Java Code Examples for javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier()

The following examples show how to use javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: OkHttpClient.java    From cordova-android-chromeview with Apache License 2.0 6 votes vote down vote up
/**
 * Returns a shallow copy of this OkHttpClient that uses the system-wide default for
 * each field that hasn't been explicitly configured.
 */
private OkHttpClient copyWithDefaults() {
  OkHttpClient result = new OkHttpClient();
  result.proxy = proxy;
  result.failedRoutes = failedRoutes;
  result.proxySelector = proxySelector != null ? proxySelector : ProxySelector.getDefault();
  result.cookieHandler = cookieHandler != null ? cookieHandler : CookieHandler.getDefault();
  result.responseCache = responseCache != null ? responseCache : ResponseCache.getDefault();
  result.sslSocketFactory = sslSocketFactory != null
      ? sslSocketFactory
      : HttpsURLConnection.getDefaultSSLSocketFactory();
  result.hostnameVerifier = hostnameVerifier != null
      ? hostnameVerifier
      : HttpsURLConnection.getDefaultHostnameVerifier();
  result.connectionPool = connectionPool != null ? connectionPool : ConnectionPool.getDefault();
  result.followProtocolRedirects = followProtocolRedirects;
  return result;
}
 
Example 2
Source File: OkHttpClient.java    From phonegap-plugin-loading-spinner with Apache License 2.0 6 votes vote down vote up
/**
 * Returns a shallow copy of this OkHttpClient that uses the system-wide default for
 * each field that hasn't been explicitly configured.
 */
private OkHttpClient copyWithDefaults() {
  OkHttpClient result = new OkHttpClient();
  result.proxy = proxy;
  result.failedRoutes = failedRoutes;
  result.proxySelector = proxySelector != null ? proxySelector : ProxySelector.getDefault();
  result.cookieHandler = cookieHandler != null ? cookieHandler : CookieHandler.getDefault();
  result.responseCache = responseCache != null ? responseCache : ResponseCache.getDefault();
  result.sslSocketFactory = sslSocketFactory != null
      ? sslSocketFactory
      : HttpsURLConnection.getDefaultSSLSocketFactory();
  result.hostnameVerifier = hostnameVerifier != null
      ? hostnameVerifier
      : HttpsURLConnection.getDefaultHostnameVerifier();
  result.connectionPool = connectionPool != null ? connectionPool : ConnectionPool.getDefault();
  result.followProtocolRedirects = followProtocolRedirects;
  return result;
}
 
Example 3
Source File: HttpHelperTest.java    From egeria with Apache License 2.0 5 votes vote down vote up
@Test
/**
 * Tests hostname verifier before and after running noStrictSSL.
 */
public void testNoStrictSSLHostnameVerifier() {
    HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    SSLSession sslSession = Mockito.mock(SSLSession.class);
    String value = "some.hostname";
    assertFalse(HttpsURLConnection.getDefaultHostnameVerifier().verify(value,sslSession));

    HttpHelper.noStrictSSL();

    assertNotEquals(hostnameVerifier,HttpsURLConnection.getDefaultHostnameVerifier());
    assertTrue(HttpsURLConnection.getDefaultHostnameVerifier().verify(value,sslSession));
}
 
Example 4
Source File: MutualSSLClient.java    From product-emm with Apache License 2.0 5 votes vote down vote up
private HostnameVerifier getHostnameVerifier() {
    return new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
            HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
            return hv.verify(hostname, session);
        }
    };
}
 
Example 5
Source File: MutualSSLClient.java    From product-emm with Apache License 2.0 5 votes vote down vote up
private HostnameVerifier getHostnameVerifier() {
    return new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
            HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
            return hv.verify(hostname, session);
        }
    };
}
 
Example 6
Source File: AbstractSecureJettyTest.java    From attic-polygene-java with Apache License 2.0 5 votes vote down vote up
@BeforeClass
public static void beforeSecureClass()
    throws IOException, GeneralSecurityException
{
    defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
    HttpsURLConnection.setDefaultHostnameVerifier( ( string, ssls ) -> true );
    HttpsURLConnection.setDefaultSSLSocketFactory( buildTrustSSLContext().getSocketFactory() );
}
 
Example 7
Source File: HttpsUtils.java    From AndroidModulePattern with Apache License 2.0 5 votes vote down vote up
/**
 * 主机名校验方法,请把”192.168.0.10”换成你们公司的主机IP:
 */
public static HostnameVerifier getHostnameVerifier() {
    return new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
            if ("192.168.0.10".equals(hostname)) {
                return true;
            } else {
                HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
                return hv.verify(hostname, session);
            }
        }
    };
}
 
