001 /*
002 * $Header$
003 * $Revision: 129 $
004 * $Date: 2007-11-14 19:21:33 -0800 (Wed, 14 Nov 2007) $
005 *
006 * ====================================================================
007 *
008 * Copyright 2002-2004 The Apache Software Foundation
009 *
010 * Licensed under the Apache License, Version 2.0 (the "License");
011 * you may not use this file except in compliance with the License.
012 * You may obtain a copy of the License at
013 *
014 * http://www.apache.org/licenses/LICENSE-2.0
015 *
016 * Unless required by applicable law or agreed to in writing, software
017 * distributed under the License is distributed on an "AS IS" BASIS,
018 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
019 * See the License for the specific language governing permissions and
020 * limitations under the License.
021 * ====================================================================
022 *
023 * This software consists of voluntary contributions made by many
024 * individuals on behalf of the Apache Software Foundation. For more
025 * information on the Apache Software Foundation, please see
026 * <http://www.apache.org/>.
027 *
028 */
029
030 package org.apache.commons.httpclient.contrib.ssl;
031
032 import org.apache.commons.ssl.HttpSecureProtocol;
033 import org.apache.commons.ssl.TrustMaterial;
034
035 import java.io.IOException;
036 import java.net.Socket;
037 import java.security.GeneralSecurityException;
038
039 /**
040 * <p/>
041 * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s
042 * that accept self-signed certificates.
043 * </p>
044 * <p/>
045 * This socket factory SHOULD NOT be used for productive systems
046 * due to security reasons, unless it is a concious decision and
047 * you are perfectly aware of security implications of accepting
048 * self-signed certificates
049 * </p>
050 * <p/>
051 * <p/>
052 * Example of using custom protocol socket factory for a specific host:
053 * <pre>
054 * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
055 * <p/>
056 * HttpClient client = new HttpClient();
057 * client.getHostConfiguration().setHost("localhost", 443, easyhttps);
058 * // use relative url only
059 * GetMethod httpget = new GetMethod("/");
060 * client.executeMethod(httpget);
061 * </pre>
062 * </p>
063 * <p/>
064 * Example of using custom protocol socket factory per default instead of the standard one:
065 * <pre>
066 * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
067 * Protocol.registerProtocol("https", easyhttps);
068 * <p/>
069 * HttpClient client = new HttpClient();
070 * GetMethod httpget = new GetMethod("https://localhost/");
071 * client.executeMethod(httpget);
072 * </pre>
073 * </p>
074 *
075 * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
076 * <p/>
077 * <p/>
078 * DISCLAIMER: HttpClient developers DO NOT actively support this component.
079 * The component is provided as a reference material, which may be inappropriate
080 * for use without additional customization.
081 * </p>
082 */
083
084 public class EasySSLProtocolSocketFactory extends HttpSecureProtocol {
085
086 /**
087 * Constructor for EasySSLProtocolSocketFactory.
088 *
089 * @throws GeneralSecurityException GeneralSecurityException
090 * @throws IOException IOException
091 */
092 public EasySSLProtocolSocketFactory()
093 throws GeneralSecurityException, IOException {
094 super();
095 super.useDefaultJavaCiphers();
096 super.setTrustMaterial(TrustMaterial.TRUST_ALL);
097 super.setCheckHostname(false);
098 super.setCheckExpiry(false);
099 super.setCheckCRL(false );
100 }
101
102 }