Re: Trying to use HttpClient in lieu of HttpsUrlConnection

2018-02-12 Thread Bindul Bhowmik 
On Mon, Feb 12, 2018 at 6:48 PM, Murat Cetin  wrote:
> Hi,
>
> I am having issues with the keep-alive in HttpsUrlConnection in some legacy
> code and considering the HttpClient as an alternative.
>
> My question is, essentially, I have a URLCursor class definition as follows:
>
>public URLCursor(String[] urls, ClientMetadata clientMetadata) {
> this.urls = urls;
> this.urlIdx = 0;
> this.clientMetadata = clientMetadata;
> // Custom trust manager to ignore certification
> TrustManager[] customTrustManager = new TrustManager[]{
> new X509TrustManager() {
> public X509Certificate[] getAcceptedIssuers() {
> return null;
> }
> public void checkClientTrusted(X509Certificate[]
> certs, String authType) {
> }
> public void checkServerTrusted(X509Certificate[]
> certs, String authType) {
> }
> }
> };
> // Custom host verifier to accept all hosts.
> HostnameVerifier allHostsValid = new HostnameVerifier() {
> public boolean verify(String hostname, SSLSession session) {
> return true;
> }
> };
>
> // Setup custom SSL trust manager that ignores SSL certificate
> validation =
> try {
> SSLContext sc = SSLContext.getInstance("SSL");
> sc.init(null, customTrustManager, new 
> java.security.SecureRandom());
> 
> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
> HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
> } catch (Exception e) {
> System.err.println("Error: Failed to establish https with
> no cert verification");
> }
> }
>
> I have a subsequent next() method that essentially creates a new URL, opens
> a http connection using url.openConnection(), gets a BufferedReader from
> the input stream and then reads lines out of this stream
>
> How can I achieve the same using HttpClient, especially the constructor
> logic that ignores the certification?

Murat,

>From what I see, what you are doing is disabling hostname and SSL
certificate verification. You can achieve both using a
NoopHostnameVerifier and a TrustAllStrategy for certificates.

You can initialize your HttpClient something like:

SSLContext sslContext = SSLContexts.custom().loadTrustMaterial( new
TrustAllStrategy() ).build();
CloseableHttpClient httpClient =
HttpClients.custom().setSSLHostnameVerifier(
NoopHostnameVerifier.INSTANCE ).setSSLContext( sslContext ).build();

Depending on your use case, unless you are running requests across
multiple threads, you should be able to share the http client instance
created for all your requests.

Disclaimer: it is not a good idea to have any of those verifications
turned off in production.

Bindul

>
> thanks,
> Murat
>

-
To unsubscribe, e-mail: httpclient-users-unsubscr...@hc.apache.org
For additional commands, e-mail: httpclient-users-h...@hc.apache.org

Trying to use HttpClient in lieu of HttpsUrlConnection

2018-02-12 Thread Murat Cetin 
Hi,

I am having issues with the keep-alive in HttpsUrlConnection in some legacy
code and considering the HttpClient as an alternative.

My question is, essentially, I have a URLCursor class definition as follows:

   public URLCursor(String[] urls, ClientMetadata clientMetadata) {
this.urls = urls;
this.urlIdx = 0;
this.clientMetadata = clientMetadata;
// Custom trust manager to ignore certification
TrustManager[] customTrustManager = new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public void checkClientTrusted(X509Certificate[]
certs, String authType) {
}
public void checkServerTrusted(X509Certificate[]
certs, String authType) {
}
}
};
// Custom host verifier to accept all hosts.
HostnameVerifier allHostsValid = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};

// Setup custom SSL trust manager that ignores SSL certificate
validation =
try {
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, customTrustManager, new java.security.SecureRandom());

HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier(allHostsValid);
} catch (Exception e) {
System.err.println("Error: Failed to establish https with
no cert verification");
}
}

I have a subsequent next() method that essentially creates a new URL, opens
a http connection using url.openConnection(), gets a BufferedReader from
the input stream and then reads lines out of this stream

How can I achieve the same using HttpClient, especially the constructor
logic that ignores the certification?

thanks,
Murat
​