pipIrr-SV.git - Gitblit

			@@ -6,6 +6,7 @@
			import java.security.NoSuchAlgorithmException;
			import java.security.cert.X509Certificate;
			import java.util.ArrayList;
			import java.util.Arrays;
			import java.util.List;
			import java.util.Map;

			@@ -17,15 +18,25 @@
			import org.apache.http.HttpResponse;
			import org.apache.http.NameValuePair;
			import org.apache.http.client.HttpClient;
			import org.apache.http.client.config.AuthSchemes;
			import org.apache.http.client.config.CookieSpecs;
			import org.apache.http.client.config.RequestConfig;
			import org.apache.http.client.entity.UrlEncodedFormEntity;
			import org.apache.http.client.methods.HttpDelete;
			import org.apache.http.client.methods.HttpGet;
			import org.apache.http.client.methods.HttpPost;
			import org.apache.http.client.methods.HttpPut;
			import org.apache.http.config.Registry;
			import org.apache.http.config.RegistryBuilder;
			import org.apache.http.conn.socket.ConnectionSocketFactory;
			import org.apache.http.conn.socket.PlainConnectionSocketFactory;
			import org.apache.http.conn.ssl.NoopHostnameVerifier;
			import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
			import org.apache.http.entity.ByteArrayEntity;
			import org.apache.http.entity.StringEntity;
			import org.apache.http.impl.client.CloseableHttpClient;
			import org.apache.http.impl.client.HttpClients;
			import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
			import org.apache.http.message.BasicNameValuePair;
			import org.apache.http.conn.ClientConnectionManager;
			import org.apache.http.conn.scheme.Scheme;
			@@ -255,40 +266,77 @@
			}

			private static HttpClient wrapClient(String host) {
			CloseableHttpClient httpClient = HttpClients.createDefault();
			if (host.startsWith("https://")) {
			sslClient(httpClient);
			return sslClient();
			}else{
			return HttpClients.createDefault();
			}

			return httpClient;
			}
			//
			// private static void sslClient(HttpClient httpClient) {
			// try {
			// SSLContext ctx = SSLContext.getInstance("TLS");
			// X509TrustManager tm = new X509TrustManager() {
			// public X509Certificate[] getAcceptedIssuers() {
			// return null;
			// }
			//
			// public void checkClientTrusted(X509Certificate[] xcs, String str) {
			//
			// }
			//
			// public void checkServerTrusted(X509Certificate[] xcs, String str) {
			//
			// }
			// };
			// ctx.init(null, new TrustManager[] { tm }, null);
			// SSLSocketFactory ssf = new SSLSocketFactory(ctx);
			// ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
			// ClientConnectionManager ccm = httpClient.getConnectionManager();
			// SchemeRegistry registry = ccm.getSchemeRegistry();
			// registry.register(new Scheme("https", 443, ssf));
			// } catch (KeyManagementException ex) {
			// throw new RuntimeException(ex);
			// } catch (NoSuchAlgorithmException ex) {
			// throw new RuntimeException(ex);
			// }
			// }

			private static void sslClient(HttpClient httpClient) {
			/**
			* 在调用SSL之前需要重写验证方法，取消检测SSL
			* 创建ConnectionManager，添加Connection配置信息
			* @return HttpClient 支持https
			*/
			private static HttpClient sslClient() {
			try {
			SSLContext ctx = SSLContext.getInstance("TLS");
			X509TrustManager tm = new X509TrustManager() {
			public X509Certificate[] getAcceptedIssuers() {
			// 在调用SSL之前需要重写验证方法，取消检测SSL
			X509TrustManager trustManager = new X509TrustManager() {
			@Override public X509Certificate[] getAcceptedIssuers() {
			return null;
			}

			public void checkClientTrusted(X509Certificate[] xcs, String str) {

			}

			public void checkServerTrusted(X509Certificate[] xcs, String str) {

			}
			@Override public void checkClientTrusted(X509Certificate[] xcs, String str) {}
			@Override public void checkServerTrusted(X509Certificate[] xcs, String str) {}
			};
			ctx.init(null, new TrustManager[] { tm }, null);
			SSLSocketFactory ssf = new SSLSocketFactory(ctx);
			ssf.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
			ClientConnectionManager ccm = httpClient.getConnectionManager();
			SchemeRegistry registry = ccm.getSchemeRegistry();
			registry.register(new Scheme("https", 443, ssf));
			SSLContext ctx = SSLContext.getInstance(SSLConnectionSocketFactory.TLS);
			ctx.init(null, new TrustManager[] { trustManager }, null);
			SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(ctx, NoopHostnameVerifier.INSTANCE);
			// 创建Registry
			RequestConfig requestConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.STANDARD_STRICT)
			.setExpectContinueEnabled(Boolean.TRUE).setTargetPreferredAuthSchemes(Arrays.asList(AuthSchemes.NTLM, AuthSchemes.DIGEST))
			.setProxyPreferredAuthSchemes(Arrays.asList(AuthSchemes.BASIC)).build();
			Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
			.register("http", PlainConnectionSocketFactory.INSTANCE)
			.register("https",socketFactory).build();
			// 创建ConnectionManager，添加Connection配置信息
			PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry);
			CloseableHttpClient closeableHttpClient = HttpClients.custom().setConnectionManager(connectionManager)
			.setDefaultRequestConfig(requestConfig).build();
			return closeableHttpClient;
			} catch (KeyManagementException ex) {
			throw new RuntimeException(ex);
			} catch (NoSuchAlgorithmException ex) {
			throw new RuntimeException(ex);
			}
			}

			}