Repository: cxf Updated Branches: refs/heads/master 95bfefb65 -> 2f4c97ffa
[CXF-5652]: enhanced HttpsConnectionFactory to check JVM properties in order to initialize key managers, if they are not specified explicitly Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2f4c97ff Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2f4c97ff Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2f4c97ff Branch: refs/heads/master Commit: 2f4c97ffa5679ad6f9a80a0f210b6e990a90bbea Parents: 95bfefb Author: Andrei Shakirin <andrei.shaki...@gmail.com> Authored: Mon Jul 21 13:05:36 2014 +0200 Committer: Andrei Shakirin <andrei.shaki...@gmail.com> Committed: Mon Jul 21 13:05:36 2014 +0200 ---------------------------------------------------------------------- .../apache/cxf/configuration/jsse/SSLUtils.java | 29 ++++++++++++++++++++ .../https/HttpsURLConnectionFactory.java | 4 +++ 2 files changed, 33 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/2f4c97ff/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java ---------------------------------------------------------------------- diff --git a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java index aaa58f3..07f7485 100644 --- a/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java +++ b/core/src/main/java/org/apache/cxf/configuration/jsse/SSLUtils.java @@ -144,6 +144,35 @@ public final class SSLUtils { return keystoreManagers; } + public static KeyManager[] getDefaultKeyStoreManagers(Logger log) { + String location = getKeystore(null, log); + String keyStorePassword = getKeystorePassword(null, log); + String keyPassword = getKeyPassword(null, log); + FileInputStream fis = null; + + try { + KeyManagerFactory kmf = + KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); + KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); + + fis = new FileInputStream(location); + ks.load(fis, (keyStorePassword != null) ? keyStorePassword.toCharArray() : null); + kmf.init(ks, (keyPassword != null) ? keyPassword.toCharArray() : null); + return kmf.getKeyManagers(); + } catch (Exception e) { + log.warning("Default key managers cannot be initialized: " + e.getMessage()); + return null; + } finally { + if (fis != null) { + try { + fis.close(); + } catch (IOException e) { + log.warning("Keystore stream cannot be closed: " + e.getMessage()); + } + } + } + } + public static KeyManager[] loadKeyStore(KeyManagerFactory kmf, KeyStore ks, ByteArrayInputStream bin, http://git-wip-us.apache.org/repos/asf/cxf/blob/2f4c97ff/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java ---------------------------------------------------------------------- diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java index 56637ee..5b0f025 100644 --- a/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java +++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java @@ -164,6 +164,10 @@ public class HttpsURLConnectionFactory { if (tlsClientParameters.getCertAlias() != null) { getKeyManagersWithCertAlias(tlsClientParameters, keyManagers); } + + if (keyManagers == null) { + keyManagers = SSLUtils.getDefaultKeyStoreManagers(LOG); + } ctx.init(keyManagers, tlsClientParameters.getTrustManagers(), tlsClientParameters.getSecureRandom());
