Google Git
Sign in
apache / activemq / 910a028fa7dd9659044f4e44392197830d9b463e / . / activemq-http / src / main / java / org / apache / activemq / transport / https / HttpsClientTransport.java
blob: d69f227bdd1adc0a517e4b685be0446bb9b39505 [file] [log] [blame]
/**
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.activemq.transport.https;
import java.io.IOException;
import java.net.URI;
import javax.net.ssl.HostnameVerifier;
import org.apache.activemq.broker.SslContext;
import org.apache.activemq.transport.http.HttpClientTransport;
import org.apache.activemq.transport.util.TextWireFormat;
import org.apache.activemq.util.IOExceptionSupport;
import org.apache.http.config.Registry;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.conn.socket.ConnectionSocketFactory;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
public class HttpsClientTransport extends HttpClientTransport {
private final javax.net.ssl.SSLSocketFactory sslSocketFactory;
private boolean verifyHostName = true;
public HttpsClientTransport(TextWireFormat wireFormat, URI remoteUrl) {
super(wireFormat, remoteUrl);
try {
sslSocketFactory = createSocketFactory();
} catch (IOException e) {
throw new IllegalStateException("Error trying to configure TLS", e);
}
}
@Override
protected HttpClientConnectionManager createClientConnectionManager() {
return new PoolingHttpClientConnectionManager(createRegistry());
}
private Registry<ConnectionSocketFactory> createRegistry() {
RegistryBuilder<ConnectionSocketFactory> registryBuilder = RegistryBuilder.<ConnectionSocketFactory>create();
try {
HostnameVerifier hostnameVerifier = verifyHostName ? new DefaultHostnameVerifier() : new NoopHostnameVerifier();
SSLConnectionSocketFactory sslConnectionFactory = new SSLConnectionSocketFactory(sslSocketFactory, hostnameVerifier);
registryBuilder.register("https", sslConnectionFactory);
registryBuilder.register("http", PlainConnectionSocketFactory.INSTANCE);
return registryBuilder.build();
} catch (Exception e) {
throw new IllegalStateException("Failure trying to create scheme registry", e);
}
}
/**
* Creates a new SSL SocketFactory. The given factory will use user-provided
* key and trust managers (if the user provided them).
*
* @return Newly created (Ssl)SocketFactory.
* @throws IOException
*/
protected javax.net.ssl.SSLSocketFactory createSocketFactory() throws IOException {
if (SslContext.getCurrentSslContext() != null) {
SslContext ctx = SslContext.getCurrentSslContext();
try {
return ctx.getSSLContext().getSocketFactory();
} catch (Exception e) {
throw IOExceptionSupport.create(e);
}
} else {
return (javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault();
}
}
@Override
protected String getSystemPropertyPrefix() {
return "https.";
}
public Boolean getVerifyHostName() {
return verifyHostName;
}
public void setVerifyHostName(Boolean verifyHostName) {
this.verifyHostName = verifyHostName;
}
}