Author: cschneider
Date: Fri Nov 19 07:17:21 2010
New Revision: 1036748
URL: http://svn.apache.org/viewvc?rev=1036748&view=rev
Log:
Small refactoring of http transport
Added:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
(with props)
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java?rev=1036748&r1=1036747&r2=1036748&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/HTTPConduit.java
Fri Nov 19 07:17:21 2010
@@ -364,66 +364,61 @@ public class HTTPConduit
}
}
- /**
- * This call gets called by the HTTPTransportFactory after it
- * causes an injection of the Spring configuration properties
- * of this Conduit.
- */
- protected void finalizeConfig() {
- // See if not set by configuration, if there are defaults
- // in order from the Endpoint, Service, or Bus.
-
- configureConduitFromEndpointInfo(this, endpointInfo);
-
+ private void logConfig() {
+ if (!LOG.isLoggable(Level.FINE)) {
+ return;
+ }
if (trustDecider == null) {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE,
+ LOG.log(Level.FINE,
"No Trust Decider configured for Conduit '"
+ getConduitName() + "'");
- }
} else {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE, "Message Trust Decider of class '"
+ LOG.log(Level.FINE, "Message Trust Decider of class '"
+ trustDecider.getClass().getName()
+ "' with logical name of '"
+ trustDecider.getLogicalName()
+ "' has been configured for Conduit '"
+ getConduitName()
+ "'");
- }
}
if (authSupplier == null) {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE,
+ LOG.log(Level.FINE,
"No Auth Supplier configured for Conduit '"
+ getConduitName() + "'");
- }
} else {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE, "HttpAuthSupplier of class '"
+ LOG.log(Level.FINE, "HttpAuthSupplier of class '"
+ authSupplier.getClass().getName()
+ "' with logical name of '"
+ authSupplier.getLogicalName()
+ "' has been configured for Conduit '"
+ getConduitName()
+ "'");
- }
}
if (this.tlsClientParameters != null) {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE, "Conduit '" + getConduitName()
+ LOG.log(Level.FINE, "Conduit '" + getConduitName()
+ "' has been configured for TLS "
+ "keyManagers " +
Arrays.toString(tlsClientParameters.getKeyManagers())
+ "trustManagers " +
Arrays.toString(tlsClientParameters.getTrustManagers())
+ "secureRandom " + tlsClientParameters.getSecureRandom()
+ "Disable Common Name (CN) Check: " +
tlsClientParameters.isDisableCNCheck());
- }
+
} else {
- if (LOG.isLoggable(Level.FINE)) {
- LOG.log(Level.FINE, "Conduit '" + getConduitName()
+ LOG.log(Level.FINE, "Conduit '" + getConduitName()
+ "' has been configured for plain http.");
- }
}
+ }
+
+ /**
+ * This call gets called by the HTTPTransportFactory after it
+ * causes an injection of the Spring configuration properties
+ * of this Conduit.
+ */
+ protected void finalizeConfig() {
+ // See if not set by configuration, if there are defaults
+ // in order from the Endpoint, Service, or Bus.
+
+ configureConduitFromEndpointInfo(this, endpointInfo);
+ logConfig();
// Get the correct URLConnection factory based on the
// configuration.
Modified:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java?rev=1036748&r1=1036747&r2=1036748&view=diff
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
(original)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/CertConstraintsInterceptor.java
Fri Nov 19 07:17:21 2010
@@ -33,7 +33,6 @@ import org.apache.cxf.phase.AbstractPhas
import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.transport.http.MessageTrustDecider;
-import org.apache.cxf.transport.http.URLConnectionInfo;
import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
/**
@@ -62,31 +61,7 @@ public final class CertConstraintsInterc
if (connection instanceof HttpsURLConnection) {
final MessageTrustDecider orig =
message.get(MessageTrustDecider.class);
- MessageTrustDecider trust = new MessageTrustDecider() {
- public void establishTrust(String conduitName,
- URLConnectionInfo connectionInfo,
- Message message)
- throws UntrustedURLConnectionIOException {
- if (orig != null) {
- orig.establishTrust(conduitName,
connectionInfo, message);
- }
- HttpsURLConnectionInfo info =
(HttpsURLConnectionInfo)connectionInfo;
-
- if (info.getServerCertificates() == null
- || info.getServerCertificates().length ==
0) {
- throw new UntrustedURLConnectionIOException(
- "No server certificates were found"
- );
- } else {
- X509Certificate[] certs =
(X509Certificate[])info.getServerCertificates();
- if (!certConstraints.matches(certs[0])) {
- throw new
UntrustedURLConnectionIOException(
- "The server certificate(s) do not
match the defined cert constraints"
- );
- }
- }
- }
- };
+ MessageTrustDecider trust = new
HttpsMessageTrustDecider(certConstraints, orig);
message.put(MessageTrustDecider.class, trust);
} else {
throw new UntrustedURLConnectionIOException(
Added:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java?rev=1036748&view=auto
==============================================================================
---
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
(added)
+++
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
Fri Nov 19 07:17:21 2010
@@ -0,0 +1,61 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.transport.https;
+
+import java.security.cert.X509Certificate;
+
+import org.apache.cxf.message.Message;
+import org.apache.cxf.transport.http.MessageTrustDecider;
+import org.apache.cxf.transport.http.URLConnectionInfo;
+import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
+
+final class HttpsMessageTrustDecider extends MessageTrustDecider {
+ private final CertConstraints certConstraints;
+ private final MessageTrustDecider orig;
+
+ HttpsMessageTrustDecider(CertConstraints certConstraints,
+ MessageTrustDecider orig) {
+ this.certConstraints = certConstraints;
+ this.orig = orig;
+ }
+
+ public void establishTrust(String conduitName,
+ URLConnectionInfo connectionInfo,
+ Message message)
+ throws UntrustedURLConnectionIOException {
+ if (orig != null) {
+ orig.establishTrust(conduitName, connectionInfo, message);
+ }
+ HttpsURLConnectionInfo info = (HttpsURLConnectionInfo)connectionInfo;
+
+ if (info.getServerCertificates() == null
+ || info.getServerCertificates().length == 0) {
+ throw new UntrustedURLConnectionIOException(
+ "No server certificates were found"
+ );
+ } else {
+ X509Certificate[] certs =
(X509Certificate[])info.getServerCertificates();
+ if (!certConstraints.matches(certs[0])) {
+ throw new UntrustedURLConnectionIOException(
+ "The server certificate(s) do not match the defined cert
constraints"
+ );
+ }
+ }
+ }
+}
\ No newline at end of file
Propchange:
cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsMessageTrustDecider.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
