--- /dev/null
+/*
+ * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License. You may obtain
+ * a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+package org.akraino.validation.ui.conf;
+
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
+import java.util.Map;
+
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+import org.springframework.context.event.ContextRefreshedEvent;
+import org.springframework.context.event.EventListener;
+import org.springframework.stereotype.Component;
+
+import com.sun.jersey.api.client.config.DefaultClientConfig;
+import com.sun.jersey.client.urlconnection.HTTPSProperties;
+
+@Component
+public class UiInitializer {
+
+ // Create all-trusting host name verifier
+ private final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
+ @Override
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }
+ };
+ // Create a trust manager that does not validate certificate chains
+ private final TrustManager[] trustAll = new TrustManager[] { new X509TrustManager() {
+ @Override
+ public X509Certificate[] getAcceptedIssuers() {
+ return null; // Not relevant.
+ }
+
+ @Override
+ public void checkClientTrusted(X509Certificate[] certs, String authType) {
+ // Do nothing. Just allow them all.
+ }
+
+ @Override
+ public void checkServerTrusted(X509Certificate[] certs, String authType) {
+ // Do nothing. Just allow them all.
+ }
+ } };
+
+ @EventListener(ContextRefreshedEvent.class)
+ public void setHttpProperties() throws NoSuchAlgorithmException, KeyManagementException {
+ SSLContext sslContext = SSLContext.getInstance("SSL");
+ sslContext.init(null, this.trustAll, new java.security.SecureRandom());
+ HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
+ // Install the all-trusting host verifier
+ HttpsURLConnection.setDefaultHostnameVerifier(this.hostnameVerifier);
+ DefaultClientConfig config = new DefaultClientConfig();
+ Map<String, Object> properties = config.getProperties();
+ HTTPSProperties httpsProperties = new HTTPSProperties((str, sslSession) -> true, sslContext);
+ properties.put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, httpsProperties);
+ }
+
+}