You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by gm...@apache.org on 2012/08/06 22:36:45 UTC
svn commit: r1369991 - in
/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https:
README.txt pom.xml src/main/config/KeyREADME.txt
src/main/java/httpsdemo/client/Client.java
src/main/java/org/apache/commons/httpclient/contrib/ssl/
Author: gmazza
Date: Mon Aug 6 20:36:44 2012
New Revision: 1369991
URL: http://svn.apache.org/viewvc?rev=1369991&view=rev
Log:
Upgraded from Commons HTTP Client to Apache HttpComponents' HTTPClient.
Removed:
cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/org/apache/commons/httpclient/contrib/ssl/
Modified:
cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/README.txt
cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/pom.xml
cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/config/KeyREADME.txt
cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/httpsdemo/client/Client.java
Modified: cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/README.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/README.txt?rev=1369991&r1=1369990&r2=1369991&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/README.txt (original)
+++ cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/README.txt Mon Aug 6 20:36:44 2012
@@ -9,40 +9,36 @@ requires client authentication so the cl
credentials. The listener configuration is taken from the
"ServerConfig.xml" file located under demo directory.
-The client is configured to provide its certificate "CN=Wibble" and
-chain stored in the Java KeyStore "certs/clientKeystore.jks" to the server.
-The server authenticates the client's certificate using the truststore
-"certs/commonstore.jks", which holds the Certificate Authorities'
-certificates.
-
-Likewise the client authenticates the server's certificate "CN=Cherry"
-and chain against the same trust store. Note also the usage of the
-cipherSuitesFilter configuration in the configuration files,
-where each party imposes different ciphersuites constraints, so that the
-ciphersuite eventually negotiated during the TLS handshake is acceptable
-to both sides. This may be viewed by adding a -Djavax.net.debug=all
-argument to the JVM.
+The client is configured to provide its certificate
+from its keystore "config/clientKeystore.jks" to the server.
+The server authenticates the client's certificate using its own
+keystore "config/serviceKeystore.jks", which contains the
+public cert of the client. The client makes HTTPS calls using
+three methods: the portable Apache HttpComponents' HttpClient object,
+CXF's WebClient object, and CXF's JAXRSClientFactory object.
+
+Likewise the client authenticates the server's certificate "CN=localhost"
+using its keystore. Note also the usage of the cipherSuitesFilter
+configuration in the configuration files, where each party imposes
+different ciphersuites constraints, so that the ciphersuite eventually
+negotiated during the TLS handshake is acceptable to both sides.
+This may be viewed by adding a -Djavax.net.debug=all argument to the JVM.
-But please note that it is not adviseable to store sensitive data such
+But please note that it is not advisable to store sensitive data such
as passwords stored in a clear text configuration file, unless the
file is sufficiently protected by OS level permissions. The KeyStores
may be configured programmatically so using user interaction may be
employed to keep passwords from being stored in configuration files.
The approach taken here is for demonstration reasons only.
-NOTE: Classes AuthSSLInitializationError, AuthSSLProtocolSocketFactory,
-and AuthSSLX509TrustManager are files copied from the Apache HTTP Client
-project and used by the client for certificate validation.
-
Please review the README in the samples directory before
continuing.
-Building and running the demo using maven
----------------------------------------
-
+Building and running the demo using Maven
+-----------------------------------------
From the base directory of this sample (i.e., where this README file is
-located), the maven pom.xml file can be used to build and run the demo.
+located), the Maven pom.xml file can be used to build and run the demo.
Using either UNIX or Windows:
@@ -58,4 +54,3 @@ Certificates
------------
See the src/main/config folder for the sample keys used (don't use
these keys in production!) as well as scripts used for their creation.