Example 8
Source File: HttpsClientConfiguration.java    From pulsar-manager with Apache License 2.0 5 votes vote down vote up
@Bean
public CloseableHttpClient httpClient() throws Exception {
    if (tlsEnabled) {
        Resource resource = new FileSystemResource(tlsKeystore);
        File trustStoreFile = resource.getFile();
        SSLContext sslcontext = SSLContexts.custom()
                .loadTrustMaterial(trustStoreFile, tlsKeystorePassword.toCharArray(),
                        new TrustSelfSignedStrategy())
                .build();
        HostnameVerifier hostnameVerifier = (s, sslSession) -> {
            // Custom logic to verify host name, tlsHostnameVerifier is false for test
            if (!tlsHostnameVerifier) {
                return true;
            } else {
                HostnameVerifier hv= HttpsURLConnection.getDefaultHostnameVerifier();
                return hv.verify(s, sslSession);
            }
        };

        SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(
                sslcontext,
                hostnameVerifier);

        return HttpClients.custom()
                .setSSLSocketFactory(sslsf)
                .build();
    }
    return HttpClients.custom().build();
}
 
Example 9
Source File: OAuthSSLClient.java    From product-emm with Apache License 2.0 5 votes vote down vote up
private HostnameVerifier getHostnameVerifier() {
    return new HostnameVerifier() {
        @Override
        public boolean verify(String hostname, SSLSession session) {
            HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
            return hv.verify(hostname, session);
        }
    };
}
 
Example 10
Source File: AppVariables.java    From MyBox with Apache License 2.0 5 votes vote down vote up
public static void initAppVaribles() {
    try {
        userConfigValues = new HashMap<>();
        systemConfigValues = new HashMap<>();
        getBundle();
        getPdfMem();
        openStageInNewWindow = AppVariables.getUserConfigBoolean("OpenStageInNewWindow", false);
        restoreStagesSize = AppVariables.getUserConfigBoolean("RestoreStagesSize", true);
        sceneFontSize = AppVariables.getUserConfigInt("SceneFontSize", 15);
        fileRecentNumber = AppVariables.getUserConfigInt("FileRecentNumber", 15);
        iconSize = AppVariables.getUserConfigInt("IconSize", 20);
        ControlColor = ControlStyle.getConfigColorStyle();
        controlDisplayText = AppVariables.getUserConfigBoolean("ControlDisplayText", false);
        ImagePopCooridnate = AppVariables.getUserConfigBoolean("ImagePopCooridnate", false);
        disableHiDPI = DerbyFailAsked = false;
        DaoDeMapVersion = AppVariables.getUserConfigValue("DaoDeMapVersion", "1.4.15");
        DaoDeMapWebKey = AppVariables.getUserConfigValue("DaoDeMapWebKey", "06b9e078a51325a843dfefd57ffd876c");
        DaoDeMapWebServiceKey = AppVariables.getUserConfigValue("DaoDeMapWebServiceKey", "d7444d9a7fae01fa850236d909ad4450");
        lastError = null;
        if (defaultSSLSocketFactory == null) {
            defaultSSLSocketFactory = HttpsURLConnection.getDefaultSSLSocketFactory();
            defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
        }
    } catch (Exception e) {
        logger.error(e.toString());
    }

}
 
Example 11
Source File: CasTicketValidatorUtils.java    From shiro-cas-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
protected static TicketValidator buildCas20TicketValidator(final ShiroCasProperties casProperties) {
      
      final boolean allowAnyProxy = casProperties.isAcceptAnyProxy();
final String allowedProxyChains = casProperties.getAllowedProxyChains();
final String casServerUrlPrefix = casProperties.getCasServerUrlPrefix();

final Class<? extends Cas20ServiceTicketValidator> ticketValidatorClass = StringUtils.hasText(casProperties.getTicketValidatorClass()) ? ReflectUtils.loadClass(casProperties.getTicketValidatorClass()) : null; 
final Cas20ServiceTicketValidator validator;

if (allowAnyProxy || CommonUtils.isNotBlank(allowedProxyChains)) {
	final Cas20ProxyTicketValidator v = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ProxyTicketValidator.class);
	v.setAcceptAnyProxy(allowAnyProxy);
	v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains));
	validator = v;
} else {
	validator = createNewTicketValidator(ticketValidatorClass, casServerUrlPrefix, Cas20ServiceTicketValidator.class);
}
validator.setProxyCallbackUrl(casProperties.getProxyCallbackUrl());
validator.setProxyGrantingTicketStorage(proxyGrantingTicketStorage);

