From 3e101b29f0ac1efa5088ba953bea0acbba932339 Mon Sep 17 00:00:00 2001 From: wbauer Date: Fri, 5 Dec 2008 11:41:29 +0000 Subject: Feature Request #362 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@234 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../main/java/at/gv/egiz/bku/binding/DataUrl.java | 25 +++++++++++-- .../gv/egiz/bku/binding/DataUrlConnectionImpl.java | 42 +++++++++++++++++++--- .../gv/egiz/bku/binding/DataUrlConnectionSPI.java | 17 ++++++++- .../bku/binding/LegacyDataUrlConnectionImpl.java | 24 +++++++++++++ .../java/at/gv/egiz/bku/conf/Configurator.java | 15 ++++---- .../gv/egiz/bku/binding/TestDataUrlConnection.java | 15 ++++++++ .../egiz/bku/slcommands/testApplicationContext.xml | 8 ++--- 7 files changed, 124 insertions(+), 22 deletions(-) (limited to 'bkucommon') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java index 531772cf..2e2cc38a 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrl.java @@ -20,6 +20,9 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.Properties; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -32,7 +35,10 @@ import at.gv.egiz.bku.slexceptions.SLRuntimeException; public class DataUrl { private static DataUrlConnectionSPI defaultDataUrlConnection = new DataUrlConnectionImpl(); private static Log log = LogFactory.getLog(DataUrl.class); - private static Properties configuration; + private static Properties configuration; + private static SSLSocketFactory sslSocketFactory; + private static HostnameVerifier hostNameVerifier; + private URL url; @@ -44,7 +50,10 @@ public class DataUrl { if (dataUrlConnection == null) { throw new NullPointerException("Default dataurlconnection must not be set to null"); } - defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection = dataUrlConnection; + defaultDataUrlConnection.setConfiguration(configuration); + defaultDataUrlConnection.setSSLSocketFactory(sslSocketFactory); + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); } public DataUrl(String aUrlString) throws MalformedURLException { @@ -66,5 +75,15 @@ public class DataUrl { public static void setConfiguration(Properties props) { configuration = props; defaultDataUrlConnection.setConfiguration(configuration); - } + } + + public static void setSSLSocketFactory(SSLSocketFactory socketFactory) { + sslSocketFactory = socketFactory; + defaultDataUrlConnection.setSSLSocketFactory(socketFactory); + } + + public static void setHostNameVerifier(HostnameVerifier hostNameVerifier) { + DataUrl.hostNameVerifier = hostNameVerifier; + defaultDataUrlConnection.setHostnameVerifier(hostNameVerifier); + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java index 6ad0bb78..408330cc 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionImpl.java @@ -31,7 +31,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.httpclient.methods.multipart.FilePart; import org.apache.commons.httpclient.methods.multipart.Part; @@ -51,11 +53,12 @@ import at.gv.egiz.bku.utils.binding.Protocol; * */ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { - + private final static Log log = LogFactory.getLog(DataUrlConnectionImpl.class); public final static Protocol[] SUPPORTED_PROTOCOLS = { Protocol.HTTP, Protocol.HTTPS }; + protected X509Certificate serverCertificate; protected Protocol protocol; protected URL url; @@ -64,6 +67,8 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { protected ArrayList formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -84,6 +89,21 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + log.trace("Detected ssl connection"); + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } else { + log.trace("No custom socket factory set"); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } else { + log.trace("No secure connection with: "+url+ " class="+connection.getClass()); + } connection.setDoOutput(true); Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); @@ -91,13 +111,13 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { String name = headerIt.next(); connection.setRequestProperty(name, requestHttpHeaders.get(name)); } - log.trace("Connecting to: "+url); + log.trace("Connecting to: " + url); connection.connect(); if (connection instanceof HttpsURLConnection) { HttpsURLConnection ssl = (HttpsURLConnection) connection; X509Certificate[] certs = (X509Certificate[]) ssl.getServerCertificates(); if ((certs != null) && (certs.length >= 1)) { - log.trace("Server certificate: "+certs[0]); + log.trace("Server certificate: " + certs[0]); serverCertificate = certs[0]; } } @@ -155,8 +175,9 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { } catch (IOException iox) { log.info(iox); } - log.trace("Reading response"); - result = new DataUrlResponse(url.toString(), connection.getResponseCode(), is); + log.trace("Reading response"); + result = new DataUrlResponse(url.toString(), connection.getResponseCode(), + is); Map responseHttpHeaders = new HashMap(); Map> httpHeaders = connection.getHeaderFields(); for (Iterator keyIt = httpHeaders.keySet().iterator(); keyIt @@ -227,6 +248,7 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public DataUrlConnectionSPI newInstance() { DataUrlConnectionSPI uc = new DataUrlConnectionImpl(); uc.setConfiguration(config); + uc.setSSLSocketFactory(sslSocketFactory); return uc; } @@ -239,4 +261,14 @@ public class DataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java index 80cc3a0b..f838b919 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/DataUrlConnectionSPI.java @@ -18,6 +18,9 @@ package at.gv.egiz.bku.binding; import