modified to comply to the new deployment scheme (moved links to https)
git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/liferay62-plugins/mail-reader-lr62@130819 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
parent
35e2bd452e
commit
64ed2e18dd
|
@ -6,9 +6,10 @@ import java.net.HttpURLConnection;
|
|||
import java.net.URL;
|
||||
import java.util.List;
|
||||
|
||||
import javax.net.ssl.HttpsURLConnection;
|
||||
|
||||
public class GetCaller extends Thread {
|
||||
private final int MINUTES_4_MILLISECONDS = 240000;
|
||||
|
||||
private final int MINUTES_4_MILLISECONDS = 480000;
|
||||
private final static String USER_AGENT = "Mozilla/5.0";
|
||||
|
||||
private List<String> urlsToContact;
|
||||
|
@ -27,7 +28,7 @@ public class GetCaller extends Thread {
|
|||
System.out.println("********** LDAP EXPORT THREAD Waiting ... starting in " + MINUTES_4_MILLISECONDS/60000 + " minutes");
|
||||
Thread.sleep(MINUTES_4_MILLISECONDS);
|
||||
for (String url : urlsToContact) {
|
||||
String response = sendGet(url);
|
||||
String response = sendHTTPsGet(url);
|
||||
System.out.println("**********\n\n"+ "Called URL=" + url + " correctly, response:" + response);
|
||||
}
|
||||
String response_ldap = sendGet(ServletTrigger.SERVLET_URL_LDAP);
|
||||
|
@ -38,6 +39,31 @@ public class GetCaller extends Thread {
|
|||
|
||||
}
|
||||
|
||||
private String sendHTTPsGet(String url) throws Exception {
|
||||
|
||||
URL obj = new URL(null, url, new sun.net.www.protocol.https.Handler());
|
||||
|
||||
SSLUtilities.trustAllHostnames();
|
||||
SSLUtilities.trustAllHttpsCertificates();
|
||||
|
||||
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
|
||||
con.setRequestProperty("User-Agent", USER_AGENT);
|
||||
int responseCode = con.getResponseCode();
|
||||
System.out.println("\nSending 'GET' request to URL : " + url);
|
||||
System.out.println("Response Code : " + responseCode);
|
||||
|
||||
BufferedReader in = new BufferedReader(
|
||||
new InputStreamReader(con.getInputStream()));
|
||||
String inputLine;
|
||||
StringBuffer response = new StringBuffer();
|
||||
|
||||
while ((inputLine = in.readLine()) != null) {
|
||||
response.append(inputLine);
|
||||
}
|
||||
in.close();
|
||||
return response.toString();
|
||||
}
|
||||
|
||||
private String sendGet(String url) throws Exception {
|
||||
URL obj = new URL(url);
|
||||
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
|
||||
|
@ -58,3 +84,5 @@ public class GetCaller extends Thread {
|
|||
return response.toString();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -0,0 +1,318 @@
|
|||
package org.gcube.portal;
|
||||
|
||||
import java.security.GeneralSecurityException;
|
||||
import java.security.SecureRandom;
|
||||
import java.security.cert.X509Certificate;
|
||||
import javax.net.ssl.HostnameVerifier;
|
||||
import javax.net.ssl.HttpsURLConnection;
|
||||
import javax.net.ssl.SSLContext;
|
||||
import javax.net.ssl.TrustManager;
|
||||
import javax.net.ssl.X509TrustManager;
|
||||
|
||||
/**
|
||||
* This class provide various static methods that relax X509 certificate and
|
||||
* hostname verification while using the SSL over the HTTP protocol.
|
||||
*
|
||||
* @author Francis Labrie
|
||||
*/
|
||||
public final class SSLUtilities {
|
||||
|
||||
/**
|
||||
* Hostname verifier for the Sun's deprecated API.
|
||||
*
|
||||
* @deprecated see {@link #_hostnameVerifier}.
|
||||
*/
|
||||
private static com.sun.net.ssl.HostnameVerifier __hostnameVerifier;
|
||||
/**
|
||||
* Thrust managers for the Sun's deprecated API.
|
||||
*
|
||||
* @deprecated see {@link #_trustManagers}.
|
||||
*/
|
||||
private static com.sun.net.ssl.TrustManager[] __trustManagers;
|
||||
/**
|
||||
* Hostname verifier.
|
||||
*/
|
||||
private static HostnameVerifier _hostnameVerifier;
|
||||
/**
|
||||
* Thrust managers.
