1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.ws.transport.http;
18
19 import java.io.IOException;
20 import java.net.HttpURLConnection;
21 import java.net.URI;
22 import java.security.GeneralSecurityException;
23 import java.security.KeyManagementException;
24 import java.security.NoSuchAlgorithmException;
25 import java.security.NoSuchProviderException;
26 import java.security.SecureRandom;
27 import java.util.Arrays;
28 import javax.net.ssl.HostnameVerifier;
29 import javax.net.ssl.HttpsURLConnection;
30 import javax.net.ssl.KeyManager;
31 import javax.net.ssl.SSLContext;
32 import javax.net.ssl.TrustManager;
33
34 import org.springframework.beans.factory.InitializingBean;
35 import org.springframework.util.Assert;
36 import org.springframework.util.ObjectUtils;
37 import org.springframework.util.StringUtils;
38
39
40
41
42
43
44
45
46 public class HttpsUrlConnectionMessageSender extends HttpUrlConnectionMessageSender implements InitializingBean {
47
48
49 public static final String DEFAULT_SSL_PROTOCOL = "ssl";
50
51 private String sslProtocol = DEFAULT_SSL_PROTOCOL;
52
53 private String sslProvider;
54
55 private KeyManager[] keyManagers;
56
57 private TrustManager[] trustManagers;
58
59 private HostnameVerifier hostnameVerifier;
60
61 private SecureRandom rnd;
62
63
64
65
66
67
68 public void setSslProtocol(String sslProtocol) {
69 Assert.hasLength(sslProtocol, "'sslProtocol' must not be empty");
70 this.sslProtocol = sslProtocol;
71 }
72
73
74
75
76
77
78 public void setSslProvider(String sslProvider) {
79 this.sslProvider = sslProvider;
80 }
81
82
83
84
85
86
87
88
89 public void setKeyManagers(KeyManager[] keyManagers) {
90 this.keyManagers = keyManagers;
91 }
92
93
94
95
96
97
98
99
100 public void setTrustManagers(TrustManager[] trustManagers) {
101 this.trustManagers = trustManagers;
102 }
103
104
105
106
107
108
109 public void setHostnameVerifier(HostnameVerifier hostnameVerifier) {
110 this.hostnameVerifier = hostnameVerifier;
111 }
112
113
114
115
116
117
118 public void setSecureRandom(SecureRandom rnd) {
119 this.rnd = rnd;
120 }
121
122 public void afterPropertiesSet() throws Exception {
123 Assert.isTrue(!(ObjectUtils.isEmpty(keyManagers) && ObjectUtils.isEmpty(trustManagers)),
124 "Setting either 'keyManagers' or 'trustManagers' is required");
125 }
126
127 protected void prepareConnection(HttpURLConnection connection) throws IOException {
128 super.prepareConnection(connection);
129 if (connection instanceof HttpsURLConnection) {
130 HttpsURLConnection httpsConnection = (HttpsURLConnection) connection;
131 try {
132 SSLContext sslContext = createSslContext(sslProtocol, sslProvider);
133 sslContext.init(keyManagers, trustManagers, rnd);
134 if (logger.isDebugEnabled()) {
135 logger.debug("Initialized SSL Context with key managers [" +
136 StringUtils.arrayToCommaDelimitedString(keyManagers) + "] trust managers [" +
137 StringUtils.arrayToCommaDelimitedString(trustManagers) + "] secure random [" + rnd + "]");
138 }
139
140 httpsConnection.setSSLSocketFactory(sslContext.getSocketFactory());
141
142 if (hostnameVerifier != null) {
143 httpsConnection.setHostnameVerifier(hostnameVerifier);
144 }
145 }
146 catch (NoSuchProviderException ex) {
147 throw new HttpsTransportException("Could not create SSLContext: " + ex.getMessage(), ex);
148 }
149 catch (NoSuchAlgorithmException ex) {
150 throw new HttpsTransportException("Could not create SSLContext: " + ex.getMessage(), ex);
151 }
152 catch (KeyManagementException ex) {
153 throw new HttpsTransportException("Could not initialize SSLContext: " + ex.getMessage(), ex);
154 }
155 }
156 }
157
158 private SSLContext createSslContext(String protocol, String provider)
159 throws NoSuchProviderException, NoSuchAlgorithmException {
160 if (!StringUtils.hasLength(provider)) {
161 return SSLContext.getInstance(protocol);
162 }
163 else {
164 return SSLContext.getInstance(protocol, provider);
165 }
166 }
167
168 }