cn.geowind.takeout.verify.CcopHttpClient.java Source code

Java tutorial

  1. HOME
  2. Java
  3. cn.geowind.takeout.verify.CcopHttpClient.java

Introduction

Here is the source code for cn.geowind.takeout.verify.CcopHttpClient.java

Source

/*
 *  Copyright (c) 2013 The CCP project authors. All Rights Reserved.
 *
 *  Use of this source code is governed by a Beijing Speedtong Information Technology Co.,Ltd license
 *  that can be found in the LICENSE file in the root of the web site.
 *
 *   http://www.cloopen.com
 *
 *  An additional intellectual property rights grant can be found
 *  in the file PATENTS.  All contributing project authors may
 *  be found in the AUTHORS file in the root of the source tree.
 */
package cn.geowind.takeout.verify;

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

public class CcopHttpClient {

    /**
     * SSL
     * 
     * @param hostname
     *            ??IP??
     * @param protocol
     *            ????TLS-??
     * @param port
     *            ??
     * @param scheme
     *            ????
     * @return HttpClient
     * @throws NoSuchAlgorithmException
     * @throws KeyManagementException
     */
    public DefaultHttpClient registerSSL(String hostname, String protocol, int port, String scheme)
            throws NoSuchAlgorithmException, KeyManagementException {

        // HttpClient
        DefaultHttpClient httpclient = new DefaultHttpClient();
        // SSL
        SSLContext ctx = SSLContext.getInstance(protocol);
        // ???
        X509TrustManager tm = new X509TrustManager() {
            /**
             * CA??
             */
            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }

            /**
             * ???
             * 
             * @param chain
             *            ?
             * @param authType
             *            ???authTypeRSA
             */
            public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
                if (chain == null || chain.length == 0)
                    throw new IllegalArgumentException("null or zero-length certificate chain");
                if (authType == null || authType.length() == 0)
                    throw new IllegalArgumentException("null or zero-length authentication type");

                boolean br = false;
                Principal principal = null;
                for (X509Certificate x509Certificate : chain) {
                    principal = x509Certificate.getSubjectX500Principal();
                    if (principal != null) {
                        br = true;
                        return;
                    }
                }
                if (!br) {
                    throw new CertificateException("????");
                }
            }

            /**
             * ??
             */
            public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {

            }
        };

        // ?SSL
        ctx.init(null, new TrustManager[] { tm }, new java.security.SecureRandom());
        // SSL
        SSLSocketFactory socketFactory = new SSLSocketFactory(ctx, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        Scheme sch = new Scheme(scheme, port, socketFactory);
        // SSL
        httpclient.getConnectionManager().getSchemeRegistry().register(sch);
        return httpclient;
    }
}