Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
0001535: Contacting Server registration URL during client config wiza…
…rd in pro results in error when server and client are SSL.
  • Loading branch information
chenson42 committed Jan 22, 2014
1 parent a5c0b8b commit a3935d1
Show file tree
Hide file tree
Showing 2 changed files with 55 additions and 40 deletions.
Expand Up @@ -51,54 +51,60 @@ public TransportManagerFactory(ISymmetricEngine symmetricEngine) {
this.symmetricEngine = symmetricEngine;
}

public ITransportManager create() {
public static void initHttps(final String httpSslVerifiedServerNames,
boolean allowSelfSignedCerts) {
try {
String transport = symmetricEngine.getParameterService().getString(
ParameterConstants.TRANSPORT_TYPE);
if (Constants.PROTOCOL_HTTP.equalsIgnoreCase(transport)) {
final String httpSslVerifiedServerNames = symmetricEngine.getParameterService()
.getString(ServerConstants.HTTPS_VERIFIED_SERVERS);
if (!StringUtils.isBlank(httpSslVerifiedServerNames)) {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String s, SSLSession sslsession) {
boolean verified = false;
if (!StringUtils.isBlank(httpSslVerifiedServerNames)) {
if (httpSslVerifiedServerNames
.equalsIgnoreCase(Constants.TRANSPORT_HTTPS_VERIFIED_SERVERS_ALL)) {
verified = true;
} else {
String[] names = httpSslVerifiedServerNames.split(",");
for (String string : names) {
if (s != null && s.equals(string.trim())) {
verified = true;
break;
}
if (!StringUtils.isBlank(httpSslVerifiedServerNames)) {
HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
public boolean verify(String s, SSLSession sslsession) {
boolean verified = false;
if (!StringUtils.isBlank(httpSslVerifiedServerNames)) {
if (httpSslVerifiedServerNames
.equalsIgnoreCase(Constants.TRANSPORT_HTTPS_VERIFIED_SERVERS_ALL)) {
verified = true;
} else {
String[] names = httpSslVerifiedServerNames.split(",");
for (String string : names) {
if (s != null && s.equals(string.trim())) {
verified = true;
break;
}
}
}
return verified;
}
});
}

// Allow self signed certs based on the parameter value.
boolean allowSelfSignedCerts = symmetricEngine.getParameterService().is(
ServerConstants.HTTPS_ALLOW_SELF_SIGNED_CERTS, false);
if (allowSelfSignedCerts) {
HttpsURLConnection.setDefaultSSLSocketFactory(createSelfSignedSocketFactory());
}

return new HttpTransportManager(symmetricEngine);

} else if (Constants.PROTOCOL_INTERNAL.equalsIgnoreCase(transport)) {
return new InternalTransportManager(symmetricEngine);
} else {
throw new IllegalStateException("An invalid transport type of " + transport
+ " was specified.");
return verified;
}
});
}

if (allowSelfSignedCerts) {
HttpsURLConnection.setDefaultSSLSocketFactory(createSelfSignedSocketFactory());
}

} catch (GeneralSecurityException ex) {
throw new SecurityException(ex);
}

}

public ITransportManager create() {
String transport = symmetricEngine.getParameterService().getString(
ParameterConstants.TRANSPORT_TYPE);
if (Constants.PROTOCOL_HTTP.equalsIgnoreCase(transport)) {
String httpSslVerifiedServerNames = symmetricEngine.getParameterService().getString(
ServerConstants.HTTPS_VERIFIED_SERVERS);
// Allow self signed certs based on the parameter value.
boolean allowSelfSignedCerts = symmetricEngine.getParameterService().is(
ServerConstants.HTTPS_ALLOW_SELF_SIGNED_CERTS, false);
initHttps(httpSslVerifiedServerNames, allowSelfSignedCerts);
return new HttpTransportManager(symmetricEngine);

} else if (Constants.PROTOCOL_INTERNAL.equalsIgnoreCase(transport)) {
return new InternalTransportManager(symmetricEngine);
} else {
throw new IllegalStateException("An invalid transport type of " + transport
+ " was specified.");
}
}

/**
Expand Down
Expand Up @@ -58,6 +58,7 @@
import org.jumpmind.security.SecurityServiceFactory.SecurityServiceType;
import org.jumpmind.symmetric.common.ServerConstants;
import org.jumpmind.symmetric.common.SystemConstants;
import org.jumpmind.symmetric.transport.TransportManagerFactory;
import org.jumpmind.symmetric.web.ServletUtils;
import org.jumpmind.symmetric.web.SymmetricEngineHolder;
import org.jumpmind.symmetric.web.WebConstants;
Expand Down Expand Up @@ -136,8 +137,12 @@ public enum Mode {
protected boolean noDirectBuffer = false;

protected String webAppDir = DEFAULT_WEBAPP_DIR;

protected String name = "SymmetricDS";

protected String httpSslVerifiedServerNames = "all";

protected boolean allowSelfSignedCerts = true;

public SymmetricWebServer() {
this(null, DEFAULT_WEBAPP_DIR);
Expand Down Expand Up @@ -192,6 +197,8 @@ protected void initFromProperties() {
httpsPort = serverProperties.getInt(ServerConstants.HTTPS_PORT, httpsPort);
jmxPort = serverProperties.getInt(ServerConstants.JMX_HTTP_PORT, jmxPort);
host = serverProperties.get(ServerConstants.HOST_BIND_NAME, host);
httpSslVerifiedServerNames = serverProperties.get(ServerConstants.HTTPS_VERIFIED_SERVERS, httpSslVerifiedServerNames);
allowSelfSignedCerts = serverProperties.is(ServerConstants.HTTPS_ALLOW_SELF_SIGNED_CERTS, allowSelfSignedCerts);

} catch (IOException ex) {
log.error("Failed to load " + DEFAULT_SERVER_PROPERTIES, ex);
Expand Down Expand Up @@ -241,6 +248,8 @@ public SymmetricWebServer startMixed(int httpPort, int secureHttpPort, int jmxPo

public SymmetricWebServer start(int httpPort, int securePort, int httpJmxPort, Mode mode) throws Exception {

TransportManagerFactory.initHttps(httpSslVerifiedServerNames, allowSelfSignedCerts);

// indicate to the app that we are in stand alone mode
System.setProperty(SystemConstants.SYSPROP_STANDALONE_WEB, "true");

Expand Down

0 comments on commit a3935d1

Please sign in to comment.