List of usage examples for javax.net.ssl X509TrustManager X509TrustManager
X509TrustManager
From source file:org.appspot.apprtc.util.AsyncHttpURLConnection.java
private void sendHttpMessage() { if (mIsBitmap) { Bitmap bitmap = ThumbnailsCacheManager.getBitmapFromDiskCache(url); if (bitmap != null) { events.onHttpComplete(bitmap); return; }/*w w w . j a va 2s . c om*/ } X509TrustManager trustManager = new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! // NOTE : This is where we can calculate the certificate's fingerprint, // show it to the user and throw an exception in case he doesn't like it } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { } }; //HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier()); // Create a trust manager that does not validate certificate chains X509TrustManager[] trustAllCerts = new X509TrustManager[] { trustManager }; // Install the all-trusting trust manager SSLSocketFactory noSSLv3Factory = null; try { SSLContext sc = SSLContext.getInstance("TLS"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.KITKAT) { noSSLv3Factory = new TLSSocketFactory(trustAllCerts, new SecureRandom()); } else { noSSLv3Factory = sc.getSocketFactory(); } HttpsURLConnection.setDefaultSSLSocketFactory(noSSLv3Factory); } catch (GeneralSecurityException e) { } HttpsURLConnection connection = null; try { URL urlObj = new URL(url); connection = (HttpsURLConnection) urlObj.openConnection(); connection.setSSLSocketFactory(noSSLv3Factory); HttpsURLConnection.setDefaultHostnameVerifier(new NullHostNameVerifier(urlObj.getHost())); connection.setHostnameVerifier(new NullHostNameVerifier(urlObj.getHost())); byte[] postData = new byte[0]; if (message != null) { postData = message.getBytes("UTF-8"); } if (msCookieManager.getCookieStore().getCookies().size() > 0) { // While joining the Cookies, use ',' or ';' as needed. Most of the servers are using ';' connection.setRequestProperty("Cookie", TextUtils.join(";", msCookieManager.getCookieStore().getCookies())); } /*if (method.equals("PATCH")) { connection.setRequestProperty("X-HTTP-Method-Override", "PATCH"); connection.setRequestMethod("POST"); } else {*/ connection.setRequestMethod(method); //} if (authorization.length() != 0) { connection.setRequestProperty("Authorization", authorization); } connection.setUseCaches(false); connection.setDoInput(true); connection.setConnectTimeout(HTTP_TIMEOUT_MS); connection.setReadTimeout(HTTP_TIMEOUT_MS); // TODO(glaznev) - query request origin from pref_room_server_url_key preferences. //connection.addRequestProperty("origin", HTTP_ORIGIN); boolean doOutput = false; if (method.equals("POST") || method.equals("PATCH")) { doOutput = true; connection.setDoOutput(true); connection.setFixedLengthStreamingMode(postData.length); } if (contentType == null) { connection.setRequestProperty("Content-Type", "text/plain; charset=utf-8"); } else { connection.setRequestProperty("Content-Type", contentType); } // Send POST request. if (doOutput && postData.length > 0) { OutputStream outStream = connection.getOutputStream(); outStream.write(postData); outStream.close(); } // Get response. int responseCode = 200; try { connection.getResponseCode(); } catch (IOException e) { } getCookies(connection); InputStream responseStream; if (responseCode > 400) { responseStream = connection.getErrorStream(); } else { responseStream = connection.getInputStream(); } String responseType = connection.getContentType(); if (responseType.startsWith("image/")) { Bitmap bitmap = BitmapFactory.decodeStream(responseStream); if (mIsBitmap && bitmap != null) { ThumbnailsCacheManager.addBitmapToCache(url, bitmap); } events.onHttpComplete(bitmap); } else { String response = drainStream(responseStream); events.onHttpComplete(response); } responseStream.close(); connection.disconnect(); } catch (SocketTimeoutException e) { events.onHttpError("HTTP " + method + " to " + url + " timeout"); } catch (IOException e) { if (connection != null) { connection.disconnect(); } events.onHttpError("HTTP " + method + " to " + url + " error: " + e.getMessage()); } catch (ClassCastException e) { e.printStackTrace(); } }
