X-Git-Url: https://gerrit.akraino.org/r/gitweb?p=validation.git;a=blobdiff_plain;f=ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fakraino%2Fvalidation%2Fui%2Fconf%2FUiInitializer.java;fp=ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fakraino%2Fvalidation%2Fui%2Fconf%2FUiInitializer.java;h=febafe1aac6fce74f29313024e89e2c87d404cc0;hp=0000000000000000000000000000000000000000;hb=2eba847ebb6acb2686be08eb1cdafc1b12071e7d;hpb=f86b9715d156238532fcb0bf464bd72e9cf7ce96 diff --git a/ui/src/main/java/org/akraino/validation/ui/conf/UiInitializer.java b/ui/src/main/java/org/akraino/validation/ui/conf/UiInitializer.java new file mode 100644 index 0000000..febafe1 --- /dev/null +++ b/ui/src/main/java/org/akraino/validation/ui/conf/UiInitializer.java @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. You may obtain + * a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ +package org.akraino.validation.ui.conf; + +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.X509Certificate; +import java.util.Map; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; + +import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.context.event.EventListener; +import org.springframework.stereotype.Component; + +import com.sun.jersey.api.client.config.DefaultClientConfig; +import com.sun.jersey.client.urlconnection.HTTPSProperties; + +@Component +public class UiInitializer { + + // Create all-trusting host name verifier + private final HostnameVerifier hostnameVerifier = new HostnameVerifier() { + @Override + public boolean verify(String hostname, SSLSession session) { + return true; + } + }; + // Create a trust manager that does not validate certificate chains + private final TrustManager[] trustAll = new TrustManager[] { new X509TrustManager() { + @Override + public X509Certificate[] getAcceptedIssuers() { + return null; // Not relevant. + } + + @Override + public void checkClientTrusted(X509Certificate[] certs, String authType) { + // Do nothing. Just allow them all. + } + + @Override + public void checkServerTrusted(X509Certificate[] certs, String authType) { + // Do nothing. Just allow them all. + } + } }; + + @EventListener(ContextRefreshedEvent.class) + public void setHttpProperties() throws NoSuchAlgorithmException, KeyManagementException { + SSLContext sslContext = SSLContext.getInstance("SSL"); + sslContext.init(null, this.trustAll, new java.security.SecureRandom()); + HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory()); + // Install the all-trusting host verifier + HttpsURLConnection.setDefaultHostnameVerifier(this.hostnameVerifier); + DefaultClientConfig config = new DefaultClientConfig(); + Map properties = config.getProperties(); + HTTPSProperties httpsProperties = new HTTPSProperties((str, sslSession) -> true, sslContext); + properties.put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, httpsProperties); + } + +}