1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.openehealth.ipf.commons.ihe.ws;
18
19 import org.apache.cxf.configuration.jsse.TLSClientParameters;
20 import org.apache.cxf.configuration.security.AuthorizationPolicy;
21 import org.apache.cxf.transport.http.HTTPConduit;
22 import org.openehealth.ipf.commons.ihe.core.SecurityInformation;
23
24 import javax.net.ssl.HostnameVerifier;
25 import javax.net.ssl.SSLContext;
26
27
28
29
30 public class WsSecurityInformation extends SecurityInformation {
31
32 public WsSecurityInformation(boolean secure, SSLContext sslContext, HostnameVerifier hostnameVerifier, String username, String password) {
33 super(secure, sslContext, hostnameVerifier, username, password);
34 }
35
36 protected void configureHttpConduit(HTTPConduit httpConduit) {
37 if (isSecure()) {
38 TLSClientParameters tlsClientParameters = httpConduit.getTlsClientParameters();
39
40
41
42 if (tlsClientParameters == null) {
43 tlsClientParameters = new TLSClientParameters();
44 maybeUpdateSslContext(tlsClientParameters, true);
45 } else {
46 maybeUpdateSslContext(tlsClientParameters, false);
47 }
48 if (getHostnameVerifier() != null) {
49 tlsClientParameters.setHostnameVerifier(getHostnameVerifier());
50 }
51 httpConduit.setTlsClientParameters(tlsClientParameters);
52 }
53 if (getUsername() != null) {
54 AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
55 authorizationPolicy.setUserName(getUsername());
56 authorizationPolicy.setPassword(getPassword());
57 httpConduit.setAuthorization(authorizationPolicy);
58 }
59 }
60
61 private void maybeUpdateSslContext(TLSClientParameters tlsClientParameters, boolean useDefaultSocketFactory) {
62 if (getSslContext() == null) {
63 if (useDefaultSocketFactory) {
64 tlsClientParameters.setUseHttpsURLConnectionDefaultSslSocketFactory(true);
65 }
66 } else {
67 tlsClientParameters.setSSLSocketFactory(getSslContext().getSocketFactory());
68 }
69 }
70 }