Java tutorial
/** * Copyright 2016 Telefonica Investigacin y Desarrollo, S.A.U * * This file is part of fiware-cosmos (FI-WARE project). * * fiware-cosmos is free software: you can redistribute it and/or modify it under the terms of the GNU Affero * General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your * option) any later version. * fiware-cosmos is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License * for more details. * * You should have received a copy of the GNU Affero General Public License along with fiware-cosmos. If not, see * http://www.gnu.org/licenses/. * * For those usages not covered by the GNU Affero General Public License please contact with iot_support at tid dot es */ package com.telefonica.iot.cosmos.hive.authprovider; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.security.cert.X509Certificate; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.conn.scheme.Scheme; import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.PoolingClientConnectionManager; import org.apache.log4j.Logger; /** * * @author frb * * This is a convenience class in order the clients do not have to import stuff from org.apache.http and deal with its * details. It implements a Http client factory. * */ public class HttpClientFactory { private static final Logger LOGGER = Logger.getLogger(HttpClientFactory.class); public static final int MAX_CONNS = 500; public static final int MAX_CONNS_PER_ROUTE = 100; private static PoolingClientConnectionManager connectionsManager; private static PoolingClientConnectionManager sslConnectionsManager; /** * Constructor. * @param ssl True if SSL connections are desired. False otherwise. */ public HttpClientFactory(boolean ssl) { // create the appropriate connections manager if (ssl) { sslConnectionsManager = new PoolingClientConnectionManager(getSSLSchemeRegistry()); sslConnectionsManager.setMaxTotal(MAX_CONNS); sslConnectionsManager.setDefaultMaxPerRoute(MAX_CONNS_PER_ROUTE); } else { connectionsManager = new PoolingClientConnectionManager(); connectionsManager.setMaxTotal(MAX_CONNS); connectionsManager.setDefaultMaxPerRoute(MAX_CONNS_PER_ROUTE); } // if else LOGGER.info("Setting max total connections (" + MAX_CONNS + ")"); LOGGER.info("Setting default max connections per route (" + MAX_CONNS_PER_ROUTE + ")"); } // HttpClientFactory /** * Gets a HTTP client. * @param ssl True if SSL connections are desired. False otherwise * @return A http client obtained from the (SSL) Connections Manager. */ public DefaultHttpClient getHttpClient(boolean ssl) { DefaultHttpClient httpClient; if (ssl) { httpClient = new DefaultHttpClient(sslConnectionsManager); } else { httpClient = new DefaultHttpClient(connectionsManager); } // if else return httpClient; } // getHttpClient /** * Gets the number of leased connections for this connections manager. This is not really used within the code, but * could be used for debugging purposes. * @param ssl * @return */ public int getLeasedConnections(boolean ssl) { if (ssl) { return sslConnectionsManager.getTotalStats().getLeased(); } else { return connectionsManager.getTotalStats().getLeased(); } // if else } // getLeasedConnections /** * Gets a SSL SchemeRegistry object accepting all the X509 certificates by default. * @return A SSL SchemeRegistry object. */ private SchemeRegistry getSSLSchemeRegistry() { // http://stackoverflow.com/questions/2703161/how-to-ignore-ssl-certificate-errors-in-apache-httpclient-4-0 SSLContext sslContext; try { sslContext = SSLContext.getInstance("SSL"); } catch (NoSuchAlgorithmException e) { LOGGER.fatal("Fatal error (SSL cannot be used, no such algorithm. Details=" + e.getMessage() + ")"); return null; } // try catch // try catch try { // set up a TrustManager that trusts everything sslContext.init(null, new TrustManager[] { new X509TrustManager() { @Override public X509Certificate[] getAcceptedIssuers() { return null; } // getAcceptedIssuers @Override public void checkClientTrusted(X509Certificate[] certs, String authType) { } // getAcceptedIssuers @Override public void checkServerTrusted(X509Certificate[] certs, String authType) { } // checkServerTrusted } }, new SecureRandom()); } catch (KeyManagementException e) { LOGGER.fatal("Fatal error (Cannot ignore SSL certificates. Details=" + e.getMessage() + ")"); return null; } // try catch // try catch if (sslContext == null) { LOGGER.fatal("Fatal error (Cannot ignore SSL certificates, SSL context is null)"); return null; } // if SSLSocketFactory sf = new SSLSocketFactory(sslContext, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); Scheme httpsScheme = new Scheme("https", 443, sf); SchemeRegistry schemeRegistry = new SchemeRegistry(); schemeRegistry.register(httpsScheme); return schemeRegistry; } // getSSLSchemeRegistry } // HttpClientFactory