|
||||
*/
|
||||
private static TrustManager[] _trustManagers;
|
||||
|
||||
|
||||
/**
|
||||
* Set the default Hostname Verifier to an instance of a fake class that
|
||||
* trust all hostnames. This method uses the old deprecated API from the
|
||||
* com.sun.ssl package.
|
||||
*
|
||||
* @deprecated see {@link #_trustAllHostnames()}.
|
||||
*/
|
||||
private static void __trustAllHostnames() {
|
||||
// Create a trust manager that does not validate certificate chains
|
||||
if(__hostnameVerifier == null) {
|
||||
__hostnameVerifier = new _FakeHostnameVerifier();
|
||||
} // if
|
||||
// Install the all-trusting host name verifier
|
||||
com.sun.net.ssl.HttpsURLConnection.
|
||||
setDefaultHostnameVerifier(__hostnameVerifier);
|
||||
} // __trustAllHttpsCertificates
|
||||
|
||||
/**
|
||||
* Set the default X509 Trust Manager to an instance of a fake class that
|
||||
* trust all certificates, even the self-signed ones. This method uses the
|
||||
* old deprecated API from the com.sun.ssl package.
|
||||
*
|
||||
* @deprecated see {@link #_trustAllHttpsCertificates()}.
|
||||
*/
|
||||
private static void __trustAllHttpsCertificates() {
|
||||
com.sun.net.ssl.SSLContext context;
|
||||
|
||||
// Create a trust manager that does not validate certificate chains
|
||||
if(__trustManagers == null) {
|
||||
__trustManagers = new com.sun.net.ssl.TrustManager[]
|
||||
{new _FakeX509TrustManager()};
|
||||
} // if
|
||||
// Install the all-trusting trust manager
|
||||
try {
|
||||
context = com.sun.net.ssl.SSLContext.getInstance("SSL");
|
||||
context.init(null, __trustManagers, new SecureRandom());
|
||||
} catch(GeneralSecurityException gse) {
|
||||
throw new IllegalStateException(gse.getMessage());
|
||||
} // catch
|
||||
com.sun.net.ssl.HttpsURLConnection.
|
||||
setDefaultSSLSocketFactory(context.getSocketFactory());
|
||||
} // __trustAllHttpsCertificates
|
||||
|
||||
/**
|
||||
* Return true if the protocol handler property java.
|
||||
* protocol.handler.pkgs is set to the Sun's com.sun.net.ssl.
|
||||
* internal.www.protocol deprecated one, false
|
||||
* otherwise.
|
||||
*
|
||||
* @return true if the protocol handler
|
||||
* property is set to the Sun's deprecated one, false
|
||||
* otherwise.
|
||||
*/
|
||||
private static boolean isDeprecatedSSLProtocol() {
|
||||
return("com.sun.net.ssl.internal.www.protocol".equals(System.
|
||||
getProperty("java.protocol.handler.pkgs")));
|
||||
} // isDeprecatedSSLProtocol
|
||||
|
||||
/**
|
||||
* Set the default Hostname Verifier to an instance of a fake class that
|
||||
* trust all hostnames.
|
||||
*/
|
||||
private static void _trustAllHostnames() {
|
||||
// Create a trust manager that does not validate certificate chains
|
||||
if(_hostnameVerifier == null) {
|
||||
_hostnameVerifier = new FakeHostnameVerifier();
|
||||
} // if
|
||||
// Install the all-trusting host name verifier:
|
||||
HttpsURLConnection.setDefaultHostnameVerifier(_hostnameVerifier);
|
||||
} // _trustAllHttpsCertificates
|
||||
|
||||
/**
|
||||
* Set the default X509 Trust Manager to an instance of a fake class that
|
||||
* trust all certificates, even the self-signed ones.
|
||||
*/
|
||||
private static void _trustAllHttpsCertificates() {
|
||||
SSLContext context;
|
||||
|
||||
// Create a trust manager that does not validate certificate chains
|
||||
if(_trustManagers == null) {
|
||||
_trustManagers = new TrustManager[] {new FakeX509TrustManager()};
|
||||
} // if
|
||||
// Install the all-trusting trust manager:
|
||||
try {
|
||||
context = SSLContext.getInstance("SSL");
|
||||
context.init(null, _trustManagers, new SecureRandom());
|
||||
} catch(GeneralSecurityException gse) {
|
||||
throw new IllegalStateException(gse.getMessage());
|
||||
} // catch
|
||||
HttpsURLConnection.setDefaultSSLSocketFactory(context.
|
||||
getSocketFactory());
|
||||
} // _trustAllHttpsCertificates
|
||||
|
||||
/**
|
||||
* Set the default Hostname Verifier to an instance of a fake class that
|
||||
* trust all hostnames.
