Пример #1
0
  protected void addSslContextParametersToRegistry(JndiRegistry registry) {
    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString());
    ksp.setPassword(KEY_STORE_PASSWORD);

    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyPassword(KEY_STORE_PASSWORD);
    kmp.setKeyStore(ksp);

    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);

    // NOTE: Needed since the client uses a loose trust configuration when no ssl context
    // is provided.  We turn on WANT client-auth to prefer using authentication
    SSLContextServerParameters scsp = new SSLContextServerParameters();
    scsp.setClientAuthentication(ClientAuthentication.WANT.name());

    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setKeyManagers(kmp);
    sslContextParameters.setTrustManagers(tmp);
    sslContextParameters.setServerParameters(scsp);
    // use SSLv3 to avoid issue with (eg disable TLS)
    // Caused by: javax.net.ssl.SSLException: bad record MAC
    sslContextParameters.setSecureSocketProtocol("SSLv3");

    registry.bind("sslContextParameters", sslContextParameters);
  }
 private SSLSocketFactory tryToGetSSLSocketFactory() {
   try {
     return sslContextParameters.createSSLContext(camelContext).getSocketFactory();
   } catch (GeneralSecurityException | IOException e) {
     throw new RuntimeException("Setting SSL failed", e);
   }
 }
  @Override
  protected JndiRegistry createRegistry() throws Exception {

    KeyStoreParameters ksp = new KeyStoreParameters();
    ksp.setResource(this.getClass().getClassLoader().getResource("keystore.jks").toString());
    ksp.setPassword("changeit");

    KeyManagersParameters kmp = new KeyManagersParameters();
    kmp.setKeyPassword("changeit");
    kmp.setKeyStore(ksp);

    TrustManagersParameters tmp = new TrustManagersParameters();
    tmp.setKeyStore(ksp);

    SSLContextParameters sslContextParameters = new SSLContextParameters();
    sslContextParameters.setKeyManagers(kmp);
    sslContextParameters.setTrustManagers(tmp);

    JndiRegistry registry = super.createRegistry();
    registry.bind("sslContextParameters", sslContextParameters);
    return registry;
  }
Пример #4
0
  private Properties createJavaMailProperties() {
    // clone the system properties and set the java mail properties
    Properties properties = (Properties) System.getProperties().clone();
    properties.put("mail." + protocol + ".connectiontimeout", connectionTimeout);
    properties.put("mail." + protocol + ".timeout", connectionTimeout);
    properties.put("mail." + protocol + ".host", host);
    properties.put("mail." + protocol + ".port", "" + port);
    if (username != null) {
      properties.put("mail." + protocol + ".user", username);
      properties.put("mail.user", username);
      properties.put("mail." + protocol + ".auth", "true");
    } else {
      properties.put("mail." + protocol + ".auth", "false");
    }
    properties.put("mail.transport.protocol", protocol);
    properties.put("mail.store.protocol", protocol);
    properties.put("mail.host", host);

    if (debugMode) {
      // add more debug for the SSL communication as well
      properties.put("javax.net.debug", "all");
    }

    if (sslContextParameters != null && isSecureProtocol()) {
      SSLContext sslContext;
      try {
        sslContext = sslContextParameters.createSSLContext();
      } catch (Exception e) {
        throw new RuntimeCamelException("Error initializing SSLContext.", e);
      }
      properties.put("mail." + protocol + ".socketFactory", sslContext.getSocketFactory());
      properties.put("mail." + protocol + ".socketFactory.fallback", "false");
      properties.put("mail." + protocol + ".socketFactory.port", "" + port);
    }
    if (dummyTrustManager && isSecureProtocol()) {
      // set the custom SSL properties
      properties.put(
          "mail." + protocol + ".socketFactory.class",
          "org.apache.camel.component.mail.security.DummySSLSocketFactory");
      properties.put("mail." + protocol + ".socketFactory.fallback", "false");
      properties.put("mail." + protocol + ".socketFactory.port", "" + port);
    }

    return properties;
  }