HttpURLConnectionFactory factory = new HttpsURLConnectionFactory( HttpsURLConnection.getDefaultHostnameVerifier(), getSSLConfig(casProperties));

validator.setURLConnectionFactory(factory);

validator.setProxyRetriever(new Cas20ProxyRetriever(casServerUrlPrefix, casProperties.getEncoding(), factory));
validator.setRenew(casProperties.isRenew());
validator.setEncoding(casProperties.getEncoding());

      return validator;
  }
 
Example 12
Source File: TlsInit.java    From xipki with Apache License 2.0 5 votes vote down vote up
public static void init() throws GeneralSecurityException {
  System.err.println("***** ONLY FOR TEST, DO NOT USE IT IN PRODUCTION ENVIRONMENT ******");
  TrustManager[] trustManagers = {new InternX509TrustManager()};
  SSLContext sc = SSLContext.getInstance("SSL");
  sc.init(null, trustManagers, new SecureRandom());
  HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());

  oldHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
  LOG.info("Register me as DefaultHostnameVerifier, and backup the old one {}",
      oldHostnameVerifier);
  HttpsURLConnection.setDefaultHostnameVerifier(SdkHostnameVerifier.INSTANCE);
}
 
Example 13
Source File: ClientRecommender.java    From myrrix-recommender with Apache License 2.0 4 votes vote down vote up
private SSLSocketFactory buildSSLSocketFactory() throws IOException {

    final HostnameVerifier defaultVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    HttpsURLConnection.setDefaultHostnameVerifier(
      new HostnameVerifier(){
        @Override
        public boolean verify(String hostname, SSLSession sslSession) {
          return ignoreHTTPSHost
              || "localhost".equals(hostname)
              || "127.0.0.1".equals(hostname)
              || defaultVerifier.verify(hostname, sslSession);
        }
      });

    try {

      KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
      File trustStoreFile = config.getKeystoreFile().getAbsoluteFile();
      String password = config.getKeystorePassword();
      Preconditions.checkNotNull(password);

      InputStream in = new FileInputStream(trustStoreFile);
      try {
        keyStore.load(in, password.toCharArray());
      } finally {
        in.close();
      }

      TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
      tmf.init(keyStore);

      SSLContext ctx;
      try {
        ctx = SSLContext.getInstance("TLSv1.1"); // Java 7 only
      } catch (NoSuchAlgorithmException ignored) {
        log.info("TLSv1.1 unavailable, falling back to TLSv1");
        ctx = SSLContext.getInstance("TLSv1"); // Java 6       
        // This also seems to be necessary:
        if (System.getProperty("https.protocols") == null) {
          System.setProperty("https.protocols", "TLSv1");
        }
      }
      ctx.init(null, tmf.getTrustManagers(), null);
      return ctx.getSocketFactory();

    } catch (NoSuchAlgorithmException nsae) {
      // can't happen?
      throw new IllegalStateException(nsae);
    } catch (KeyStoreException kse) {
      throw new IOException(kse);
    } catch (KeyManagementException kme) {
      throw new IOException(kme);
    } catch (CertificateException ce) {
      throw new IOException(ce);
    }
  }
 
Example 14
Source File: ApigeeHttpsURLConnection.java    From apigee-android-sdk with Apache License 2.0 4 votes vote down vote up
public static HostnameVerifier getDefaultHostnameVerifier()
{
	return HttpsURLConnection.getDefaultHostnameVerifier();
}
 
Example 15
Source File: HostnameVerificationTest.java    From cxf with Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testNoSubjectAlternativeNameNoCNMatchDefaultVerifier() throws Exception {
    HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    try {
        HttpsURLConnection.setDefaultHostnameVerifier(
            new javax.net.ssl.HostnameVerifier() {
                public boolean verify(String hostName, javax.net.ssl.SSLSession session) {
                    return true;
                }
            });

        SpringBusFactory bf = new SpringBusFactory();
        URL busFile = HostnameVerificationTest.class.getResource("hostname-client-usedefault.xml");

        Bus bus = bf.createBus(busFile.toString());
        BusFactory.setDefaultBus(bus);
        BusFactory.setThreadDefaultBus(bus);

