This is an automated email from the ASF dual-hosted git repository. ilgrosso pushed a commit to branch 2_0_X in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/2_0_X by this push: new 7e18895 [SYNCOPE-1396] Configuration option for TLSClientParameters 7e18895 is described below commit 7e18895fe85809aaee27da5fd617db83aa56150c Author: Francesco Chicchiriccò <ilgro...@apache.org> AuthorDate: Tue Nov 13 09:28:51 2018 +0100 [SYNCOPE-1396] Configuration option for TLSClientParameters --- .../org/apache/syncope/client/lib/SyncopeClient.java | 12 +++++++++++- .../syncope/client/lib/SyncopeClientFactoryBean.java | 19 ++++++++++++++++++- .../workingwithapachesyncope/restfulservices.adoc | 12 ++++++++---- 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java index d857584..25b78a1 100644 --- a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java +++ b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClient.java @@ -31,12 +31,14 @@ import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.commons.lang3.tuple.Pair; +import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.jaxrs.client.Client; import org.apache.cxf.jaxrs.client.ClientConfiguration; import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean; import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.transport.common.gzip.GZIPInInterceptor; import org.apache.cxf.transport.common.gzip.GZIPOutInterceptor; +import org.apache.cxf.transport.http.HTTPConduit; import org.apache.cxf.transport.http.URLConnectionHTTPConduit; import org.apache.syncope.common.lib.SyncopeConstants; import org.apache.syncope.common.lib.search.AnyObjectFiqlSearchConditionBuilder; @@ -65,12 +67,15 @@ public class SyncopeClient { private final boolean useCompression; + private final TLSClientParameters tlsClientParameters; + public SyncopeClient( final MediaType mediaType, final JAXRSClientFactoryBean restClientFactory, final RestClientExceptionMapper exceptionMapper, final AuthenticationHandler handler, - final boolean useCompression) { + final boolean useCompression, + final TLSClientParameters tlsClientParameters) { this.mediaType = mediaType; this.restClientFactory = restClientFactory; @@ -78,6 +83,7 @@ public class SyncopeClient { this.restClientFactory.setHeaders(new HashMap<String, String>()); } this.exceptionMapper = exceptionMapper; + this.tlsClientParameters = tlsClientParameters; init(handler); this.useCompression = useCompression; } @@ -239,6 +245,10 @@ public class SyncopeClient { config.getInInterceptors().add(new GZIPInInterceptor()); config.getOutInterceptors().add(new GZIPOutInterceptor()); } + if (tlsClientParameters != null) { + HTTPConduit httpConduit = (HTTPConduit) config.getConduit(); + httpConduit.setTlsClientParameters(tlsClientParameters); + } return serviceInstance; } diff --git a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java index 0c3dfaf..32f8708 100644 --- a/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java +++ b/client/lib/src/main/java/org/apache/syncope/client/lib/SyncopeClientFactoryBean.java @@ -29,6 +29,7 @@ import java.util.Map; import javax.ws.rs.core.MediaType; import javax.xml.bind.Marshaller; import org.apache.commons.lang3.StringUtils; +import org.apache.cxf.configuration.jsse.TLSClientParameters; import org.apache.cxf.feature.Feature; import org.apache.cxf.feature.LoggingFeature; import org.apache.cxf.jaxrs.client.JAXRSClientFactoryBean; @@ -84,6 +85,8 @@ public class SyncopeClientFactoryBean { private boolean useCompression; + private TLSClientParameters tlsClientParameters; + private JAXRSClientFactoryBean restClientFactoryBean; protected JacksonJaxbJsonProvider defaultJsonProvider() { @@ -227,6 +230,19 @@ public class SyncopeClientFactoryBean { return useCompression; } + /** + * Sets the client TLS configuration. + * + * @param tlsClientParameters client TLS configuration + */ + public void setTlsClientParameters(final TLSClientParameters tlsClientParameters) { + this.tlsClientParameters = tlsClientParameters; + } + + public TLSClientParameters getTlsClientParameters() { + return tlsClientParameters; + } + public JAXRSClientFactoryBean getRestClientFactoryBean() { return restClientFactoryBean == null ? defaultRestClientFactoryBean() @@ -286,6 +302,7 @@ public class SyncopeClientFactoryBean { getRestClientFactoryBean(), getExceptionMapper(), handler, - useCompression); + useCompression, + tlsClientParameters); } } diff --git a/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc b/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc index 8be6ffe..71e6bc6 100644 --- a/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc +++ b/src/main/asciidoc/reference-guide/workingwithapachesyncope/restfulservices.adoc @@ -406,17 +406,21 @@ SyncopeClientFactoryBean clientFactory = new SyncopeClientFactoryBean(). ---- You might also select a specific <<domains,domain>> - other than `Master`, choose to exchange XML payloads - rather -than JSON (default), or to select -https://en.wikipedia.org/wiki/HTTP_compression[HTTP compression^] (more options in the -http://syncope.apache.org/apidocs/2.0/org/apache/syncope/client/lib/SyncopeClientFactoryBean.html[Javadoc^]): +than JSON (default), to select +https://en.wikipedia.org/wiki/HTTP_compression[HTTP compression^] or to set the +https://cxf.apache.org/javadoc/latest/org/apache/cxf/configuration/jsse/TLSClientParameters.html[TLS client configuration^] +(more options in the +http://cxf.apache.org/javadoc/latest-3.0.x/org/apache/cxf/configuration/jsse/TLSClientParameters.html[Javadoc^]): [source,java] ---- +TLSClientParameters tlsClientParameters = ...; SyncopeClientFactoryBean clientFactory = new SyncopeClientFactoryBean(). setAddress("http://localhost:9080/syncope/rest/"). setDomain("Two"). setContentType(SyncopeClientFactoryBean.ContentType.XML). - setUseCompression(true); + setUseCompression(true). + setTlsClientParameters(tlsClientParameters); ---- At this point an instance of `SyncopeClient` can be obtained by passing the login credentials via: