Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
Spoke too soon. It should look something like this: -- View this message in context: http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922p5768073.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
I think I finally have it working. Not certain it's the ideal solution. But
it works and it took me a long time navigating through the debugger to
figure things out.
My route definition was then
from("direct:start").transform(simple("FRED")).to("https4://172.30.228.23:8444/InformaCast/RESTServices/V1/Admin/System/ldap/isLdapConfigured?*sslContextParameters=mydumbtrustmanager*");
The key is the implementation of X509TrustManager and when overriding the
methods just make certain they don't throw the CertificateException.
--
View this message in context:
http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922p5768072.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
My class that implements HttpClientConfigurer now looks like this from your suggestions: and it still doesn't work. My createRegistry() looks like this: @Override I added a jndi.properties file that looks like this: My uri now looks like this https4://172.30.228.23:8444/InformaCast/RESTServices/V1/Admin/System/ldap/isLdapConfigured?x509HostnameVerifier=*allHostnameVerifier*&httpClientConfigurer=*monteTrustingConfigurer* So I thought I now have all of my ducks in a row. But my sslContext created in configureHttpClient() still isn't calling my isTrusted() method. There must be something I'm still missing for the HttpComponent that isn't matching the uri arguments for x509HostnameVerifier and httpClientConfigurer to my registry. I've done a deep dive into the source code of HttpComponent.java with a debugger. when coming out of createEndpoint() in the source code the endpoint variable appears to at least partially be configured correctly. endpoint.endpointUri="https4://172.30.228.23:8444/InformaCast/RESTServices/V1/Admin/System/ldap/isLdapConfigured?httpClientConfigurer=monteTrustingConfigurer&x509HostnameVerifier=allHostnameVerifier" endpoint.httpClientConfigurer is set to an instance of my class that implements the above configureHttpClient(), TrustingHttpClientConfigurer. endpoint.*component*.httpClientConfigurer is null (which might be OK if it's only used as the default) endpoint.*component*.x509HostnameVerifier is set to BROWSER_COMPATIBLE (this isn't what I want, but again, may just be a default). But I don't see my override value org.apache.http.conn.ssl.AllowAllHostnameVerifier() Now looking at endpoint.camelContext.registry endpoint.camelContext.registry.context.delegate.defaultInitCtx.bindings.0 monteTrustingConfigurer = instance of TrustingHttpClientConfigurer endpoint.camelContext.registry.context.delegate.defaultInitCtx.bindings.1 java.naming.factory.initial = org.apache.camel.util.jndi.CamelInitialContextFactory endpoint.camelContext.registry.context.delegate.defaultInitCtx.bindings.2 allHostnameVerifier = ALLOW_ALL Does anyone see what other little nuggets of knowledge I'm missing? -- View this message in context: http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922p5768038.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
I just checked the code of your HttpClientconfigurer, you didn’t set the
httpClientBuilder with the SSLConnectionSocketFactory instance that you just
created.
--
Willem Jiang
Red Hat, Inc.
Web: http://www.redhat.com
Blog: http://willemjiang.blogspot.com (English)
http://jnn.iteye.com (Chinese)
Twitter: willemjiang
Weibo: 姜宁willem
On June 6, 2015 at 5:48:31 AM, jspyeatt (john.pye...@singlewire.com) wrote:
> Like several similar posts I've seen I need to allow self-signed certs for
> https4 (2.15.2). Mine isn't working.
>
> I've created an implementation of HttpClientConfigurer that allows any
> host/cert. Below is the implementation of configureHttpClient().
>
> @Override
> public void configureHttpClient(HttpClientBuilder httpClientBuilder) {
> log.debug("configureHttpClient()");
> try {
> SSLContextBuilder builder = new SSLContextBuilder();
> builder.loadTrustMaterial(null, new TrustSelfSignedStrategy() {
> @Override
> * public boolean isTrusted(X509Certificate[] a, String b)
> throws CertificateException {
> log.debug("isTrusted() returns true");
> return true;
> }*
> });
>
> SSLContext sslContext = builder.build();
>
> SSLConnectionSocketFactory sslsf = new
> SSLConnectionSocketFactory(sslContext, new
> TrustEverythingHostnameVerifier());
> } catch (Exception e) {
> log.error(e,e);
> throw new IllegalStateException("Unable to configure
> TrustingHttpClientConfigurer", e);
> }
> }
>
>
> Then in an implementation of CameltestSupport I've overridden
> createRegistry().
> @Override
> protected JndiRegistry createRegistry() throws Exception {
> JndiRegistry jndi = super.createRegistry();
> log.info("createRegistry()");
>
> *jndi.bind("MyConfigurer", new TrustingHttpClientConfigurer());*
> Object o =
> jndi.lookup(TrustingHttpClientConfigurer.HTTP_CLIENT_CONFIGURER);
> log.debug("object type: " + o.getClass().getCanonicalName());
> return jndi;
> }
>
> Then in my createRouteBuilder() it contains...