|
||||
*/
|
||||
public static void trustAllHostnames() {
|
||||
// Is the deprecated protocol setted?
|
||||
if(isDeprecatedSSLProtocol()) {
|
||||
__trustAllHostnames();
|
||||
} else {
|
||||
_trustAllHostnames();
|
||||
} // else
|
||||
} // trustAllHostnames
|
||||
|
||||
/**
|
||||
* Set the default X509 Trust Manager to an instance of a fake class that
|
||||
* trust all certificates, even the self-signed ones.
|
||||
*/
|
||||
public static void trustAllHttpsCertificates() {
|
||||
// Is the deprecated protocol setted?
|
||||
if(isDeprecatedSSLProtocol()) {
|
||||
__trustAllHttpsCertificates();
|
||||
} else {
|
||||
_trustAllHttpsCertificates();
|
||||
} // else
|
||||
} // trustAllHttpsCertificates
|
||||
|
||||
/**
|
||||
* This class implements a fake hostname verificator, trusting any host
|
||||
* name. This class uses the old deprecated API from the com.sun.
|
||||
* ssl package.
|
||||
*
|
||||
* @author Francis Labrie
|
||||
*
|
||||
* @deprecated see {@link SSLUtilities.FakeHostnameVerifier}.
|
||||
*/
|
||||
public static class _FakeHostnameVerifier
|
||||
implements com.sun.net.ssl.HostnameVerifier {
|
||||
|
||||
/**
|
||||
* Always return true, indicating that the host name is an
|
||||
* acceptable match with the server's authentication scheme.
|
||||
*
|
||||
* @param hostname the host name.
|
||||
* @param session the SSL session used on the connection to
|
||||
* host.
|
||||
* @return the true boolean value
|
||||
* indicating the host name is trusted.
|
||||
*/
|
||||
public boolean verify(String hostname, String session) {
|
||||
return(true);
|
||||
} // verify
|
||||
} // _FakeHostnameVerifier
|
||||
|
||||
|
||||
/**
|
||||
* This class allow any X509 certificates to be used to authenticate the
|
||||
* remote side of a secure socket, including self-signed certificates. This
|
||||
* class uses the old deprecated API from the com.sun.ssl
|
||||
* package.
|
||||
*
|
||||
* @author Francis Labrie
|
||||
*
|
||||
* @deprecated see {@link SSLUtilities.FakeX509TrustManager}.
|
||||
*/
|
||||
public static class _FakeX509TrustManager
|
||||
implements com.sun.net.ssl.X509TrustManager {
|
||||
|
||||
/**
|
||||
* Empty array of certificate authority certificates.
|
||||
*/
|
||||
private static final X509Certificate[] _AcceptedIssuers =
|
||||
new X509Certificate[] {};
|
||||
|
||||
|
||||
/**
|
||||
* Always return true, trusting for client SSL
|
||||
* chain peer certificate chain.
|
||||
*
|
||||
* @param chain the peer certificate chain.
|
||||
* @return the true boolean value
|
||||
* indicating the chain is trusted.
|
||||
*/
|
||||
public boolean isClientTrusted(X509Certificate[] chain) {
|
||||
return(true);
|
||||
} // checkClientTrusted
|
||||
|
||||
/**
|
||||
* Always return true, trusting for server SSL
|
||||
* chain peer certificate chain.
|
||||
*
|
||||
* @param chain the peer certificate chain.
|
||||
* @return the true boolean value
|
||||
* indicating the chain is trusted.
|
||||
*/
|
||||
public boolean isServerTrusted(X509Certificate[] chain) {
|
||||
return(true);
|
||||
} // checkServerTrusted
|
||||
|
||||
/**
|
||||
* Return an empty array of certificate authority certificates which
|
||||
* are trusted for authenticating peers.
|
||||
*
|
||||
* @return a empty array of issuer certificates.
|
||||
*/
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return(_AcceptedIssuers);
|
||||
} // getAcceptedIssuers
|
||||
} // _FakeX509TrustManager
|
||||
|
||||
|
||||
/**
|
||||
* This class implements a fake hostname verificator, trusting any host
|
||||
* name.
|
||||
*
|
||||
* @author Francis Labrie
|
||||
*/
|
||||
public static class FakeHostnameVerifier implements HostnameVerifier {
|
||||
|
||||
/**
|
||||
* Always return true, indicating that the host name is
|
||||
* an acceptable match with the server's authentication scheme.
|
||||
*
|
||||
* @param hostname the host name.
