You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/11/13 08:33:10 UTC

[syncope] branch master updated: [SYNCOPE-1396] Configuration option for TLSClientParameters

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new c92c34a  [SYNCOPE-1396] Configuration option for TLSClientParameters
c92c34a is described below

commit c92c34a9e49f0f883ed718c6aa6cb3673e5d9c5b
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Tue Nov 13 09:28:51 2018 +0100

    [SYNCOPE-1396] Configuration option for TLSClientParameters
---
 .../org/apache/syncope/client/lib/SyncopeClient.java  | 12 +++++++++++-
 .../syncope/client/lib/SyncopeClientFactoryBean.java  | 19 ++++++++++++++++++-
 .../workingwithapachesyncope/restfulservices.adoc     | 10 +++++++---
 3 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java
index 466b266..26bc71b 100644
--- a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java
+++ b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java
@@ -32,12 +32,14 @@ import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import org.apache.commons.lang3.tuple.Pair;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.jaxrs.client.Client;
 import org.apache.cxf.jaxrs.client.ClientConfiguration;
 import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.transport.common.gzip.GZIPInInterceptor;
 import org.apache.cxf.transport.common.gzip.GZIPOutInterceptor;
+import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.cxf.transport.http.URLConnectionHTTPConduit;
 import org.apache.syncope.common.lib.SyncopeConstants;
 import org.apache.syncope.common.lib.search.AnyObjectFiqlSearchConditionBuilder;
@@ -70,12 +72,15 @@ public class SyncopeClient {
 
     private final boolean useCompression;
 
+    private final TLSClientParameters tlsClientParameters;
+
     public SyncopeClient(
             final MediaType mediaType,
             final JAXRSClientFactoryBean restClientFactory,
             final RestClientExceptionMapper exceptionMapper,
             final AuthenticationHandler handler,
-            final boolean useCompression) {
+            final boolean useCompression,
+            final TLSClientParameters tlsClientParameters) {
 
         this.mediaType = mediaType;
         this.restClientFactory = restClientFactory;
@@ -83,6 +88,7 @@ public class SyncopeClient {
             this.restClientFactory.setHeaders(new HashMap<>());
         }
         this.exceptionMapper = exceptionMapper;
+        this.tlsClientParameters = tlsClientParameters;
         init(handler);
         this.useCompression = useCompression;
     }
@@ -247,6 +253,10 @@ public class SyncopeClient {
                 config.getInInterceptors().add(new GZIPInInterceptor());
                 config.getOutInterceptors().add(new GZIPOutInterceptor());
             }
+            if (tlsClientParameters != null) {
+                HTTPConduit httpConduit = (HTTPConduit) config.getConduit();
+                httpConduit.setTlsClientParameters(tlsClientParameters);
+            }
 
             return serviceInstance;
         }
diff --git a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java
index 90105d0..f055f83 100644
--- a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java
+++ b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java
@@ -29,6 +29,7 @@ import java.util.Map;
 import javax.ws.rs.core.MediaType;
 import javax.xml.bind.Marshaller;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.feature.Feature;
 import org.apache.cxf.ext.logging.LoggingFeature;
 import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean;
@@ -83,6 +84,8 @@ public class SyncopeClientFactoryBean {
 
     private boolean useCompression;
 
+    private TLSClientParameters tlsClientParameters;
+
     private JAXRSClientFactoryBean restClientFactoryBean;
 
     protected JacksonJaxbJsonProvider defaultJsonProvider() {
@@ -226,6 +229,19 @@ public class SyncopeClientFactoryBean {
         return useCompression;
     }
 
+    /**
+     * Sets the client TLS configuration.
+     *
+     * @param tlsClientParameters client TLS configuration
+     */
+    public void setTlsClientParameters(final TLSClientParameters tlsClientParameters) {
+        this.tlsClientParameters = tlsClientParameters;
+    }
+
+    public TLSClientParameters getTlsClientParameters() {
+        return tlsClientParameters;
+    }
+
     public JAXRSClientFactoryBean getRestClientFactoryBean() {
         return restClientFactoryBean == null
                 ? defaultRestClientFactoryBean()
@@ -285,6 +301,7 @@ public class SyncopeClientFactoryBean {
                 getRestClientFactoryBean(),
                 getExceptionMapper(),
                 handler,
-                useCompression);
+                useCompression,
+                tlsClientParameters);
     }
 }
diff --git a/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc b/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc
index 4dd6b2b..0e9ce1a 100644
--- a/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc
+++ b/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc
@@ -550,17 +550,21 @@ SyncopeClientFactoryBean clientFactory = new SyncopeClientFactoryBean().
 ----
 
 You might also select a specific <<domains,domain>> - other than `Master`, choose to exchange XML payloads - rather
-than JSON (default), or to select 
-https://en.wikipedia.org/wiki/HTTP_compression[HTTP compression^] (more options in the
+than JSON (default), to select 
+https://en.wikipedia.org/wiki/HTTP_compression[HTTP compression^] or to set the
+https://cxf.apache.org/javadoc/latest/org/apache/cxf/configuration/jsse/TLSClientParameters.html[TLS client configuration^]
+(more options in the
 http://syncope.apache.org/apidocs/2.1/org/apache/syncope/client/lib/SyncopeClientFactoryBean.html[Javadoc^]):
 
 [source,java]
 ----
+TLSClientParameters tlsClientParameters = ...;
 SyncopeClientFactoryBean clientFactory = new SyncopeClientFactoryBean().
               setAddress("http://localhost:9080/syncope/rest/").
               setDomain("Two").
               setContentType(SyncopeClientFactoryBean.ContentType.XML).
-              setUseCompression(true);
+              setUseCompression(true).
+              setTlsClientParameters(tlsClientParameters);
 ----
 
 At this point an instance of `SyncopeClient` can be obtained by passing the login credentials via: