X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Fdmaap%2Fdbcapi%2Faaf%2FAafConnection.java;h=934e541ed513c5fd8da0cae7e9ff7a54fbada330;hb=03b16f6df6fe5545a4ed219916c77dd696694ea2;hp=b1d38711abf55f2bfcbf8fdee20bf1670efa917e;hpb=bfb5a8f2b453ec01c05f55bdd4a2fef672df563b;p=dmaap%2Fdbcapi.git diff --git a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java index b1d3871..934e541 100644 --- a/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java +++ b/src/main/java/org/onap/dmaap/dbcapi/aaf/AafConnection.java @@ -3,6 +3,8 @@ * org.onap.dmaap * ================================================================================ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * + * Modifications Copyright (C) 2019 IBM. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -35,8 +37,11 @@ import java.net.UnknownHostException; import java.net.ConnectException; import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; import javax.net.ssl.SSLHandshakeException; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import org.apache.commons.codec.binary.Base64; import org.onap.dmaap.dbcapi.logging.BaseLoggingClass; import org.onap.dmaap.dbcapi.logging.DmaapbcLogMessageEnum; @@ -46,13 +51,13 @@ import org.onap.dmaap.dbcapi.util.DmaapConfig; public class AafConnection extends BaseLoggingClass { - - + + private String aafCred; private String unit_test; - + private HttpsURLConnection uc; @@ -62,10 +67,10 @@ public class AafConnection extends BaseLoggingClass { unit_test = p.getProperty( "UnitTest", "No" ); } - + private boolean makeConnection( String pURL ) { - + try { URL u = new URL( pURL ); uc = (HttpsURLConnection) u.openConnection(); @@ -78,8 +83,7 @@ public class AafConnection extends BaseLoggingClass { return(false); } catch (Exception e) { logger.error("Error", e); - errorLogger.error(DmaapbcLogMessageEnum.HTTP_CONNECTION_ERROR, pURL, e.getMessage() ); - e.printStackTrace(); + errorLogger.error(DmaapbcLogMessageEnum.HTTP_CONNECTION_ERROR, pURL, e.getMessage()); return(false); } @@ -94,9 +98,9 @@ public class AafConnection extends BaseLoggingClass { sb.append( line ); } } catch (IOException ex ) { - errorLogger.error( DmaapbcLogMessageEnum.IO_EXCEPTION, ex.getMessage()); + errorLogger.error( DmaapbcLogMessageEnum.IO_EXCEPTION + ex.getMessage(),ex); } - + return sb.toString(); } @@ -107,11 +111,11 @@ public class AafConnection extends BaseLoggingClass { String auth = "Basic " + Base64.encodeBase64String(aafCred.getBytes()); int rc = -1; - + if ( ! makeConnection( pURL ) ) { return rc; }; - + byte[] postData = obj.getBytes(); //logger.info( "post fields=" + postData ); //byte isn't very readable @@ -128,6 +132,10 @@ public class AafConnection extends BaseLoggingClass { uc.setRequestProperty( "Content-Length", Integer.toString( postData.length )); uc.setUseCaches(false); uc.setDoOutput(true); + + SSLContext sc = SSLContext.getInstance("SSL"); + sc.init(null, trustAllCerts, new java.security.SecureRandom()); + uc.setSSLSocketFactory(sc.getSocketFactory()); OutputStream os = null; @@ -255,7 +263,7 @@ public class AafConnection extends BaseLoggingClass { logger.error("Error", e); } } catch ( SSLHandshakeException she ) { - errorLogger.error( DmaapbcLogMessageEnum.SSL_HANDSHAKE_ERROR, pURL); + errorLogger.error( DmaapbcLogMessageEnum.SSL_HANDSHAKE_ERROR +"For:- "+pURL,she); } try { rc = uc.getResponseCode(); @@ -295,6 +303,27 @@ public class AafConnection extends BaseLoggingClass { return rc; } + + private TrustManager[] trustAllCerts = new TrustManager[]{ + new X509TrustManager() { + + @Override + public java.security.cert.X509Certificate[] getAcceptedIssuers() + { + return null; + } + @Override + public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) + { + //No need to implement. + } + @Override + public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) + { + //No need to implement. + } + } + }; }