>
> return new RouteBuilder() {
> public void configure() {
>
> log.debug("CONFIGURE");
> *
> HttpComponent httpComponent = context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new
> TrustingHttpClientConfigurer());
>
> log.info("CCC " +
> context.getRegistry().lookupByName("MyConfigurer"));
>
> from("direct:start").transform(simple("FRED")).to("https4://172.30.253.94:8444/services?httpClientConfigurer=#MyConfigurer";*
>
> }
> };
>
> public void testSimple() throws Exception {
> HttpComponent comp =
> template.getCamelContext().getComponent("https4", HttpComponent.class);
> * log.info("DDD " +
> comp.getHttpClientConfigurer().getClass().getCanonicalName());*
> template.sendBody("direct:start", "FRED");
>
> }
>
> When the test runs I do get
> *DDD com.singlewire.monte.eh.config.TrustingHttpClientConfigurer* which is
> what I would expect.
>
> However test is failing with the obligatory
> javax.net.ssl.SSLHandshakeException. This is what I would expect given that
> the component isn't calling my version of isTrusted(X509Certificate[] a,
> String b) created during TrustingHttpClientConfigurer.configureHttpClient().
> I know this because I never see the debug message indicating that it was
> called.
>
>
> So it's as if during execution of my route the configurator is being
> ignored.
>
> I've tried ?httpClientConfigurer=#MyConfigurer
> I've tried ?httpClientConfigurer=MyConfigurer
>
> I've tried forcing things like this.
> HttpComponent httpComponent = context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new TrustingHttpClientConfigurer());
>
> Nothing seems to work. Any guidance would be greatly appreciated.
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922.html
>
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
It looks like you are not setting the httpClientBuilder argument with your ssl configuration. Can you have a relook at the method configureHttpClient you have overridden ? -- View this message in context: http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922p5767993.html Sent from the Camel - Users mailing list archive at Nabble.com.
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
This still isn't working. It is as though it isn't recognizing my registry
during runtime.
In my unit test I've overrided createRegistry() because I'm not using spring
as your example solution does.
@Override
protected JndiRegistry createRegistry() throws Exception {
JndiRegistry jndi = super.createRegistry();
log.info("createRegistry()");
*jndi.bind("allHostname", new
org.apache.http.conn.ssl.AllowAllHostnameVerifier());*
return jndi;
}
Then it doesn't appear that the allHostname object is available during the
test in http4://.
Do you have any ideas why my object isn't available during runtime?
My jndi.properties file looks like this:
java.naming.factory.initial =
org.apache.camel.util.jndi.CamelInitialContextFactory
--
View this message in context:
http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922p5767991.html
Sent from the Camel - Users mailing list archive at Nabble.com.
Re: https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
To do this, I just declare a bean like this:
try {
> SSLContextBuilder builder = new SSLContextBuilder();
> builder.loadTrustMaterial(null, new TrustSelfSignedStrategy() {
> @Override
> *public boolean isTrusted(X509Certificate[] a, String b)
> throws CertificateException {
> log.debug("isTrusted() returns true");
> return true;
> }*
> });
>
> SSLContext sslContext = builder.build();
>
> SSLConnectionSocketFactory sslsf = new
> SSLConnectionSocketFactory(sslContext, new
> TrustEverythingHostnameVerifier());
> } catch (Exception e) {
> log.error(e,e);
> throw new IllegalStateException("Unable to configure
> TrustingHttpClientConfigurer", e);
> }
> }
>
>
> Then in an implementation of CameltestSupport I've overridden
> createRegistry().
> @Override
> protected JndiRegistry createRegistry() throws Exception {
> JndiRegistry jndi = super.createRegistry();
> log.info("createRegistry()");
>
> *jndi.bind("MyConfigurer", new TrustingHttpClientConfigurer());*
> Object o =
> jndi.lookup(TrustingHttpClientConfigurer.HTTP_CLIENT_CONFIGURER);
> log.debug("object type: " + o.getClass().getCanonicalName());
> return jndi;
> }
>
> Then in my createRouteBuilder() it contains...
>
> return new RouteBuilder() {
> public void configure() {
>
> log.debug("CONFIGURE");
> *
> HttpComponent httpComponent =
> context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new
> TrustingHttpClientConfigurer());
>
> log.info("CCC " +
> context.getRegistry().lookupByName("MyConfigurer"));
>
> from("direct:start").transform(simple("FRED")).to("https4://
> 172.30.253.94:8444/services?httpClientConfigurer=#MyConfigurer";*
> }
> };
>
> public void testSimple() throws Exception {
> HttpComponent comp =
> template.getCamelContext().getComponent("https4", HttpComponent.class);
> *log.info("DDD " +
> comp.getHttpClientConfigurer().getClass().getCanonicalName());*
> template.sendBody("direct:start", "FRED");
>
> }
>
> When the test runs I do get
> *DDD com.singlewire.monte.eh.config.TrustingHttpClientConfigurer* which is
> what I would expect.
