org.openliberty.wsc

Class SSLUtilities

java.lang.Object

org.openliberty.wsc.SSLUtilities

public class SSLUtilities
extends Object

This class contains a group of utilities used by the ClientLib to make SSl/TLS and Mutual SSL/TLS requests.

Field Summary

Fields

Modifier and Type	Field and Description
static HostnameVerifier	hnv Deprecated.
private static Logger	log
private static String	SSL_RSA_WITH_RC4_128_MD5 This is a widely supported cypher that is not included by the SSLClient default.
static boolean	useOldStyleSSL Deprecated.
static X509TrustManager	xtm Deprecated.

Constructor Summary

Constructors

Constructor and Description
SSLUtilities()

Method Summary

Methods

Modifier and Type	Method and Description
private static HttpURLConnection	createConnection(String urlString) Deprecated.
static void	initializeSSLProtocol() Deprecated.
static X509Certificate	loadX509Certificate(String pathToX509Certificate) Load an X509Certificate from a file, placing it in the OpenLibertyBoostrap Trusted Certificates.
static String	postSOAPFileViaHttpURLConnection(String urlString, String inputFileName) Deprecated.
static String	postSOAPMessage(String postUrlString, Element message, boolean isClientTLS) This is the method that WSFMessage uses to POST ID-* messages.
static String	postSOAPMessageNOTLS(String postUrlString, Element message) This is an exceptionally simple SOAP postSOAPMessageNOTLPOST using URLConnection with no TLS
static String	postSOAPMessageViaHttpURLConnection(String urlString, Element message) Deprecated.
static String	postSOAPMessageViaHttpURLConnection(String urlString, String message) Deprecated.
static InputStream	postSOAPMessageViaHttpURLConnectionIS(String urlString, String message) Deprecated.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

log

private static final Logger log

SSL_RSA_WITH_RC4_128_MD5

private static final String SSL_RSA_WITH_RC4_128_MD5

This is a widely supported cypher that is not included by the SSLClient default. We add it manually.

See Also:

Constant Field Values

useOldStyleSSL

@Deprecated
public static boolean useOldStyleSSL

Deprecated.

This boolean allows the developer to specify using the old style SSL which is set up to be quite relaxed, not paying attention to expiration dates, or host names, and not capable of MutualTLS

xtm

@Deprecated
public static X509TrustManager xtm

Deprecated.

Create an anonymous class to trust all certificates. This is bad style, you should create a separate class.

hnv

@Deprecated
public static HostnameVerifier hnv

Deprecated.

Create a class to trust all hosts

Constructor Detail

SSLUtilities

public SSLUtilities()

Method Detail

loadX509Certificate

public static X509Certificate loadX509Certificate(String pathToX509Certificate)

Load an X509Certificate from a file, placing it in the OpenLibertyBoostrap Trusted Certificates.

Parameters:

pathToX509Certificate -

Returns:

postSOAPMessageNOTLS

public static String postSOAPMessageNOTLS(String postUrlString,
                          Element message)

This is an exceptionally simple SOAP postSOAPMessageNOTLPOST using URLConnection with no TLS

Parameters:

postUrlString -

message -

Returns:

postSOAPMessage

public static String postSOAPMessage(String postUrlString,
                     Element message,
                     boolean isClientTLS)
                              throws GeneralSecurityException,
                                     IOException

This is the method that WSFMessage uses to POST ID-* messages.

At the suggestion of the OpenSAML java developers, we are using SSLClient from the not-yet-commons-ssl library ( http://juliusdavies.ca/commons-ssl/ ). It simplifies the loading of certificates, SSL, and ClientTLS greatly, and has been said to be more stable than HttpURLConnection.

Parameters:

postUrlString - is the complete URL to the service being invoked. e.g. https://mysvc.com:4343/INVOKE-DISCO

message - the ID-* message as a DOM element

isClientTLS - indicates whether mutual TLS should be used for this transaction

Returns:

the response from the server as a string.

Throws:

GeneralSecurityException

IOException

initializeSSLProtocol

@Deprecated
public static void initializeSSLProtocol()

Deprecated.

Relax the SSL protocol in order to allow out-of-date certificates.

postSOAPMessageViaHttpURLConnection

@Deprecated
public static String postSOAPMessageViaHttpURLConnection(String urlString,
                                                    Element message)
                                                  throws IOException

Deprecated.

Uility that takes a Document and posts it via HTTP

Parameters:

urlString -

message -

Returns:

Throws:

IOException

postSOAPFileViaHttpURLConnection

@Deprecated
public static String postSOAPFileViaHttpURLConnection(String urlString,
                                                 String inputFileName)
                                               throws IOException

Deprecated.

Parameters:

urlString -

inputFileName -

Returns:

Throws:

IOException

postSOAPMessageViaHttpURLConnection

@Deprecated
public static String postSOAPMessageViaHttpURLConnection(String urlString,
                                                    String message)
                                                  throws IOException

Deprecated.

Parameters:

urlString -

message -

Returns:

Throws:

IOException

postSOAPMessageViaHttpURLConnectionIS

@Deprecated
public static InputStream postSOAPMessageViaHttpURLConnectionIS(String urlString,
                                                           String message)
                                                         throws IOException

Deprecated.

Parameters:

urlString -

message -

Returns:

Throws:

IOException

createConnection

@Deprecated
private static HttpURLConnection createConnection(String urlString)
                                           throws IOException

Deprecated.

Parameters:

urlString -

Returns:

Throws:

IOException