You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by bu...@apache.org on 2019/09/24 08:40:06 UTC

[cxf] branch master updated: wsdl_first_https: update setup TLS

This is an automated email from the ASF dual-hosted git repository.

buhhunyx pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf.git


The following commit(s) were added to refs/heads/master by this push:
     new 39e26e3  wsdl_first_https: update setup TLS
39e26e3 is described below

commit 39e26e3b2d3059664cc9aca6c8a4ea7f60bab3f1
Author: Alexey Markevich <bu...@gmail.com>
AuthorDate: Tue Sep 24 11:39:26 2019 +0300

    wsdl_first_https: update setup TLS
---
 .../java/demo/hw_https/client/ClientNonSpring.java | 57 +++++++---------------
 1 file changed, 17 insertions(+), 40 deletions(-)

diff --git a/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java b/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
index ed7eaaf..55e0cd0 100644
--- a/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
+++ b/distribution/src/main/release/samples/wsdl_first_https/src/main/java/demo/hw_https/client/ClientNonSpring.java
@@ -21,17 +21,13 @@ package demo.hw_https.client;
 
 import java.io.File;
 import java.io.FileInputStream;
-import java.io.FileNotFoundException;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.URL;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
 
-import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.xml.namespace.QName;
 
@@ -60,7 +56,7 @@ public final class ClientNonSpring {
             System.exit(1);
         }
 
-        URL wsdlURL;
+        final URL wsdlURL;
         File wsdlFile = new File(args[0]);
         if (wsdlFile.exists()) {
             wsdlURL = wsdlFile.toURI().toURL();
@@ -95,43 +91,24 @@ public final class ClientNonSpring {
     }
 
     private static void setupTLS(Greeter port)
-        throws FileNotFoundException, IOException, GeneralSecurityException {
-        String keyStoreLoc = "src/main/config/clientKeystore.jks";
-        HTTPConduit httpConduit = (HTTPConduit) ClientProxy.getClient(port).getConduit();
-
-        TLSClientParameters tlsCP = new TLSClientParameters();
-        String keyPassword = "ckpass";
-        KeyStore keyStore = KeyStore.getInstance("JKS");
-        keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
-        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
-        tlsCP.setKeyManagers(myKeyManagers);
-
-
-        KeyStore trustStore = KeyStore.getInstance("JKS");
-        trustStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
-        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
-        tlsCP.setTrustManagers(myTrustStoreKeyManagers);
+        throws IOException, GeneralSecurityException {
+        final TLSClientParameters tlsCP = new TLSClientParameters();
         tlsCP.setDisableCNCheck(true);
-        httpConduit.setTlsClientParameters(tlsCP);
-    }
 
-    private static TrustManager[] getTrustManagers(KeyStore trustStore)
-        throws NoSuchAlgorithmException, KeyStoreException {
-        String alg = TrustManagerFactory.getDefaultAlgorithm();
-        TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
-        fac.init(trustStore);
-        return fac.getTrustManagers();
-    }
+        final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+        try (InputStream is = new FileInputStream("src/main/config/clientKeystore.jks")) {
+            keyStore.load(is, "cspass".toCharArray());
+        }
+
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+        kmf.init(keyStore, "ckpass".toCharArray());
+        tlsCP.setKeyManagers(kmf.getKeyManagers());
+
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+        tmf.init(keyStore);
+        tlsCP.setTrustManagers(tmf.getTrustManagers());
 
-    private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
-        throws GeneralSecurityException, IOException {
-        String alg = KeyManagerFactory.getDefaultAlgorithm();
-        char[] keyPass = keyPassword != null
-                     ? keyPassword.toCharArray()
-                     : null;
-        KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
-        fac.init(keyStore, keyPass);
-        return fac.getKeyManagers();
+        ((HTTPConduit) ClientProxy.getClient(port).getConduit()).setTlsClientParameters(tlsCP);
     }
 
 }