>
> However test is failing with the obligatory
> javax.net.ssl.SSLHandshakeException. This is what I would expect given that
> the component isn't calling my version of isTrusted(X509Certificate[] a,
> String b) created during
> TrustingHttpClientConfigurer.configureHttpClient().
> I know this because I never see the debug message indicating that it was
> called.
>
>
> So it's as if during execution of my route the configurator is being
> ignored.
>
> I've tried ?httpClientConfigurer=#MyConfigurer
> I've tried ?httpClientConfigurer=MyConfigurer
>
> I've tried forcing things like this.
> HttpComponent httpComponent = context.getComponent("https4",
> HttpComponent.class);
> httpComponent.setHttpClientConfigurer(new TrustingHttpClientConfigurer());
>
> Nothing seems to work. Any guidance would be greatly appreciated.
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>
https4 2.15.2 not recognizing my httpClientConfigurer endpoint option
Like several similar posts I've seen I need to allow self-signed certs for
https4 (2.15.2). Mine isn't working.
I've created an implementation of HttpClientConfigurer that allows any
host/cert. Below is the implementation of configureHttpClient().
@Override
public void configureHttpClient(HttpClientBuilder httpClientBuilder) {
log.debug("configureHttpClient()");
try {
SSLContextBuilder builder = new SSLContextBuilder();
builder.loadTrustMaterial(null, new TrustSelfSignedStrategy() {
@Override
*public boolean isTrusted(X509Certificate[] a, String b)
throws CertificateException {
log.debug("isTrusted() returns true");
return true;
}*
});
SSLContext sslContext = builder.build();
SSLConnectionSocketFactory sslsf = new
SSLConnectionSocketFactory(sslContext, new
TrustEverythingHostnameVerifier());
} catch (Exception e) {
log.error(e,e);
throw new IllegalStateException("Unable to configure
TrustingHttpClientConfigurer", e);
}
}
Then in an implementation of CameltestSupport I've overridden
createRegistry().
@Override
protected JndiRegistry createRegistry() throws Exception {
JndiRegistry jndi = super.createRegistry();
log.info("createRegistry()");
*jndi.bind("MyConfigurer", new TrustingHttpClientConfigurer());*
Object o =
jndi.lookup(TrustingHttpClientConfigurer.HTTP_CLIENT_CONFIGURER);
log.debug("object type: " + o.getClass().getCanonicalName());
return jndi;
}
Then in my createRouteBuilder() it contains...
return new RouteBuilder() {
public void configure() {
log.debug("CONFIGURE");
*
HttpComponent httpComponent = context.getComponent("https4",
HttpComponent.class);
httpComponent.setHttpClientConfigurer(new
TrustingHttpClientConfigurer());
log.info("CCC " +
context.getRegistry().lookupByName("MyConfigurer"));
from("direct:start").transform(simple("FRED")).to("https4://172.30.253.94:8444/services?httpClientConfigurer=#MyConfigurer";*
}
};
public void testSimple() throws Exception {
HttpComponent comp =
template.getCamelContext().getComponent("https4", HttpComponent.class);
*log.info("DDD " +
comp.getHttpClientConfigurer().getClass().getCanonicalName());*
template.sendBody("direct:start", "FRED");
}
When the test runs I do get
*DDD com.singlewire.monte.eh.config.TrustingHttpClientConfigurer* which is
what I would expect.
However test is failing with the obligatory
javax.net.ssl.SSLHandshakeException. This is what I would expect given that
the component isn't calling my version of isTrusted(X509Certificate[] a,
String b) created during TrustingHttpClientConfigurer.configureHttpClient().
I know this because I never see the debug message indicating that it was
called.
So it's as if during execution of my route the configurator is being
ignored.
I've tried ?httpClientConfigurer=#MyConfigurer
I've tried ?httpClientConfigurer=MyConfigurer
I've tried forcing things like this.
HttpComponent httpComponent = context.getComponent("https4",
HttpComponent.class);
httpComponent.setHttpClientConfigurer(new TrustingHttpClientConfigurer());
Nothing seems to work. Any guidance would be greatly appreciated.
--
View this message in context:
http://camel.465427.n5.nabble.com/https4-2-15-2-not-recognizing-my-httpClientConfigurer-endpoint-option-tp5767922.html
Sent from the Camel - Users mailing list archive at Nabble.com.