From source file:org.wso2.carbon.identity.thrift.authentication.client.internal.pool.SecureClientPoolFactory.java
@Override public AuthenticatorService.Client makeObject(Object key) throws ThriftAuthenticationException, TTransportException { String[] keyElements = constructKeyElements((String) key); if (keyElements[0].equals(ThriftAuthenticationClient.Protocol.SSL.toString())) { if (params == null) { if (trustStore == null) { trustStore = System.getProperty("javax.net.ssl.trustStore"); if (trustStore == null) { throw new ThriftAuthenticationException("No trustStore found"); }// w w w.ja va 2s.com } if (trustStorePassword == null) { trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword"); if (trustStorePassword == null) { throw new ThriftAuthenticationException("No trustStore password found"); } //trustStorePassword = "wso2carbon"; } params = new TSSLTransportFactory.TSSLTransportParameters(); params.setTrustStore(trustStore, trustStorePassword); } TTransport receiverTransport = TSSLTransportFactory.getClientSocket(keyElements[1], Integer.parseInt(keyElements[2]), 0, params); TProtocol protocol = new TBinaryProtocol(receiverTransport); return new AuthenticatorService.Client(protocol); } else { try { TrustManager easyTrustManager = new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; // String[] hostNameAndPort = keyElements[3].split(ThriftAuthenticationClientConstants.HOSTNAME_AND_PORT_SEPARATOR); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslContext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", sf, Integer.parseInt(keyElements[2])); DefaultHttpClient client = new DefaultHttpClient(); client.getConnectionManager().getSchemeRegistry().register(httpsScheme); THttpClient tclient = new THttpClient( "https://" + keyElements[1] + ":" + keyElements[2] + "/thriftAuthenticator", client); TProtocol protocol = new TCompactProtocol(tclient); AuthenticatorService.Client authClient = new AuthenticatorService.Client(protocol); tclient.open(); return authClient; } catch (Exception e) { throw new ThriftAuthenticationException( "Cannot create Secure client for " + keyElements[1] + ":" + keyElements[2], e); } } }
From source file:com.appdynamics.openstack.nova.RestClient.java
static HttpClient httpClientWithTrustManager() throws KeyManagementException, NoSuchAlgorithmException { HttpClient httpClient = new DefaultHttpClient(); httpClient.getParams().setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, timeout); httpClient.getParams().setParameter(CoreConnectionPNames.SO_TIMEOUT, timeout); httpClient.getParams().setParameter("http.connection-manager.max-per-host", 1); X509TrustManager tm = new X509TrustManager() { @Override//from w w w . j a v a 2 s .c o m public X509Certificate[] getAcceptedIssuers() { // TODO Auto-generated method stub return null; } @Override public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { // TODO Auto-generated method stub } @Override public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { // TODO Auto-generated method stub } }; SSLContext ctx = SSLContext.getInstance("TLS"); ctx.init(null, new TrustManager[] { tm }, null); SSLSocketFactory ssf = new SSLSocketFactory(ctx); ClientConnectionManager ccm = httpClient.getConnectionManager(); SchemeRegistry sr = ccm.getSchemeRegistry(); sr.register(new Scheme("https", ssf, 443)); // Scheme("https", ssf, 443)); return new DefaultHttpClient(ccm, httpClient.getParams()); }
From source file:cn.com.infohold.p2papp.common.gate.OtherUtils.java
public static void trustAllSSLForHttpsURLConnection() { // Create a trust manager that does not validate certificate chains if (trustAllCerts == null) { trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }/*from w w w . j ava 2 s. c o m*/ public void checkClientTrusted(X509Certificate[] certs, String authType) { } public void checkServerTrusted(X509Certificate[] certs, String authType) { } } }; } // Install the all-trusting trust manager final SSLContext sslContext; try { sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, trustAllCerts, null); HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); } catch (Throwable e) { LogUtils.e(e.getMessage(), e); } HttpsURLConnection .setDefaultHostnameVerifier(org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); }