|
||||
* @param session the SSL session used on the connection to
|
||||
* host.
|
||||
* @return the true boolean value
|
||||
* indicating the host name is trusted.
|
||||
*/
|
||||
public boolean verify(String hostname,
|
||||
javax.net.ssl.SSLSession session) {
|
||||
return(true);
|
||||
} // verify
|
||||
} // FakeHostnameVerifier
|
||||
|
||||
|
||||
/**
|
||||
* This class allow any X509 certificates to be used to authenticate the
|
||||
* remote side of a secure socket, including self-signed certificates.
|
||||
*
|
||||
* @author Francis Labrie
|
||||
*/
|
||||
public static class FakeX509TrustManager implements X509TrustManager {
|
||||
|
||||
/**
|
||||
* Empty array of certificate authority certificates.
|
||||
*/
|
||||
private static final X509Certificate[] _AcceptedIssuers =
|
||||
new X509Certificate[] {};
|
||||
|
||||
|
||||
/**
|
||||
* Always trust for client SSL chain peer certificate
|
||||
* chain with any authType authentication types.
|
||||
*
|
||||
* @param chain the peer certificate chain.
|
||||
* @param authType the authentication type based on the client
|
||||
* certificate.
|
||||
*/
|
||||
public void checkClientTrusted(X509Certificate[] chain,
|
||||
String authType) {
|
||||
} // checkClientTrusted
|
||||
|
||||
/**
|
||||
* Always trust for server SSL chain peer certificate
|
||||
* chain with any authType exchange algorithm types.
|
||||
*
|
||||
* @param chain the peer certificate chain.
|
||||
* @param authType the key exchange algorithm used.
|
||||
*/
|
||||
public void checkServerTrusted(X509Certificate[] chain,
|
||||
String authType) {
|
||||
} // checkServerTrusted
|
||||
|
||||
/**
|
||||
* Return an empty array of certificate authority certificates which
|
||||
* are trusted for authenticating peers.
|
||||
*
|
||||
* @return a empty array of issuer certificates.
|
||||
*/
|
||||
public X509Certificate[] getAcceptedIssuers() {
|
||||
return(_AcceptedIssuers);
|
||||
} // getAcceptedIssuers
|
||||
} // FakeX509TrustManager
|
||||
} // SSLUtilities
|
|
@ -15,10 +15,9 @@ public class ServletTrigger extends SimpleAction {
|
|||
private static final Logger _log = LoggerFactory.getLogger(ServletTrigger.class);
|
||||
|
||||
protected static final String SERVLET_CONTEXT_MAIL = "/social-mail-servlet/start-email-reader";
|
||||
protected static final String SERVLET_URL_LDAP = "http://localhost:9090/ldap-export-servlet/start-ldap-export";
|
||||
|
||||
private final String PROTOCOL = "http://";
|
||||
private final String PORT = "9090";
|
||||
protected static final String SERVLET_URL_LDAP = "https://localhost/ldap-export-servlet/start-ldap-export";
|
||||
|
||||
private final String PROTOCOL = "https://";
|
||||
|
||||
/* (non-Java-doc)
|
||||
* @see com.liferay.portal.kernel.events.SimpleAction#SimpleAction()
|
||||
|
@ -45,15 +44,16 @@ public class ServletTrigger extends SimpleAction {
|
|||
* @return
|
||||
*/
|
||||
private List<String> getVirtualHostURLs() {
|
||||
_log.info("MAIL_PARSER STARTING ... getVirtualHostURLs() ");
|
||||
List<String> toReturn = new ArrayList<String>();
|
||||
List<VirtualHost> vHosts = null;
|
||||
try {
|
||||
vHosts = VirtualHostLocalServiceUtil.getVirtualHosts(0, VirtualHostLocalServiceUtil.getVirtualHostsCount());
|
||||
for (VirtualHost virtualHost : vHosts) {
|
||||
if (virtualHost.getHostname().compareTo("localhost") != 0 && virtualHost.getLayoutSetId() != 0) {
|
||||
String hostToContact = PROTOCOL+virtualHost.getHostname()+":"+PORT;
|
||||
toReturn.add(hostToContact+SERVLET_CONTEXT_MAIL);
|
||||
_log.debug("Added host to contact: " + hostToContact);
|
||||
String hostToContact = PROTOCOL+virtualHost.getHostname();
|
||||
toReturn.add(hostToContact+SERVLET_CONTEXT_MAIL);
|
||||
_log.info("Added host to contact: " + hostToContact);
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
|
|
Loading…
Reference in New Issue