java.net.URL; import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; /** * Prototype of a DataurlconnectionSPI @@ -43,7 +46,19 @@ public interface DataUrlConnectionSPI extends DataUrlConnection { * Sets configuration parameters for this connection * @param config */ - public void setConfiguration(Properties config); + public void setConfiguration(Properties config); + + /** + * Sets the socketfactory to be used for ssl connections. + * @param socketFactory if null the socket factory will not be set explicitly + */ + public void setSSLSocketFactory(SSLSocketFactory socketFactory); + + /** + * Sets the hostname verifier to be used, + * @param hostnameVerifier if null the default hostname verifier will be used + */ + public void setHostnameVerifier(HostnameVerifier hostnameVerifier); } diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java index 5339d689..ef8034aa 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/binding/LegacyDataUrlConnectionImpl.java @@ -19,7 +19,9 @@ import java.util.Map; import java.util.Properties; import java.util.Set; +import javax.net.ssl.HostnameVerifier; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLSocketFactory; import javax.xml.transform.stream.StreamResult; import org.apache.commons.logging.Log; @@ -48,6 +50,8 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { protected Map formParams; protected String boundary; protected Properties config = null; + protected SSLSocketFactory sslSocketFactory; + protected HostnameVerifier hostnameVerifier; protected DataUrlResponse result; @@ -68,6 +72,16 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { */ public void connect() throws SocketTimeoutException, IOException { connection = (HttpURLConnection) url.openConnection(); + if (connection instanceof HttpsURLConnection) { + HttpsURLConnection https = (HttpsURLConnection) connection; + if (sslSocketFactory != null) { + log.debug("Setting custom ssl socket factory for ssl connection"); + https.setSSLSocketFactory(sslSocketFactory); + } + if (hostnameVerifier != null) { + log.debug("Setting custom hostname verifier"); + } + } connection.setDoOutput(true); Set headers = requestHttpHeaders.keySet(); Iterator headerIt = headers.iterator(); @@ -227,4 +241,14 @@ public class LegacyDataUrlConnectionImpl implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { this.config = config; } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + this.sslSocketFactory = socketFactory; + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + this.hostnameVerifier = hostnameVerifier; + } } \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java index 6078de36..e37d107f 100644 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java @@ -80,7 +80,7 @@ public abstract class Configurator { log.error("Cannot add trusted ca", e); } } - return caCerts.toArray(new X509Certificate[caCerts.size()]); + return caCerts.toArray(new X509Certificate[caCerts.size()]); } else { log.warn("No CA certificates configured"); } @@ -196,10 +196,9 @@ public abstract class Configurator { String version = p.getProperty("Implementation-Build"); properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA " + version); - log - .debug("Setting user agent to: " - + properties - .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); + log.debug("Setting user agent to: " + + properties + .getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY)); } else { log.warn("Cannot read manifest"); properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, @@ -256,7 +255,7 @@ public abstract class Configurator { getCertDir(), getCADir(), caCerts); sslCtx.init(km, new TrustManager[] { pkixTM }, null); } - HttpsURLConnection.setDefaultSSLSocketFactory(sslCtx.getSocketFactory()); + DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory()); } catch (Exception e) { log.error("Cannot configure SSL", e); } @@ -264,7 +263,7 @@ public abstract class Configurator { log.warn("---------------------------------"); log.warn(" Disabling Hostname Verification "); log.warn("---------------------------------"); - HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { + DataUrl.setHostNameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; @@ -273,8 +272,6 @@ public abstract class Configurator { } } - - public void setCertValidator(CertValidator certValidator) { this.certValidator = certValidator; } diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java index 8a607b80..0a24b5c5 100644 --- a/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java +++ b/bkucommon/src/test/java/at/gv/egiz/bku/binding/TestDataUrlConnection.java @@ -26,6 +26,9 @@ import java.util.Collections; import java.util.HashMap; import java.util.Map; import java.util.Properties; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.SSLSocketFactory; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -131,5 +134,17 @@ public class TestDataUrlConnection implements DataUrlConnectionSPI { public void setConfiguration(Properties config) { // TODO Auto-generated method stub + } + + @Override + public void setHostnameVerifier(HostnameVerifier hostnameVerifier) { + // TODO Auto-generated method stub + + } + + @Override + public void setSSLSocketFactory(SSLSocketFactory socketFactory) { + // TODO Auto-generated method stub + } } diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml index 13365931..a7b588aa 100644 --- a/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/slcommands/testApplicationContext.xml @@ -39,14 +39,14 @@ + value="at.gv.egiz.bku.slcommands.impl.CertificatesInfoboxImpl" /> - + -- cgit v1.2.3