From source file:io.getlime.push.configuration.PowerAuthWebServiceConfiguration.java
/** * Prepare a correctly configured PowerAuthServiceClient instance with the service * URL specified using 'powerauth.service.url' server property. * * @param marshaller JAXB marshaller/*from w w w . j a va 2 s.c o m*/ * @return Correctly configured PowerAuthServiceClient instance with the service * URL specified using 'powerauth.service.url' server property */ @Bean public PowerAuthServiceClient powerAuthClient(Jaxb2Marshaller marshaller) { PowerAuthServiceClient client = new PowerAuthServiceClient(); client.setDefaultUri(powerAuthServiceUrl); client.setMarshaller(marshaller); client.setUnmarshaller(marshaller); // if invalid SSL certificates should be accepted if (acceptInvalidSslCertificate) { HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { @Override public boolean verify(String hostname, SSLSession session) { return true; } }); TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory()); } catch (Exception e) { // ... ignore } } // if there is a configuration with security credentials, add interceptor if (!clientToken.isEmpty()) { ClientInterceptor[] interceptors = new ClientInterceptor[] { securityInterceptor() }; client.setInterceptors(interceptors); } return client; }
From source file:edu.indiana.d2i.sloan.ui.LoginSuccessAction.java
private boolean disableSSL() { // Create empty HostnameVerifier HostnameVerifier hv = new HostnameVerifier() { public boolean verify(String urlHostName, SSLSession session) { return true; }// www.ja v a 2 s . c o m }; // Create a trust manager that does not validate certificate chains TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }; // install all-trust manager try { SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new java.security.SecureRandom()); SSLSocketFactory sslSocketFactory = sc.getSocketFactory(); HttpsURLConnection.setDefaultSSLSocketFactory(sslSocketFactory); HttpsURLConnection.setDefaultHostnameVerifier(hv); return true; } catch (NoSuchAlgorithmException e) { logger.error(e.getMessage(), e); addActionError(e.getMessage()); return false; } catch (KeyManagementException e) { logger.error(e.getMessage(), e); addActionError(e.getMessage()); return false; } }
From source file:iristk.speech.nuancecloud.NuanceCloudRecognizerListener.java
@SuppressWarnings("deprecation") private static HttpClient getHttpClient() throws NoSuchAlgorithmException, KeyManagementException { // Standard HTTP parameters HttpParams params = new BasicHttpParams(); HttpProtocolParams.setVersion(params, HttpVersion.HTTP_1_1); HttpProtocolParams.setContentCharset(params, "UTF-8"); HttpProtocolParams.setUseExpectContinue(params, false); // Initialize the HTTP client HttpClient httpclient = new DefaultHttpClient(params); // Initialize/setup SSL TrustManager easyTrustManager = new X509TrustManager() { @Override//w ww . ja v a 2 s .com public void checkClientTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public void checkServerTrusted(java.security.cert.X509Certificate[] arg0, String arg1) throws java.security.cert.CertificateException { } @Override public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sslcontext = SSLContext.getInstance("TLS"); sslcontext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslcontext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme sch = new Scheme("https", sf, 443); httpclient.getConnectionManager().getSchemeRegistry().register(sch); // Return the initialized instance of our httpclient return httpclient; }
From source file:org.eclipse.lyo.client.oauth.sample.OAuthClient.java
