Java Automation Client over SSL

This post is kind of a copy paste from this resource.

If you're running nuxeo platform over https, you may face this exception the first time you try HttpAutomationClient, following the example provided in REST API documentation :

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Here is how i went through it and finally could have fun with AutomationClient :

First, you need a wrapper class to update the HttpClient reference of your HttpAutomationClient :

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

public class SSLClientWrapper {

    @SuppressWarnings("deprecation")
    public static HttpClient wrapClient(HttpClient client) {

        DefaultHttpClient clientReference = null;

        try {
            SSLContext context = SSLContext.getInstance("TLS");
            X509TrustManager trustManager = new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] xcs, String string) {
                }

                public void checkServerTrusted(X509Certificate[] xcs, String string) {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            context.init(null, new TrustManager[]{trustManager}, null);
            SSLSocketFactory socketFactory = new SSLSocketFactory(context);
            socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            ClientConnectionManager connectionManager = client.getConnectionManager();
            SchemeRegistry schemeRegistry = connectionManager.getSchemeRegistry();
            schemeRegistry.register(new Scheme("https", socketFactory, 443));
            clientReference = new DefaultHttpClient(connectionManager,client.getParams());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();

        } catch (KeyManagementException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return clientReference;
    }
}

Then you just need to use the static method to update Nuxeo HttpAutomationClient HttpClient reference :

        HttpAutomationClient client = new HttpAutomationClient("https://my-server.com/nuxeo/site/automation"); 
        SSLClientWrapper.wrapClient(client.http()); 
        Session session = client.getSession("user", "pass");

(Of course you will need to update authentication with a correct user and password)

Hope this helps,

Antoine

2 votes

0 answers

1554 views

ANSWER

Thank you Antoine!
01/14/2013

Niceeeeeeee, got a badge :)
01/18/2013