Apache
/
httpcomponents-client
mirror of https://github.com/apache/httpcomponents-client.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compatibility with Java 9 (tested with Oracle JDK 9.0.1); updated SSL/TLS examples

This commit is contained in:
Oleg Kalnichevski 2017-10-22 17:15:50 +02:00
parent 572a370f4b
commit d054442cdf
2 changed files with 141 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
httpclient5/src/examples/org/apache/hc/client5/http/examples/AsyncClientCustomSSL.java
View File

@ -66,7 +66,7 @@ public class AsyncClientCustomSSL {
final X509Certificate[] chain, final X509Certificate[] chain,
final String authType) throws CertificateException { final String authType) throws CertificateException {
final X509Certificate cert = chain[0]; final X509Certificate cert = chain[0];
return "CN=http2bin.org".equalsIgnoreCase(cert.getSubjectDN().getName()); return "CN=httpbin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
} }
}) })
@ -75,15 +75,8 @@ public class AsyncClientCustomSSL {
sslcontext, sslcontext,
H2TlsStrategy.getDefaultHostnameVerifier()) { H2TlsStrategy.getDefaultHostnameVerifier()) {
// IMPORTANT // IMPORTANT uncomment the following method when running Java 9 or older
// In order for HTTP/2 protocol negotiation to succeed one must allow access // in order to avoid the illegal reflective access operation warning
// to Java 9 specific properties of SSLEngine via reflection
// by adding the following line to the JVM arguments
//
// --add-opens java.base/sun.security.ssl=ALL-UNNAMED
//
// or uncomment the method below
// @Override // @Override
// protected TlsDetails createTlsDetails(final SSLEngine sslEngine) { // protected TlsDetails createTlsDetails(final SSLEngine sslEngine) {
// return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol()); // return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
@ -99,7 +92,7 @@ public class AsyncClientCustomSSL {
client.start(); client.start();
final HttpHost target = new HttpHost("http2bin.org", 443, "https"); final HttpHost target = new HttpHost("httpbin.org", 443, "https");
final String requestUri = "/"; final String requestUri = "/";
final HttpClientContext clientContext = HttpClientContext.create(); final HttpClientContext clientContext = HttpClientContext.create();

137
httpclient5/src/examples/org/apache/hc/client5/http/examples/AsyncClientTlsAlpn.java Normal file
View File

@ -0,0 +1,137 @@
/*
* ====================================================================
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.hc.client5.http.examples;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.concurrent.Future;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import org.apache.hc.client5.http.async.methods.SimpleHttpRequest;
import org.apache.hc.client5.http.async.methods.SimpleHttpResponse;
import org.apache.hc.client5.http.async.methods.SimpleRequestProducer;
import org.apache.hc.client5.http.async.methods.SimpleResponseConsumer;
import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
import org.apache.hc.client5.http.protocol.HttpClientContext;
import org.apache.hc.client5.http.ssl.H2TlsStrategy;
import org.apache.hc.core5.concurrent.FutureCallback;
import org.apache.hc.core5.http.HttpHost;
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
import org.apache.hc.core5.http2.HttpVersionPolicy;
import org.apache.hc.core5.io.ShutdownType;
import org.apache.hc.core5.ssl.SSLContexts;
import org.apache.hc.core5.ssl.TrustStrategy;
/**
* This example demonstrates how to avoid the illegal reflective access operation warning
* when running with Oracle JRE 9 or newer.
*/
public class AsyncClientTlsAlpn {
public final static void main(final String[] args) throws Exception {
// Trust standard CA and those trusted by our custom strategy
final SSLContext sslcontext = SSLContexts.custom()
.loadTrustMaterial(new TrustStrategy() {
@Override
public boolean isTrusted(
final X509Certificate[] chain,
final String authType) throws CertificateException {
final X509Certificate cert = chain[0];
return "CN=http2bin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
}
})
.build();
final TlsStrategy tlsStrategy = new H2TlsStrategy(
sslcontext,
H2TlsStrategy.getDefaultHostnameVerifier()) {
// IMPORTANT uncomment the following method when running Java 9 or older
// in order to avoid the illegal reflective access operation warning
// @Override
// protected TlsDetails createTlsDetails(final SSLEngine sslEngine) {
// return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
// }
};
final PoolingAsyncClientConnectionManager cm = PoolingAsyncClientConnectionManagerBuilder.create()
.setTlsStrategy(tlsStrategy)
.build();
try (CloseableHttpAsyncClient client = HttpAsyncClients.custom()
.setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
.setConnectionManager(cm)
.build()) {
client.start();
final HttpHost target = new HttpHost("http2bin.org", 443, "https");
final String requestUri = "/";
final HttpClientContext clientContext = HttpClientContext.create();
final SimpleHttpRequest request = SimpleHttpRequest.get(target, requestUri);
final Future<SimpleHttpResponse> future = client.execute(
SimpleRequestProducer.create(request, null),
SimpleResponseConsumer.create(),
clientContext,
new FutureCallback<SimpleHttpResponse>() {
@Override
public void completed(final SimpleHttpResponse response) {
System.out.println(requestUri + "->" + response.getCode());
System.out.println(response.getBody());
final SSLSession sslSession = clientContext.getSSLSession();
if (sslSession != null) {
System.out.println("SSL protocol " + sslSession.getProtocol());
System.out.println("SSL cipher suite " + sslSession.getCipherSuite());
}
}
@Override
public void failed(final Exception ex) {
System.out.println(requestUri + "->" + ex);
}
@Override
public void cancelled() {
System.out.println(requestUri + " cancelled");
}
});
future.get();
System.out.println("Shutting down");
client.shutdown(ShutdownType.GRACEFUL);
}
}
}