diff --git a/build.gradle b/build.gradle
index 8f1b091..523f42f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -61,7 +61,7 @@ subprojects {
apply plugin: 'jacoco'
apply plugin: 'com.github.kt3k.coveralls'
// apply plugin: 'license'
- version = '1.2.2'
+ version = '1.2.3-SNAPSHOT'
group = 'org.frontcache'
// upload binaries to Maven repository. $mavenLocalRepo (defined in gradle.properties)
@@ -143,8 +143,8 @@ project(':frontcache-core') {
provided 'javax.servlet:javax.servlet-api:3.1.0'
provided 'javax.servlet.jsp:jsp-api:2.0'
- compile 'com.fasterxml.jackson.core:jackson-databind:2.8.11.1'
- compile 'com.fasterxml.jackson.core:jackson-annotations:2.7.5'
+ compile 'com.fasterxml.jackson.core:jackson-databind:2.9.9'
+ compile 'com.fasterxml.jackson.core:jackson-annotations:2.9.9'
compile 'org.apache.httpcomponents:httpclient:4.5.1'
compile 'commons-io:commons-io:2.4'
compile 'ch.qos.logback:logback-classic:1.1.3'
diff --git a/frontcache-agent/pom.xml b/frontcache-agent/pom.xml
index 05e1afa..0cd2f09 100644
--- a/frontcache-agent/pom.xml
+++ b/frontcache-agent/pom.xml
@@ -1,58 +1,58 @@
-
- 4.0.0
-
-
- org.frontcache
- frontcache
- 1.2.2
+
+ 4.0.0
+
+
+ org.frontcache
+ frontcache
+ 1.2.3-SNAPSHOT
../pom.xml
-
-
- frontcache-agent
-
-
-
- org.apache.httpcomponents
- httpclient
- 4.5.1
-
+
+
+ frontcache-agent
+
+
+
+ org.apache.httpcomponents
+ httpclient
+ 4.5.1
+
-
-
-
- src/main/java
-
- **/**
+
+
+
+ src/main/java
+
+ **/**
true
**/*.java
-
-
-
- src/main/resources
-
- **/**
-
-
+
+
+
+ src/main/resources
+
+ **/**
+
+
-
- src/test/java
-
- **/**
-
-
-
- src/test/resources
-
- **/**
-
+
+ src/test/java
+
+ **/**
+
+
+
+ src/test/resources
+
+ **/**
+
-
+
\ No newline at end of file
diff --git a/frontcache-agent/src/main/java/org/frontcache/agent/FrontCacheAgent.java b/frontcache-agent/src/main/java/org/frontcache/agent/FrontCacheAgent.java
index 4d899b4..d24d702 100644
--- a/frontcache-agent/src/main/java/org/frontcache/agent/FrontCacheAgent.java
+++ b/frontcache-agent/src/main/java/org/frontcache/agent/FrontCacheAgent.java
@@ -19,9 +19,12 @@
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
+import javax.net.ssl.SSLContext;
+
import org.apache.http.HeaderElement;
import org.apache.http.HeaderElementIterator;
import org.apache.http.HttpRequest;
@@ -36,15 +39,20 @@
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.conn.ConnectionKeepAliveStrategy;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicHeaderElementIterator;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
+import org.apache.http.ssl.TrustStrategy;
+
public class FrontCacheAgent {
+
private String frontCacheURL;
private String frontCacheURI;
@@ -82,6 +90,20 @@ public long getKeepAliveDuration(HttpResponse response, HttpContext context) {
}
};
+
+ TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
+
+ SSLContext sslContext = null;
+ try {
+ sslContext = org.apache.http.ssl.SSLContexts.custom()
+ .loadTrustMaterial(null, acceptingTrustStrategy)
+ .build();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+
+ SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
+
client = HttpClients.custom()
.setDefaultRequestConfig(requestConfig)
.setRetryHandler(new DefaultHttpRequestRetryHandler(0, false))
@@ -97,6 +119,8 @@ public HttpUriRequest getRedirect(HttpRequest request, HttpResponse response, Ht
return null;
}
})
+ .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+ .setSSLSocketFactory(csf)
.build();
this.frontCacheURL = frontcacheURL;
diff --git a/frontcache-core/pom.xml b/frontcache-core/pom.xml
index bb905d3..ebe77bf 100644
--- a/frontcache-core/pom.xml
+++ b/frontcache-core/pom.xml
@@ -5,7 +5,7 @@
org.frontcache
frontcache
- 1.2.2
+ 1.2.3-SNAPSHOT
../pom.xml
@@ -27,12 +27,12 @@
com.fasterxml.jackson.core
jackson-databind
- 2.8.11.1
+ 2.9.9
com.fasterxml.jackson.core
jackson-annotations
- 2.7.5
+ 2.9.9
org.apache.httpcomponents
diff --git a/frontcache-core/src/main/java/org/frontcache/FrontCacheEngine.java b/frontcache-core/src/main/java/org/frontcache/FrontCacheEngine.java
index 4398ca4..851ae7c 100644
--- a/frontcache-core/src/main/java/org/frontcache/FrontCacheEngine.java
+++ b/frontcache-core/src/main/java/org/frontcache/FrontCacheEngine.java
@@ -22,6 +22,13 @@
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
@@ -31,6 +38,12 @@
import java.util.concurrent.ConcurrentHashMap;
import java.util.regex.Pattern;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -45,7 +58,13 @@
import org.apache.http.client.config.CookieSpecs;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpUriRequest;
+import org.apache.http.config.Registry;
+import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.ConnectionKeepAliveStrategy;
+import org.apache.http.conn.socket.ConnectionSocketFactory;
+import org.apache.http.conn.socket.PlainConnectionSocketFactory;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClients;
@@ -54,6 +73,7 @@
import org.apache.http.pool.PoolStats;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
+import org.apache.http.ssl.TrustStrategy;
import org.frontcache.cache.CacheManager;
import org.frontcache.cache.CacheProcessor;
import org.frontcache.core.DomainContext;
@@ -73,7 +93,7 @@
public class FrontCacheEngine {
-
+
private Map domainConfigMap = new ConcurrentHashMap(); //
private String frontcacheHttpPort = null;
