private static void trustAllHttpsCertificates() throws Exception {
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new TrustAllTrustManager();
trustAllCerts[0] = tm;
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
javax.net.ssl.SSLSessionContext sslsc = sc.getServerSessionContext();
sslsc.setSessionTimeout(0);
sc.init(null, trustAllCerts, null);
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
/*
* Configures the given SSLSessionContext.
*
* @param sslSessionCtxt The SSLSessionContext to configure
*/
private void configureSSLSessionContext(SSLSessionContext sslSessionCtxt) {
String attrValue = (String) attributes.get("sslSessionTimeout");
if (attrValue != null) {
sslSessionCtxt.setSessionTimeout(Integer.valueOf(attrValue).intValue());
}
attrValue = (String) attributes.get("ssl3SessionTimeout");
if (attrValue != null) {
sslSessionCtxt.setSessionTimeout(Integer.valueOf(attrValue).intValue());
}
attrValue = (String) attributes.get("sslSessionCacheSize");
if (attrValue != null) {
sslSessionCtxt.setSessionCacheSize(Integer.valueOf(attrValue).intValue());
}
}
@Override
public void configureSessionContext(SSLSessionContext sslSessionContext) {
int sessionCacheSize;
if (endpoint.getSessionCacheSize() != null) {
sessionCacheSize = Integer.parseInt(endpoint.getSessionCacheSize());
} else {
sessionCacheSize = defaultSessionCacheSize;
}
int sessionTimeout;
if (endpoint.getSessionTimeout() != null) {
sessionTimeout = Integer.parseInt(endpoint.getSessionTimeout());
} else {
sessionTimeout = defaultSessionTimeout;
}
sslSessionContext.setSessionCacheSize(sessionCacheSize);
sslSessionContext.setSessionTimeout(sessionTimeout);
}
/**
* Trust all certificates - must modify for production mode
*
* @throws Exception
*/
public static void trustAllHttpsCertificates() throws Exception {
// Create the TrustManager
javax.net.ssl.TrustManager[] trustAllCerts = new javax.net.ssl.TrustManager[1];
javax.net.ssl.TrustManager tm = new TrustAllManager();
trustAllCerts[0] = tm;
// Create the SSL context
javax.net.ssl.SSLContext sc = javax.net.ssl.SSLContext.getInstance("SSL");
// create the session context
javax.net.ssl.SSLSessionContext sslsc = sc.getServerSessionContext();
// Initialize the contexts; the session context takes the trust nanager
sslsc.setSessionTimeout(0);
sc.init(null, trustAllCerts, null);
// use the default socket factory to create teh socket for teh secure connection
javax.net.ssl.HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
// set the default host name verifier to enable the connection
}
/**
* Invalidates all SSL/TLS sessions in {@code sessionContext} associated with {@code
* remoteAddress}.
*
* @param sessionContext collection of SSL/TLS sessions to be (potentially) invalidated
* @param remoteAddress associated with sessions to invalidate
*/
private void clearSessionCache(
final SSLSessionContext sessionContext, final InetSocketAddress remoteAddress) {
final String hostName = remoteAddress.getHostName();
final int port = remoteAddress.getPort();
final Enumeration<byte[]> ids = sessionContext.getIds();
if (ids == null) {
return;
}
while (ids.hasMoreElements()) {
final byte[] id = ids.nextElement();
final SSLSession session = sessionContext.getSession(id);
if (session != null
&& session.getPeerHost() != null
&& session.getPeerHost().equalsIgnoreCase(hostName)
&& session.getPeerPort() == port) {
session.invalidate();
if (LOG.isDebugEnabled()) {
LOG.debug("Invalidated session " + session);
}
}
}
}
