aboutsummaryrefslogtreecommitdiffstats
path: root/src/main
diff options
context:
space:
mode:
authordave.adams (da490c) <dave.adams@amdocs.com>2017-09-12 12:14:02 -0400
committerdave.adams (da490c) <dave.adams@amdocs.com>2017-09-21 08:58:11 -0400
commitfa337c7571edf97800fc47cdb404160f7da97c8b (patch)
tree3ad059a317c0b72ecf0203999a4929299831ddff /src/main
parent9b97b575d3ebbd3df83fa6a6770e418bbcb546d0 (diff)
Expose ssl protocol config
Issue-ID: AAI-127 Change-Id: I657144887df8ec36b73d0506902ca4d324dd794a Signed-off-by: dave.adams (da490c) <dave.adams@amdocs.com>
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/org/onap/aai/restclient/client/RestClient.java15
-rw-r--r--src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java18
2 files changed, 27 insertions, 6 deletions
diff --git a/src/main/java/org/onap/aai/restclient/client/RestClient.java b/src/main/java/org/onap/aai/restclient/client/RestClient.java
index 02f12b1..a98f710 100644
--- a/src/main/java/org/onap/aai/restclient/client/RestClient.java
+++ b/src/main/java/org/onap/aai/restclient/client/RestClient.java
@@ -236,6 +236,19 @@ public class RestClient {
clientBuilder.setReadTimeoutInMs(timeout);
return this;
}
+
+ /**
+ * Configures the client for a specific SSL protocol
+ *
+ * @param sslProtocol - protocol string constant such as TLS, TLSv1, TLSv1.1, TLSv1.2
+ *
+ * @return The AAIRESTClient instance.
+ */
+ public RestClient sslProtocol(String sslProtocol) {
+ logger.debug("Set sslProtocol = " + sslProtocol);
+ clientBuilder.setSslProtocol(sslProtocol);
+ return this;
+ }
private boolean shouldRetry(OperationResult operationResult) {
@@ -595,7 +608,7 @@ public class RestClient {
if (headers != null) {
for (Entry<String, List<String>> header : headers.entrySet()) {
- builder.header(header.getKey(), header.getValue());
+ builder.header(header.getKey(), String.join(";",header.getValue()));
}
if (clientBuilder.getAuthenticationMode() == RestAuthenticationMode.SSL_BASIC) {
diff --git a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
index f446f27..0272065 100644
--- a/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
+++ b/src/main/java/org/onap/aai/restclient/rest/RestClientBuilder.java
@@ -39,7 +39,7 @@ import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.config.ClientConfig;
import com.sun.jersey.api.client.config.DefaultClientConfig;
import com.sun.jersey.client.urlconnection.HTTPSProperties;
-
+
/**
* This is a generic REST Client builder with flexible security validation. Sometimes it's nice to
* be able to disable server chain cert validation and hostname validation to work-around lab
@@ -59,8 +59,8 @@ public class RestClientBuilder {
public static final RestAuthenticationMode DEFAULT_AUTH_MODE = RestAuthenticationMode.SSL_CERT;
public static final String DEFAULT_BASIC_AUTH_USERNAME = "";
public static final String DEFAULT_BASIC_AUTH_PASSWORD = "";
+ public static final String DEFAULT_SSL_PROTOCOL = "TLS";
- private static final String SSL_PROTOCOL = "TLS";
private static final String KEYSTORE_ALGORITHM = "SunX509";
private static final String KEYSTORE_TYPE = "PKCS12";
private static final String TRUST_STORE_PROPERTY = "javax.net.ssl.trustStore";
@@ -75,6 +75,7 @@ public class RestClientBuilder {
private RestAuthenticationMode authenticationMode;
private String basicAuthUsername;
private String basicAuthPassword;
+ private String sslProtocol;
/**
* Rest Client Builder.
@@ -90,6 +91,7 @@ public class RestClientBuilder {
authenticationMode = DEFAULT_AUTH_MODE;
basicAuthUsername = DEFAULT_BASIC_AUTH_USERNAME;
basicAuthPassword = DEFAULT_BASIC_AUTH_PASSWORD;
+ sslProtocol = DEFAULT_SSL_PROTOCOL;
}
public boolean isValidateServerHostname() {
@@ -148,8 +150,6 @@ public class RestClientBuilder {
this.readTimeoutInMs = readTimeoutInMs;
}
-
-
public RestAuthenticationMode getAuthenticationMode() {
return authenticationMode;
}
@@ -174,6 +174,14 @@ public class RestClientBuilder {
this.basicAuthPassword = basicAuthPassword;
}
+ public String getSslProtocol() {
+ return sslProtocol;
+ }
+
+ public void setSslProtocol(String sslProtocol) {
+ this.sslProtocol = sslProtocol;
+ }
+
/**
* Returns Client configured for SSL
*/
@@ -219,7 +227,7 @@ public class RestClientBuilder {
// Set up the SSL context, keystore, etc. to use for our connection
// to the AAI.
- SSLContext ctx = SSLContext.getInstance(SSL_PROTOCOL);
+ SSLContext ctx = SSLContext.getInstance(sslProtocol);
KeyManagerFactory kmf = KeyManagerFactory.getInstance(KEYSTORE_ALGORITHM);
KeyStore ks = KeyStore.getInstance(KEYSTORE_TYPE);