        URL url = SOAPService.WSDL_LOCATION;
        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
        assertNotNull("Service is null", service);
        final Greeter port = service.getHttpsPort();
        assertNotNull("Port is null", port);

        updateAddressPort(port, PORT4);

        // Enable Async
        if (async) {
            ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
        }

        assertEquals(port.greetMe("Kitty"), "Hello Kitty");

        ((java.io.Closeable)port).close();
        bus.shutdown(true);
    } finally {
        if (hostnameVerifier != null) {
            HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
        }
    }
}
 
Example 16
Source File: ConfigurationModuleHostNameVerifier.java    From freehealth-connector with GNU Affero General Public License v3.0 4 votes vote down vote up
public void init(Configuration config) {
   LOG.debug("Initializing ConfigurationModule " + this.getClass().getName());
   LOG.warn("Activating bypass: Hostname verifcation. DO NOT USE THIS IN PRODUCTION.");
   this.oldHostNameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
   HttpsURLConnection.setDefaultHostnameVerifier(new ConfigurationModuleHostNameVerifier.BypassHostnameVerifier());
}
 
Example 17
Source File: ConfigurationModuleHostNameVerifier.java    From freehealth-connector with GNU Affero General Public License v3.0 4 votes vote down vote up
public void init(Configuration config) {
   LOG.debug("Initializing ConfigurationModule " + this.getClass().getName());
   LOG.warn("Activating bypass: Hostname verifcation. DO NOT USE THIS IN PRODUCTION.");
   this.oldHostNameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
   HttpsURLConnection.setDefaultHostnameVerifier(new ConfigurationModuleHostNameVerifier.BypassHostnameVerifier());
}
 
Example 18
Source File: ConfigurationModuleHostNameVerifier.java    From freehealth-connector with GNU Affero General Public License v3.0 4 votes vote down vote up
public void init(Configuration config) {
   LOG.debug("Initializing ConfigurationModule " + this.getClass().getName());
   LOG.warn("Activating bypass: Hostname verifcation. DO NOT USE THIS IN PRODUCTION.");
   this.oldHostNameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
   HttpsURLConnection.setDefaultHostnameVerifier(new ConfigurationModuleHostNameVerifier.BypassHostnameVerifier());
}
 
Example 19
Source File: HostnameVerificationTest.java    From cxf with Apache License 2.0 4 votes vote down vote up
@org.junit.Test
public void testNoSubjectAlternativeNameNoCNMatchDefaultVerifierNoConfig() throws Exception {
    HostnameVerifier hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
    try {
        System.setProperty("javax.net.ssl.trustStore", "keys/subjalt.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "security");
        System.setProperty("javax.net.ssl.trustStoreType", "JKS");
        HttpsURLConnection.setDefaultHostnameVerifier(
            new javax.net.ssl.HostnameVerifier() {
                public boolean verify(String hostName, javax.net.ssl.SSLSession session) {
                    return true;
                }
            });

        URL url = SOAPService.WSDL_LOCATION;
        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
        assertNotNull("Service is null", service);
        final Greeter port = service.getHttpsPort();
        assertNotNull("Port is null", port);

        updateAddressPort(port, PORT4);

        // Enable Async
        if (async) {
            ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true);
        }

        TLSClientParameters clientParameters = new TLSClientParameters();
        clientParameters.setUseHttpsURLConnectionDefaultHostnameVerifier(true);
        Client client = ClientProxy.getClient(port);
        ((HTTPConduit)client.getConduit()).setTlsClientParameters(clientParameters);

        assertEquals(port.greetMe("Kitty"), "Hello Kitty");

        ((java.io.Closeable)port).close();
    } finally {
        if (hostnameVerifier != null) {
            HttpsURLConnection.setDefaultHostnameVerifier(hostnameVerifier);
        }
        System.clearProperty("javax.net.ssl.trustStore");
        System.clearProperty("javax.net.ssl.trustStorePassword");
        System.clearProperty("javax.net.ssl.trustStoreType");
    }
}
 
Example 20
Source File: ConfigurationModuleHostNameVerifier.java    From freehealth-connector with GNU Affero General Public License v3.0 4 votes vote down vote up
public void init(Configuration config) {
   LOG.debug("Initializing ConfigurationModule " + this.getClass().getName());
   LOG.warn("Activating bypass: Hostname verifcation. DO NOT USE THIS IN PRODUCTION.");
   this.oldHostNameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
   HttpsURLConnection.setDefaultHostnameVerifier(new ConfigurationModuleHostNameVerifier.BypassHostnameVerifier());
}