@@ -370,51 +390,56 @@ public long getKeepAliveDuration(HttpResponse response, HttpContext context) {
return 10 * 1000;
}
};
-
- return HttpClients.custom()
- .setConnectionManager(newConnectionManager())
- .setDefaultRequestConfig(requestConfig)
-// .setSSLHostnameVerifier(new NoopHostnameVerifier()) // for SSL do not verify certificate's host
- .setRetryHandler(new DefaultHttpRequestRetryHandler(0, false))
- .setKeepAliveStrategy(keepAliveStrategy)
- .setRedirectStrategy(new RedirectStrategy() {
- @Override
- public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException {
- return false;
- }
- @Override
- public HttpUriRequest getRedirect(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException {
- return null;
- }
- })
- .build();
+
+ return HttpClients.custom()
+ .setConnectionManager(newConnectionManager())
+ .setDefaultRequestConfig(requestConfig)
+ .setRetryHandler(new DefaultHttpRequestRetryHandler(0, false))
+ .setKeepAliveStrategy(keepAliveStrategy)
+ .setRedirectStrategy(new RedirectStrategy() {
+ @Override
+ public boolean isRedirected(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException {
+ return false;
+ }
+
+ @Override
+ public HttpUriRequest getRedirect(HttpRequest request, HttpResponse response, HttpContext context) throws ProtocolException {
+ return null;
+ }
+ })
+ .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+ .build();
}
private PoolingHttpClientConnectionManager newConnectionManager() {
- try {
-// KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
-// trustStore.load(new FileInputStream(keyStorePath), keyStorePassword.toCharArray());
-
-// MySSLSocketFactory sf = new MySSLSocketFactory(trustStore);
-// sf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
-
-
-// final Registry registry = RegistryBuilder.create()
-// .register("http", PlainConnectionSocketFactory.INSTANCE)
-// .register("https", sf)
-// .build();
-
-// connectionManager = new PoolingHttpClientConnectionManager(registry);
- connectionManager = new PoolingHttpClientConnectionManager();
-
- connectionManager.setMaxTotal(fcConnectionsMaxTotal);
- connectionManager.setDefaultMaxPerRoute(fcConnectionsMaxPerRoute);
-
- return connectionManager;
- } catch (Exception ex) {
- throw new RuntimeException(ex);
- }
+
+ if (connectionManager == null){
+
+ try {
+
+ TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
+
+ SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom().loadTrustMaterial(null, acceptingTrustStrategy).build();
+
+ SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
+
+ final Registry registry = RegistryBuilder.create()
+ .register("http", PlainConnectionSocketFactory.INSTANCE)
+ .register("https", csf)
+ .build();
+
+ connectionManager = new PoolingHttpClientConnectionManager(registry);
+
+ connectionManager.setMaxTotal(fcConnectionsMaxTotal);
+ connectionManager.setDefaultMaxPerRoute(fcConnectionsMaxPerRoute);
+
+ } catch (Exception ex) {
+ throw new RuntimeException(ex);
+ }
+ }
+
+ return connectionManager;
}
/**
diff --git a/frontcache-core/src/main/java/org/frontcache/client/FrontCacheClient.java b/frontcache-core/src/main/java/org/frontcache/client/FrontCacheClient.java
index 89bbebc..2aaa39a 100644
--- a/frontcache-core/src/main/java/org/frontcache/client/FrontCacheClient.java
+++ b/frontcache-core/src/main/java/org/frontcache/client/FrontCacheClient.java
@@ -21,11 +21,14 @@
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
+import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import javax.net.ssl.SSLContext;
+
import org.apache.http.HeaderElement;
import org.apache.http.HeaderElementIterator;
import org.apache.http.HttpRequest;
@@ -40,12 +43,15 @@
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.conn.ConnectionKeepAliveStrategy;
+import org.apache.http.conn.ssl.NoopHostnameVerifier;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicHeaderElementIterator;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
+import org.apache.http.ssl.TrustStrategy;
import org.frontcache.core.FCHeaders;
import org.frontcache.core.WebResponse;
import org.frontcache.hystrix.fr.FallbackConfigEntry;
@@ -61,6 +67,7 @@
import com.fasterxml.jackson.databind.ObjectMapper;
public class FrontCacheClient {
+
private String frontCacheURL;
@@ -104,6 +111,20 @@ public long getKeepAliveDuration(HttpResponse response, HttpContext context) {
}
};
+ TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
+
+ SSLContext sslContext = null;
+ try {
+ sslContext = org.apache.http.ssl.SSLContexts.custom()
+ .loadTrustMaterial(null, acceptingTrustStrategy)
+ .build();
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+ SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
+
client = HttpClients.custom()
.setDefaultRequestConfig(requestConfig)
.setRetryHandler(new DefaultHttpRequestRetryHandler(0, false))
@@ -119,6 +140,8 @@ public HttpUriRequest getRedirect(HttpRequest request, HttpResponse response, Ht
return null;
}
})
+ .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
+ .setSSLSocketFactory(csf)
.build();
this.frontCacheURL = frontcacheURL;
diff --git a/pom.xml b/pom.xml
index 882c910..b7f1f04 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
4.0.0
org.frontcache
frontcache
- 1.2.2
+ 1.2.3-SNAPSHOT
pom
${project.groupId}:${project.artifactId}