View Javadoc
1   /*
2    * Copyright 2016 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *       http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.openehealth.ipf.commons.ihe.ws;
18  
19  import org.apache.cxf.configuration.jsse.TLSClientParameters;
20  import org.apache.cxf.configuration.security.AuthorizationPolicy;
21  import org.apache.cxf.transport.http.HTTPConduit;
22  import org.openehealth.ipf.commons.ihe.core.SecurityInformation;
23  
24  import javax.net.ssl.HostnameVerifier;
25  import javax.net.ssl.SSLContext;
26  
27  /**
28   *
29   */
30  public class WsSecurityInformation extends SecurityInformation {
31  
32      public WsSecurityInformation(boolean secure, SSLContext sslContext, HostnameVerifier hostnameVerifier, String username, String password) {
33          super(secure, sslContext, hostnameVerifier, username, password);
34      }
35  
36      protected void configureHttpConduit(HTTPConduit httpConduit) {
37          if (isSecure()) {
38              TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
39  
40              // If no TLSClientParameters are configured and no custom SslContext is configured, we use the system default
41              // otherwise we overwrite TLSClientParameters if a custom SslContext is configured
42              if (tlsClientParameters == null) {
43                  tlsClientParameters = new TLSClientParameters();
44                  maybeUpdateSslContext(tlsClientParameters, true);
45              } else {
46                  maybeUpdateSslContext(tlsClientParameters, false);
47              }
48              if (getHostnameVerifier() != null) {
49                  tlsClientParameters.setHostnameVerifier(getHostnameVerifier());
50              }
51              httpConduit.setTlsClientParameters(tlsClientParameters);
52          }
53          if (getUsername() != null) {
54              AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
55              authorizationPolicy.setUserName(getUsername());
56              authorizationPolicy.setPassword(getPassword());
57              httpConduit.setAuthorization(authorizationPolicy);
58          }
59      }
60  
61      private void maybeUpdateSslContext(TLSClientParameters tlsClientParameters, boolean useDefaultSocketFactory) {
62          if (getSslContext() == null) {
63              if (useDefaultSocketFactory) {
64                  tlsClientParameters.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
65              }
66          } else {
67              tlsClientParameters.setSSLSocketFactory(getSslContext().getSocketFactory());
68          }
69      }
70  }