|
1
17 package org.apache.servicemix.http.processors;
18
19 import java.io.IOException  ;
20 import java.net.InetAddress ;
21 import java.net.InetSocketAddress ;
22 import java.net.Socket ;
23 import java.net.SocketAddress ;
24 import java.net.URL ;
25 import java.net.UnknownHostException ;
26 import java.security.KeyStore ;
27
28 import javax.jbi.JBIException;
29 import javax.net.ssl.KeyManagerFactory;
30 import javax.net.ssl.SSLContext;
31 import javax.net.ssl.SSLSocketFactory;
32 import javax.net.ssl.TrustManagerFactory;
33
34 import org.apache.commons.httpclient.ConnectTimeoutException;
35 import org.apache.commons.httpclient.params.HttpConnectionParams;
36 import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
37 import org.apache.servicemix.http.SslParameters;
38 import org.apache.servicemix.jbi.security.keystore.KeystoreManager;
39 import org.mortbay.resource.Resource;
40 import org.springframework.core.io.ClassPathResource;
41
42 public class CommonsHttpSSLSocketFactory implements SecureProtocolSocketFactory {
43
44 private SSLSocketFactory factory;
45
46 public CommonsHttpSSLSocketFactory(SslParameters ssl, KeystoreManager keystoreManager) throws Exception {
47 if (ssl.isManaged()) {
48 createManagedFactory(ssl, keystoreManager);
49 } else {
50 createUnmanagedFactory(ssl);
51 }
52 }
53
54 protected void createManagedFactory(SslParameters ssl, KeystoreManager keystoreManager) throws Exception {
55 factory = keystoreManager.createSSLFactory(
56 ssl.getProvider(),
57 ssl.getProtocol(),
58 ssl.getKeyManagerFactoryAlgorithm(),
59 ssl.getKeyStore(),
60 ssl.getKeyAlias(),
61 ssl.getTrustStore());
62 }
63
64 protected void createUnmanagedFactory(SslParameters ssl) throws Exception {
65 SSLContext context;
66 if (ssl.getProvider() == null) {
67 context = SSLContext.getInstance(ssl.getProtocol());
68 } else {
69 context = SSLContext.getInstance(ssl.getProtocol(), ssl.getProvider());
70 }
71 KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(ssl.getKeyManagerFactoryAlgorithm());
72 String keyStore = ssl.getKeyStore();
73 if (keyStore == null) {
74 keyStore = System.getProperty("javax.net.ssl.keyStore");
75 if (keyStore == null) {
76 throw new IllegalArgumentException ("keyStore or system property javax.net.ssl.keyStore must be set");
77 }
78 }
79 if (keyStore.startsWith("classpath:")) {
80 try {
81 String res = keyStore.substring(10);
82 URL url = new ClassPathResource(res).getURL();
83 keyStore = url.toString();
84 } catch (IOException e) {
85 throw new JBIException("Unable to find keyStore " + keyStore, e);
86 }
87 }
88 String keyStorePassword = ssl.getKeyStorePassword();
89 if (keyStorePassword == null) {
90 keyStorePassword = System.getProperty("javax.net.ssl.keyStorePassword");
91 if (keyStorePassword == null) {
92 throw new IllegalArgumentException ("keyStorePassword or system property javax.net.ssl.keyStorePassword must be set");
93 }
94 }
95 String trustStore = ssl.getTrustStore();
96 String trustStorePassword = null;
97 if (trustStore == null) {
98 trustStore = System.getProperty("javax.net.ssl.trustStore");
99 }
100 if (trustStore != null) {
101 if (trustStore.startsWith("classpath:")) {
102 try {
103 String res = trustStore.substring(10);
104 URL url = new ClassPathResource(res).getURL();
105 trustStore = url.toString();
106 } catch (IOException e) {
107 throw new JBIException("Unable to find trustStore " + trustStore, e);
108 }
109 }
110 trustStorePassword = ssl.getTrustStorePassword();
111 if (trustStorePassword == null) {
112 trustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
113 if (trustStorePassword == null) {
114 throw new IllegalArgumentException ("trustStorePassword or system property javax.net.ssl.trustStorePassword must be set");
115 }
116 }
117 }
118 KeyStore ks = KeyStore.getInstance(ssl.getKeyStoreType());
119 ks.load(Resource.newResource(keyStore).getInputStream(), keyStorePassword.toCharArray());
120 keyManagerFactory.init(ks, ssl.getKeyPassword() != null ? ssl.getKeyPassword().toCharArray() : keyStorePassword.toCharArray());
121 if (trustStore != null) {
122 KeyStore ts = KeyStore.getInstance(ssl.getTrustStoreType());
123 ts.load(Resource.newResource(trustStore).getInputStream(), trustStorePassword.toCharArray());
124 TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(ssl.getTrustManagerFactoryAlgorithm());
125 trustManagerFactory.init(ts);
126 context.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), new java.security.SecureRandom ());
127 } else {
128 context.init(keyManagerFactory.getKeyManagers(), null, new java.security.SecureRandom ());
129 }
130 factory = context.getSocketFactory();
131 }
132
133 public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws IOException , UnknownHostException {
134 return factory.createSocket(socket, host, port, autoClose);
135 }
136
137 public Socket createSocket(String host, int port, InetAddress localAddress, int localPort) throws IOException , UnknownHostException {
138 return factory.createSocket(host, port, localAddress, localPort);
139 }
140
141 public Socket createSocket(String host, int port, InetAddress localAddress, int localPort, HttpConnectionParams params) throws IOException , UnknownHostException , ConnectTimeoutException {
142 if (params == null) {
143 throw new IllegalArgumentException ("Parameters may not be null");
144 }
145 int timeout = params.getConnectionTimeout();
146 if (timeout == 0) {
147 return createSocket(host, port, localAddress, localPort);
148 } else {
149 Socket socket = factory.createSocket();
150 SocketAddress localaddr = new InetSocketAddress (localAddress, localPort);
151 SocketAddress remoteaddr = new InetSocketAddress (host, port);
152 socket.bind(localaddr);
153 socket.connect(remoteaddr, timeout);
154 return socket;
155 }
156 }
157
158 public Socket createSocket(String host, int port) throws IOException , UnknownHostException {
159 return factory.createSocket(host, port);
160 }
161
162 }
163
164 |
Popular Tags |
Java API By Example, From Geeks To Geeks.