Compatibility with Java 9 (tested with Oracle JDK 9.0.1); updated SSL/TLS examples
This commit is contained in:
Oleg Kalnichevski
parent
572a370f4b
commit
d054442cdf
|
|
@ -66,7 +66,7 @@ public class AsyncClientCustomSSL {
|
|||
final X509Certificate[] chain,
|
||||
final String authType) throws CertificateException {
|
||||
final X509Certificate cert = chain[0];
|
||||
return "CN=http2bin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
|
||||
return "CN=httpbin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
|
||||
}
|
||||
|
||||
})
|
||||
|
|
@ -75,15 +75,8 @@ public class AsyncClientCustomSSL {
|
|||
sslcontext,
|
||||
H2TlsStrategy.getDefaultHostnameVerifier()) {
|
||||
|
||||
// IMPORTANT
|
||||
// In order for HTTP/2 protocol negotiation to succeed one must allow access
|
||||
// to Java 9 specific properties of SSLEngine via reflection
|
||||
// by adding the following line to the JVM arguments
|
||||
//
|
||||
// --add-opens java.base/sun.security.ssl=ALL-UNNAMED
|
||||
//
|
||||
// or uncomment the method below
|
||||
|
||||
// IMPORTANT uncomment the following method when running Java 9 or older
|
||||
// in order to avoid the illegal reflective access operation warning
|
||||
// @Override
|
||||
// protected TlsDetails createTlsDetails(final SSLEngine sslEngine) {
|
||||
// return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
|
||||
|
|
@ -99,7 +92,7 @@ public class AsyncClientCustomSSL {
|
|||
|
||||
client.start();
|
||||
|
||||
final HttpHost target = new HttpHost("http2bin.org", 443, "https");
|
||||
final HttpHost target = new HttpHost("httpbin.org", 443, "https");
|
||||
final String requestUri = "/";
|
||||
final HttpClientContext clientContext = HttpClientContext.create();
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,137 @@
|
|||
/*
|
||||
* ====================================================================
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
* ====================================================================
|
||||
*
|
||||
* This software consists of voluntary contributions made by many
|
||||
* individuals on behalf of the Apache Software Foundation. For more
|
||||
* information on the Apache Software Foundation, please see
|
||||
* <http://www.apache.org/>.
|
||||
*
|
||||
*/
|
||||
package org.apache.hc.client5.http.examples;
|
||||
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.util.concurrent.Future;
|
||||
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.SSLSession;
|
||||
|
||||
import org.apache.hc.client5.http.async.methods.SimpleHttpRequest;
|
||||
import org.apache.hc.client5.http.async.methods.SimpleHttpResponse;
|
||||
import org.apache.hc.client5.http.async.methods.SimpleRequestProducer;
|
||||
import org.apache.hc.client5.http.async.methods.SimpleResponseConsumer;
|
||||
import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
|
||||
import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
|
||||
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
|
||||
import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
|
||||
import org.apache.hc.client5.http.protocol.HttpClientContext;
|
||||
import org.apache.hc.client5.http.ssl.H2TlsStrategy;
|
||||
import org.apache.hc.core5.concurrent.FutureCallback;
|
||||
import org.apache.hc.core5.http.HttpHost;
|
||||
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
|
||||
import org.apache.hc.core5.http2.HttpVersionPolicy;
|
||||
import org.apache.hc.core5.io.ShutdownType;
|
||||
import org.apache.hc.core5.ssl.SSLContexts;
|
||||
import org.apache.hc.core5.ssl.TrustStrategy;
|
||||
|
||||
/**
|
||||
* This example demonstrates how to avoid the illegal reflective access operation warning
|
||||
* when running with Oracle JRE 9 or newer.
|
||||
*/
|
||||
public class AsyncClientTlsAlpn {
|
||||
|
||||
public final static void main(final String[] args) throws Exception {
|
||||
// Trust standard CA and those trusted by our custom strategy
|
||||
final SSLContext sslcontext = SSLContexts.custom()
|
||||
.loadTrustMaterial(new TrustStrategy() {
|
||||
|
||||
@Override
|
||||
public boolean isTrusted(
|
||||
final X509Certificate[] chain,
|
||||
final String authType) throws CertificateException {
|
||||
final X509Certificate cert = chain[0];
|
||||
return "CN=http2bin.org".equalsIgnoreCase(cert.getSubjectDN().getName());
|
||||
}
|
||||
|
||||
})
|
||||
.build();
|
||||
final TlsStrategy tlsStrategy = new H2TlsStrategy(
|
||||
sslcontext,
|
||||
H2TlsStrategy.getDefaultHostnameVerifier()) {
|
||||
|
||||
// IMPORTANT uncomment the following method when running Java 9 or older
|
||||
// in order to avoid the illegal reflective access operation warning
|
||||
// @Override
|
||||
// protected TlsDetails createTlsDetails(final SSLEngine sslEngine) {
|
||||
// return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
|
||||
// }
|
||||
|
||||
};
|
||||
final PoolingAsyncClientConnectionManager cm = PoolingAsyncClientConnectionManagerBuilder.create()
|
||||
.setTlsStrategy(tlsStrategy)
|
||||
.build();
|
||||
try (CloseableHttpAsyncClient client = HttpAsyncClients.custom()
|
||||
.setVersionPolicy(HttpVersionPolicy.NEGOTIATE)
|
||||
.setConnectionManager(cm)
|
||||
.build()) {
|
||||
|
||||
client.start();
|
||||
|
||||
final HttpHost target = new HttpHost("http2bin.org", 443, "https");
|
||||
final String requestUri = "/";
|
||||
final HttpClientContext clientContext = HttpClientContext.create();
|
||||
|
||||
final SimpleHttpRequest request = SimpleHttpRequest.get(target, requestUri);
|
||||
final Future<SimpleHttpResponse> future = client.execute(
|
||||
SimpleRequestProducer.create(request, null),
|
||||
SimpleResponseConsumer.create(),
|
||||
clientContext,
|
||||
new FutureCallback<SimpleHttpResponse>() {
|
||||
|
||||
@Override
|
||||
public void completed(final SimpleHttpResponse response) {
|
||||
System.out.println(requestUri + "->" + response.getCode());
|
||||
System.out.println(response.getBody());
|
||||
final SSLSession sslSession = clientContext.getSSLSession();
|
||||
if (sslSession != null) {
|
||||
System.out.println("SSL protocol " + sslSession.getProtocol());
|
||||
System.out.println("SSL cipher suite " + sslSession.getCipherSuite());
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void failed(final Exception ex) {
|
||||
System.out.println(requestUri + "->" + ex);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void cancelled() {
|
||||
System.out.println(requestUri + " cancelled");
|
||||
}
|
||||
|
||||
});
|
||||
future.get();
|
||||
|
||||
System.out.println("Shutting down");
|
||||
client.shutdown(ShutdownType.GRACEFUL);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue