diff options
author | dave.adams (da490c) <dave.adams@amdocs.com> | 2017-09-12 12:14:02 -0400 |
---|---|---|
committer | dave.adams (da490c) <dave.adams@amdocs.com> | 2017-09-21 08:58:11 -0400 |
commit | fa337c7571edf97800fc47cdb404160f7da97c8b (patch) | |
tree | 3ad059a317c0b72ecf0203999a4929299831ddff /src/main/java/org/onap | |
parent | 9b97b575d3ebbd3df83fa6a6770e418bbcb546d0 (diff) |
Expose ssl protocol config
Issue-ID: AAI-127
Change-Id: I657144887df8ec36b73d0506902ca4d324dd794a
Signed-off-by: dave.adams (da490c) <dave.adams@amdocs.com>
Diffstat (limited to 'src/main/java/org/onap')
-rw-r--r-- | src/main/java/org/onap/aai/restclient/client/RestClient.java | 15 | ||||
-rw-r--r-- | src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java | 18 |
2 files changed, 27 insertions, 6 deletions
diff --git a/src/main/java/org/onap/aai/restclient/client/RestClient.java b/src/main/java/org/onap/aai/restclient/client/RestClient.java index 02f12b1..a98f710 100644 --- a/src/main/java/org/onap/aai/restclient/client/RestClient.java +++ b/src/main/java/org/onap/aai/restclient/client/RestClient.java @@ -236,6 +236,19 @@ public class RestClient { clientBuilder.setReadTimeoutInMs(timeout); return this; } + + /** + * Configures the client for a specific SSL protocol + * + * @param sslProtocol - protocol string constant such as TLS, TLSv1, TLSv1.1, TLSv1.2 + * + * @return The AAIRESTClient instance. + */ + public RestClient sslProtocol(String sslProtocol) { + logger.debug("Set sslProtocol = " + sslProtocol); + clientBuilder.setSslProtocol(sslProtocol); + return this; + } private boolean shouldRetry(OperationResult operationResult) { @@ -595,7 +608,7 @@ public class RestClient { if (headers != null) { for (Entry<String, List<String>> header : headers.entrySet()) { - builder.header(header.getKey(), header.getValue()); + builder.header(header.getKey(), String.join(";",header.getValue())); } if (clientBuilder.getAuthenticationMode() == RestAuthenticationMode.SSL_BASIC) { diff --git a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java index f446f27..0272065 100644 --- a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java +++ b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java @@ -39,7 +39,7 @@ import com.sun.jersey.api.client.Client; import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
-
+
/**
* This is a generic REST Client builder with flexible security validation. Sometimes it's nice to
* be able to disable server chain cert validation and hostname validation to work-around lab
@@ -59,8 +59,8 @@ public class RestClientBuilder { public static final RestAuthenticationMode DEFAULT_AUTH_MODE = RestAuthenticationMode.SSL_CERT;
public static final String DEFAULT_BASIC_AUTH_USERNAME = "";
public static final String DEFAULT_BASIC_AUTH_PASSWORD = "";
+ public static final String DEFAULT_SSL_PROTOCOL = "TLS";
- private static final String SSL_PROTOCOL = "TLS";
private static final String KEYSTORE_ALGORITHM = "SunX509";
private static final String KEYSTORE_TYPE = "PKCS12";
private static final String TRUST_STORE_PROPERTY = "javax.net.ssl.trustStore";
@@ -75,6 +75,7 @@ public class RestClientBuilder { private RestAuthenticationMode authenticationMode;
private String basicAuthUsername;
private String basicAuthPassword;
+ private String sslProtocol;
/**
* Rest Client Builder.
@@ -90,6 +91,7 @@ public class RestClientBuilder { authenticationMode = DEFAULT_AUTH_MODE;
basicAuthUsername = DEFAULT_BASIC_AUTH_USERNAME;
basicAuthPassword = DEFAULT_BASIC_AUTH_PASSWORD;
+ sslProtocol = DEFAULT_SSL_PROTOCOL;
}
public boolean isValidateServerHostname() {
@@ -148,8 +150,6 @@ public class RestClientBuilder { this.readTimeoutInMs = readTimeoutInMs;
}
-
-
public RestAuthenticationMode getAuthenticationMode() {
return authenticationMode;
}
@@ -174,6 +174,14 @@ public class RestClientBuilder { this.basicAuthPassword = basicAuthPassword;
}
+ public String getSslProtocol() {
+ return sslProtocol;
+ }
+
+ public void setSslProtocol(String sslProtocol) {
+ this.sslProtocol = sslProtocol;
+ }
+
/**
* Returns Client configured for SSL
*/
@@ -219,7 +227,7 @@ public class RestClientBuilder { // Set up the SSL context, keystore, etc. to use for our connection
// to the AAI.
- SSLContext ctx = SSLContext.getInstance(SSL_PROTOCOL);
+ SSLContext ctx = SSLContext.getInstance(sslProtocol);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYSTORE_ALGORITHM);
KeyStore ks = KeyStore.getInstance(KEYSTORE_TYPE);
|