diff options
Diffstat (limited to 'bkucommon/src')
7 files changed, 124 insertions, 22 deletions
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 531772cf..2e2cc38a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -20,6 +20,9 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.Properties; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -32,7 +35,10 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class DataUrl {
private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl();
private static Log log = LogFactory.getLog(DataUrl.class); - private static Properties configuration;
+ private static Properties configuration; + private static SSLSocketFactory sslSocketFactory;
+ private static HostnameVerifier hostNameVerifier; + private URL url;
@@ -44,7 +50,10 @@ public class DataUrl { if (dataUrlConnection == null) {
throw new NullPointerException("Default dataurlconnection must not be set to null");
}
- defaultDataUrlConnection = dataUrlConnection;
+ defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection.setConfiguration(configuration); + defaultDataUrlConnection.setSSLSocketFactory(sslSocketFactory); + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier);
}
public DataUrl(String aUrlString) throws MalformedURLException {
@@ -66,5 +75,15 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; defaultDataUrlConnection.setConfiguration(configuration); - }
+ } + + public static void setSSLSocketFactory(SSLSocketFactory socketFactory) { + sslSocketFactory = socketFactory; + defaultDataUrlConnection.setSSLSocketFactory(socketFactory); + } + + public static void setHostNameVerifier(HostnameVerifier hostNameVerifier) { + DataUrl.hostNameVerifier = hostNameVerifier; + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); + }
}
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 6ad0bb78..408330cc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -31,7 +31,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; @@ -51,11 +53,12 @@ import at.gv.egiz.bku.utils.binding.Protocol; * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { - + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; + protected X509Certificate serverCertificate; protected Protocol protocol; protected URL url; @@ -64,6 +67,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { protected ArrayList<Part> formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -84,6 +89,21 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + log.trace("Detected ssl connection"); + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } else { + log.trace("No custom socket factory set"); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } else { + log.trace("No secure connection with: "+url+ " class="+connection.getClass()); + } connection.setDoOutput(true); Set<String> headers = requestHttpHeaders.keySet(); Iterator<String> headerIt = headers.iterator(); @@ -91,13 +111,13 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { String name = headerIt.next(); connection.setRequestProperty(name, requestHttpHeaders.get(name)); } - log.trace("Connecting to: "+url); + log.trace("Connecting to: " + url); connection.connect(); if (connection instanceof HttpsURLConnection) { HttpsURLConnection ssl = (HttpsURLConnection) connection; X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); if ((certs != null) && (certs.length >= 1)) { - log.trace("Server certificate: "+certs[0]); + log.trace("Server certificate: " + certs[0]); serverCertificate = certs[0]; } } @@ -155,8 +175,9 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } catch (IOException iox) { log.info(iox); } - log.trace("Reading response");
- result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + log.trace("Reading response"); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + is); Map<String, String> responseHttpHeaders = new HashMap<String, String>(); Map<String, List<String>> httpHeaders = connection.getHeaderFields(); for (Iterator<String> keyIt = httpHeaders.keySet().iterator(); keyIt @@ -227,6 +248,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public DataUrlConnectionSPI newInstance() { DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); return uc; } @@ -239,4 +261,14 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } }
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java index 80cc3a0b..f838b919 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -18,6 +18,9 @@ package at.gv.egiz.bku.binding; import java.net.URL;
import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; /**
* Prototype of a DataurlconnectionSPI
@@ -43,7 +46,19 @@ public interface DataUrlConnectionSPI extends DataUrlConnection { * Sets configuration parameters for this connection * @param config */ - public void setConfiguration(Properties config);
+ public void setConfiguration(Properties config); + + /** + * Sets the socketfactory to be used for ssl connections. + * @param socketFactory if null the socket factory will not be set explicitly + */ + public void setSSLSocketFactory(SSLSocketFactory socketFactory); + + /** + * Sets the hostname verifier to be used, + * @param hostnameVerifier if null the default hostname verifier will be used + */ + public void setHostnameVerifier(HostnameVerifier hostnameVerifier);
}
diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java index 5339d689..ef8034aa 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -19,7 +19,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import javax.xml.transform.stream.StreamResult; import org.apache.commons.logging.Log; @@ -48,6 +50,8 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { protected Map<String, String> formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -68,6 +72,16 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } connection.setDoOutput(true); Set<String> headers = requestHttpHeaders.keySet(); Iterator<String> headerIt = headers.iterator(); @@ -227,4 +241,14 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } }
\ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 6078de36..e37d107f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -80,7 +80,7 @@ public abstract class Configurator { log.error("Cannot add trusted ca", e);
}
}
- return caCerts.toArray(new X509Certificate[caCerts.size()]);
+ return caCerts.toArray(new X509Certificate[caCerts.size()]);
} else {
log.warn("No CA certificates configured");
}
@@ -196,10 +196,9 @@ public abstract class Configurator { String version = p.getProperty("Implementation-Build");
properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
"citizen-card-environment/1.2 MOCCA " + version);
- log
- .debug("Setting user agent to: "
- + properties
- .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
+ log.debug("Setting user agent to: "
+ + properties
+ .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
} else {
log.warn("Cannot read manifest");
properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
@@ -256,7 +255,7 @@ public abstract class Configurator { getCertDir(), getCADir(), caCerts);
sslCtx.init(km, new TrustManager[] { pkixTM }, null);
}
- HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
+ DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory());
} catch (Exception e) {
log.error("Cannot configure SSL", e);
}
@@ -264,7 +263,7 @@ public abstract class Configurator { log.warn("---------------------------------");
log.warn(" Disabling Hostname Verification ");
log.warn("---------------------------------");
- HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
+ DataUrl.setHostNameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
@@ -273,8 +272,6 @@ public abstract class Configurator { }
}
-
-
public void setCertValidator(CertValidator certValidator) {
this.certValidator = certValidator;
}
diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java index 8a607b80..0a24b5c5 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java @@ -26,6 +26,9 @@ import java.util.Collections; import java.util.HashMap;
import java.util.Map;
import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -131,5 +134,17 @@ public class TestDataUrlConnection implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { // TODO Auto-generated method stub + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + // TODO Auto-generated method stub + + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + // TODO Auto-generated method stub + }
}
diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml index 13365931..a7b588aa 100644 --- a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml @@ -39,14 +39,14 @@ <map>
<entry
key="Certificates"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxCertificatesImpl" />
+ value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" />
<entry
key="IdentityLink"
- value="at.gv.egiz.bku.slcommands.impl.InfoboxIdentityLink" />
- <entry
+ value="at.gv.egiz.bku.slcommands.impl.IdentityLinkInfoboxImpl" />
+ <!--<entry
key="CardChannel"
value="at.gv.egiz.bku.slcommands.impl.CardChannel" />
- </map>
+ --></map>
</property>
</bean>
|