getRevocationMethodOrder();
+
+ /**
+ * Get a boolean value from basic MOA-ID configuration file
+ *
+ * @param key Configuration key
+ * @param defaultValue Default result
+ * @return returns the value of the configuration key, or the default value if the key is not set
+ */
+ public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue);
}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/HttpClientWithProxySupport.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/HttpClientWithProxySupport.java
index 733c03bf0..7121c4a2a 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/HttpClientWithProxySupport.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/HttpClientWithProxySupport.java
@@ -22,9 +22,20 @@
*/
package at.gv.egovernment.moa.id.commons.utils;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.commons.httpclient.auth.AuthScope;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.SSLSocketFactory;
+
+import org.apache.http.HttpHost;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.CredentialsProvider;
+import org.apache.http.conn.ssl.DefaultHostnameVerifier;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.impl.client.HttpClients;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.util.MiscUtil;
@@ -35,27 +46,55 @@ import at.gv.egovernment.moa.util.MiscUtil;
*/
public class HttpClientWithProxySupport {
- public static HttpClient getHttpClient() {
- HttpClient client = new HttpClient();
-
+ public static CloseableHttpClient getHttpClient(SSLSocketFactory sSLSocketFactory, boolean validateHostname) {
+
+ HttpClientBuilder clientBuilder = HttpClients.custom();
+
+ //set proxy functionality
String host = System.getProperty("http.proxyHost"); //$NON-NLS-1$
- String port = System.getProperty("http.proxyPort"); //$NON-NLS-1$
- if (MiscUtil.isNotEmpty(host) &&
- MiscUtil.isNotEmpty(port)) {
- int p = Integer.parseInt(port);
- client.getHostConfiguration().setProxy(host, p);
+ String port = System.getProperty("http.proxyPort"); //$NON-NLS-1$
+ int p = -1;
+
+ if (MiscUtil.isNotEmpty(host) && MiscUtil.isNotEmpty(port)) {
+ p = Integer.parseInt(port);
+ HttpHost proxy = null;
+ if (host.startsWith("https"))
+ proxy = new HttpHost(host, p, "https");
+ else
+ proxy = new HttpHost(host, p, "http");
+
+ clientBuilder.setProxy(proxy);
+
Logger.info("Initial HTTPClient with proxy usage. " +
"ProxyHost=" + host +
" ProxyPort=" + port);
-
+
String user = System.getProperty("http.proxyUser"); //$NON-NLS-1$
String pass = System.getProperty("http.proxyPassword"); //$NON-NLS-1$
- if (MiscUtil.isNotEmpty(user) && pass != null) {
- client.getState().setProxyCredentials(new AuthScope(host, p),
- new UsernamePasswordCredentials(user, pass));
+ if (MiscUtil.isNotEmpty(user) && pass != null) {
+ CredentialsProvider credsProvider = new BasicCredentialsProvider();
+ credsProvider.setCredentials(new AuthScope(host, p), new UsernamePasswordCredentials(user, pass));
}
- }
- return client;
+ }
+
+ //set SSL context
+ if (sSLSocketFactory != null) {
+ HostnameVerifier hostnameVerifier = null;
+
+ //set hostName validation filter
+ if (validateHostname)
+ hostnameVerifier = new DefaultHostnameVerifier();
+ else
+ hostnameVerifier = new NoopHostnameVerifier();
+
+ clientBuilder.setSSLSocketFactory(
+ new SSLConnectionSocketFactory(sSLSocketFactory, hostnameVerifier));
+
+ }
+
+
+
+ return clientBuilder.build();
}
}