private static void disableCertificateValidatation(HttpClient client) { try {//from www . j a v a2 s.co m final SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { } public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { } } }, new java.security.SecureRandom()); final SSLSocketFactory socketFactory = new SSLSocketFactory(sc, new X509HostnameVerifier() { public void verify(String string, SSLSocket ssls) throws IOException { } public void verify(String string, X509Certificate xc) throws SSLException { } public void verify(String string, String[] strings, String[] strings1) throws SSLException { } public boolean verify(String string, SSLSession ssls) { return true; } }); final Scheme https = new Scheme("https", 443, socketFactory); client.getConnectionManager().getSchemeRegistry().register(https); } catch (GeneralSecurityException e) { } }
From source file:com.example.mp_master.helper.UntrustedSSLSocketFactory.java
/** * Creates the default SSL socket factory. * This constructor is used exclusively to instantiate the factory for * {@link #getSocketFactory getSocketFactory}. * @throws NoSuchAlgorithmException //ww w .j a v a2 s . c o m * @throws KeyManagementException */ private UntrustedSSLSocketFactory() { super(); this.nameResolver = null; TrustManager[] blindTrustMan = new TrustManager[] { new X509TrustManager() { public X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] c, String a) throws CertificateException { } public void checkServerTrusted(X509Certificate[] c, String a) throws CertificateException { } } }; SSLContext sl = null; SSLSocketFactory sslf = null; try { sl = SSLContext.getInstance(TLS); sl.init(null, blindTrustMan, new java.security.SecureRandom()); sslf = sl.getSocketFactory(); } catch (Exception e) { e.printStackTrace(); sslf = HttpsURLConnection.getDefaultSSLSocketFactory(); } this.sslcontext = sl; this.socketfactory = sslf; }
From source file:org.wso2.carbon.databridge.agent.internal.endpoint.thrift.client.ThriftSecureClientPoolFactory.java
@Override public Object createClient(String protocol, String hostName, int port) throws DataEndpointAgentSecurityException { String trustStore, trustStorePw; if (protocol.equalsIgnoreCase(DataEndpointConfiguration.Protocol.TCP.toString())) { if (params == null) { if (getTrustStore() == null) { trustStore = System.getProperty("javax.net.ssl.trustStore"); if (trustStore == null) { throw new DataEndpointAgentSecurityException("No trustStore found"); } else { setTrustStore(trustStore); }/*from w w w . j a va 2s . c o m*/ } if (getTrustStorePassword() == null) { trustStorePw = System.getProperty("javax.net.ssl.trustStorePassword"); if (trustStorePw == null) { throw new DataEndpointAgentSecurityException("No trustStore password found"); } else { setTrustStorePassword(trustStorePw); } } params = new TSSLTransportFactory.TSSLTransportParameters(); params.setTrustStore(getTrustStore(), getTrustStorePassword()); } TTransport receiverTransport = null; try { receiverTransport = TSSLTransportFactory.getClientSocket(hostName, port, 0, params); TProtocol tProtocol = new TBinaryProtocol(receiverTransport); return new ThriftSecureEventTransmissionService.Client(tProtocol); } catch (TTransportException e) { throw new DataEndpointAgentSecurityException( "Error while trying to connect to " + protocol + "://" + hostName + ":" + port, e); } } else { //TODO:Error thrown when connecting in http in tests... try { TrustManager easyTrustManager = new X509TrustManager() { public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s) throws java.security.cert.CertificateException { } public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } }; SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(null, new TrustManager[] { easyTrustManager }, null); SSLSocketFactory sf = new SSLSocketFactory(sslContext); sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", sf, port); DefaultHttpClient client = new DefaultHttpClient(); client.getConnectionManager().getSchemeRegistry().register(httpsScheme); THttpClient tclient = new THttpClient("https://" + hostName + ":" + port + "/securedThriftReceiver", client); TProtocol tProtocol = new TCompactProtocol(tclient); ThriftSecureEventTransmissionService.Client authClient = new ThriftSecureEventTransmissionService.Client( tProtocol); tclient.open(); return authClient; } catch (Exception e) { throw new DataEndpointAgentSecurityException("Cannot create Secure client for " + "https://" + hostName + ":" + port + "/securedThriftReceiver", e); } } }