-
Modified: cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/pom.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/pom.xml?rev=1369991&r1=1369990&r2=1369991&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/pom.xml (original)
+++ cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/pom.xml Mon Aug 6 20:36:44 2012
@@ -30,9 +30,10 @@
<version>2.7.0-SNAPSHOT</version>
<relativePath>../..</relativePath>
</parent>
+
<properties>
<cxf.version>${project.version}</cxf.version>
- <httpclient.version>3.1</httpclient.version>
+ <httpclient.version>4.2.1</httpclient.version>
</properties>
<build>
@@ -106,14 +107,13 @@
<version>2.7.0-SNAPSHOT</version>
</dependency>
<dependency>
- <groupId>commons-httpclient</groupId>
- <artifactId>commons-httpclient</artifactId>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
<version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</dependency>
-
</dependencies>
</project>
Modified: cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/config/KeyREADME.txt
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/config/KeyREADME.txt?rev=1369991&r1=1369990&r2=1369991&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/config/KeyREADME.txt (original)
+++ cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/config/KeyREADME.txt Mon Aug 6 20:36:44 2012
@@ -17,4 +17,3 @@ keytool -import -noprompt -trustcacerts
# as configured in resources/ServerConfig.xml
keytool -export -rfc -keystore clientKeystore.jks -alias myclientkey -file MyClient.cer -storepass cspass
keytool -import -noprompt -trustcacerts -file MyClient.cer -alias myclientkey -keystore serviceKeystore.jks -storepass sspass
-
Modified: cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/httpsdemo/client/Client.java
URL: http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/httpsdemo/client/Client.java?rev=1369991&r1=1369990&r2=1369991&view=diff
==============================================================================
--- cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/httpsdemo/client/Client.java (original)
+++ cxf/trunk/distribution/src/main/release/samples/jax_rs/basic_https/src/main/java/httpsdemo/client/Client.java Mon Aug 6 20:36:44 2012
@@ -20,11 +20,17 @@
package httpsdemo.client;
import java.io.File;
+import java.io.FileInputStream;
+import java.security.KeyStore;
+
import javax.ws.rs.core.Response;
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.contrib.ssl.AuthSSLProtocolSocketFactory;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
+import org.apache.http.HttpEntity;
+import org.apache.http.HttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.conn.scheme.Scheme;
+import org.apache.http.conn.ssl.SSLSocketFactory;
+import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.http.message.BasicHeader;
import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
import org.apache.cxf.jaxrs.client.WebClient;
import httpsdemo.common.Customer;
@@ -39,42 +45,37 @@ public final class Client {
private Client() {
}
- public static void main(String args[]) throws Exception {
-
- File clientKeystore = new File("src/main/config/clientKeystore.jks");
- File truststore = new File("src/main/config/clientKeystore.jks");
-
- // Send HTTP GET request to query customer info - using portable HttpClient method
- Protocol authhttps = new Protocol("https",
- new AuthSSLProtocolSocketFactory(clientKeystore.toURI().toURL(), "cspass",
- "ckpass", truststore.toURI().toURL(), "cspass"), 9000);
- Protocol.registerProtocol("https", authhttps);
+ public static void main(String args[]) throws Exception {
+ String keyStoreLoc = "src/main/config/clientKeystore.jks";
+
+ KeyStore keyStore = KeyStore.getInstance("JKS");
+ keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
+
+ /*
+ * Send HTTP GET request to query customer info using portable HttpClient
+ * object from Apache HttpComponents
+ */
+ SSLSocketFactory sf = new SSLSocketFactory(keyStore, "ckpass", keyStore);
+ Scheme httpsScheme = new Scheme("https", 9000, sf);
System.out.println("Sending HTTPS GET request to query customer info");
- HttpClient httpclient = new HttpClient();
- GetMethod httpget = new GetMethod(BASE_SERVICE_URL + "/123");
- httpget.addRequestHeader("Accept" , "text/xml");
+ DefaultHttpClient httpclient = new DefaultHttpClient();
+ httpclient.getConnectionManager().getSchemeRegistry().register(httpsScheme);
+ HttpGet httpget = new HttpGet(BASE_SERVICE_URL + "/123");
+ BasicHeader bh = new BasicHeader("Accept" , "text/xml");
+ httpget.addHeader(bh);
+ HttpResponse response = httpclient.execute(httpget);
+ HttpEntity entity = response.getEntity();
+ entity.writeTo(System.out);
+ httpclient.getConnectionManager().shutdown();
- // If Basic Authentication required could use:
- /*
- String authorizationHeader = "Basic "
- + org.apache.cxf.common.util.Base64Utility.encode("username:password".getBytes());
- httpget.addRequestHeader("Authorization", authorizationHeader);
- */
- try {
- httpclient.executeMethod(httpget);
- System.out.println(httpget.getResponseBodyAsString());
- } finally {
- httpget.releaseConnection();
- }
-
/*
* Send HTTP PUT request to update customer info, using CXF WebClient method
* Note: if need to use basic authentication, use the WebClient.create(baseAddress,
* username,password,configFile) variant, where configFile can be null if you're
* not using certificates.
*/
- System.out.println("Sending HTTPS PUT to update customer name");
+ System.out.println("\n\nSending HTTPS PUT to update customer name");
WebClient wc = WebClient.create(BASE_SERVICE_URL, CLIENT_CONFIG_FILE);
Customer customer = new Customer();
customer.setId(123);
@@ -87,8 +88,7 @@ public final class Client {
* username,password,configFile) variant, where configFile can be null if you're
* not using certificates.
*/
- System.out.println("\n");
- System.out.println("Sending HTTPS POST request to add customer");
+ System.out.println("\n\nSending HTTPS POST request to add customer");
CustomerService proxy = JAXRSClientFactory.create(BASE_SERVICE_URL, CustomerService.class,
CLIENT_CONFIG_FILE);
customer = new Customer();