You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2019/09/24 08:40:06 UTC
[cxf] branch master updated: wsdl_first_https: update setup TLS
This is an automated email from the ASF dual-hosted git repository.
buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git
The following commit(s) were added to refs/heads/master by this push:
new 39e26e3 wsdl_first_https: update setup TLS
39e26e3 is described below
commit 39e26e3b2d3059664cc9aca6c8a4ea7f60bab3f1
Author: Alexey Markevich <bu...@gmail.com>
AuthorDate: Tue Sep 24 11:39:26 2019 +0300
wsdl_first_https: update setup TLS
---
.../java/demo/hw_https/client/ClientNonSpring.java | 57 +++++++---------------
1 file changed, 17 insertions(+), 40 deletions(-)
diff --git a/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java b/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
index ed7eaaf..55e0cd0 100644
--- a/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
+++ b/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
@@ -21,17 +21,13 @@ package demo.hw_https.client;
import java.io.File;
import java.io.FileInputStream;
-import java.io.FileNotFoundException;
import java.io.IOException;
+import java.io.InputStream;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.namespace.QName;
@@ -60,7 +56,7 @@ public final class ClientNonSpring {
System.exit(1);
}
- URL wsdlURL;
+ final URL wsdlURL;
File wsdlFile = new File(args[0]);
if (wsdlFile.exists()) {
wsdlURL = wsdlFile.toURI().toURL();
@@ -95,43 +91,24 @@ public final class ClientNonSpring {
}
private static void setupTLS(Greeter port)
- throws FileNotFoundException, IOException, GeneralSecurityException {
- String keyStoreLoc = "src/main/config/clientKeystore.jks";
- HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();
-
- TLSClientParameters tlsCP = new TLSClientParameters();
- String keyPassword = "ckpass";
- KeyStore keyStore = KeyStore.getInstance("JKS");
- keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
- KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
- tlsCP.setKeyManagers(myKeyManagers);
-
-
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
- TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
- tlsCP.setTrustManagers(myTrustStoreKeyManagers);
+ throws IOException, GeneralSecurityException {
+ final TLSClientParameters tlsCP = new TLSClientParameters();
tlsCP.setDisableCNCheck(true);
- httpConduit.setTlsClientParameters(tlsCP);
- }
- private static TrustManager[] getTrustManagers(KeyStore trustStore)
- throws NoSuchAlgorithmException, KeyStoreException {
- String alg = TrustManagerFactory.getDefaultAlgorithm();
- TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
- fac.init(trustStore);
- return fac.getTrustManagers();
- }
+ final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+ try (InputStream is = new FileInputStream("src/main/config/clientKeystore.jks")) {
+ keyStore.load(is, "cspass".toCharArray());
+ }
+
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+ kmf.init(keyStore, "ckpass".toCharArray());
+ tlsCP.setKeyManagers(kmf.getKeyManagers());
+
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmf.init(keyStore);
+ tlsCP.setTrustManagers(tmf.getTrustManagers());
- private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
- throws GeneralSecurityException, IOException {
- String alg = KeyManagerFactory.getDefaultAlgorithm();
- char[] keyPass = keyPassword != null
- ? keyPassword.toCharArray()
- : null;
- KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
- fac.init(keyStore, keyPass);
- return fac.getKeyManagers();
+ ((HTTPConduit) ClientProxy.getClient(port).getConduit()).setTlsClientParameters(tlsCP);
}
}