security/sslclient/SSLClient.java

SSLClient.java

001 package examples.security.sslclient;
002
003 import java.io.*;
004 import java.net.URL;
005 import java.security.Provider;
006 import javax.servlet.ServletOutputStream;
007
008 /**
009  * SSLClient is a short example of how to use the SSL library of WebLogic
010  * to make outgoing SSL connections. It shows both how to do this from
011  * a stand-alone application as well as from within WebLogic (in a Servlet).
012  * <p/>
013  * Be carefull to notice that the WebLogic Server, when making an
014  * outgoing SSL connection, will use that instance of the server's
015  * certificate. When communicating to either the same or another
016  * WebLogic Server with two-way SSL, the originating server's
017  * certificate will be verified against the client root CA list in
018  * the receiving WebLogic Server.
019  *
020  * @author Copyright (c) 1999,2009, Oracle and/or its affiliates. All Rights Reserved.
021  */
022 public class SSLClient {
023
024   public void SSLClient() {
025   }
026
027   public static void main(String[] argv) throws Exception {
028     if (!(argv.length == 4 || argv.length == 5) || !argv[0].equals("wls")) {
029       log("example: java SSLClient wls localhost 7001 7002 /examplesWebApp/SnoopServlet.jsp");
030       return;
031     }
032
033     SSLClient client = new SSLClient();
034     try {
035       log("----");
036       if (argv.length == 5) {
037         if (argv[0].equals("wls"))
038           client.wlsURLConnect(argv[1], argv[2], argv[3], argv[4], System.out);
039
040       } else {  // for null query, default page returned...
041         if (argv[0].equals("wls"))
042           client.wlsURLConnect(argv[1], argv[2], argv[3], null, System.out);
043       }
044
045       log("----");
046     } catch (Exception e) {
047       System.err.println("An exception occurred: " + e.getMessage());
048       client.printSecurityProviders(System.out);
049       log("----");
050     }
051
052   }
053
054   private void printOut(String outstr, OutputStream stream) throws Exception {
055     if (stream instanceof PrintStream) {
056       ((PrintStream) stream).print(outstr);
057       return;
058     } else if (stream instanceof ServletOutputStream) {
059       try {
060         ((ServletOutputStream) stream).print(outstr);
061         return;
062       } catch (IOException ioe) {
063         log(" IOException: " + ioe.getMessage());
064         throw ioe;
065       }
066     }
067     System.out.print(outstr);
068   }
069
070   private void printSecurityProviders(OutputStream stream) throws Exception {
071     StringBuffer outstr = new StringBuffer();
072     outstr.append(" JDK Protocol Handlers and Security Providers:\n");
073     outstr.append("   java.protocol.handler.pkgs - ");
074     outstr.append(System.getProperties().getProperty("java.protocol.handler.pkgs"));
075     outstr.append("\n");
076     Provider[] provs = java.security.Security.getProviders();
077     for (int i = 0; i < provs.length; i++)
078       outstr.append("   provider[" + i + "] - " + provs[i].getName() +
079           " - " + provs[i].getInfo() + "\n");
080     outstr.append("\n");
081     printOut(outstr.toString(), stream);
082   }
083
084   private void tryConnection(java.net.HttpURLConnection connection,
085                              OutputStream stream)
086       throws Exception {
087     connection.connect();
088
089     String responseStr = "\t\t" +
090         connection.getResponseCode() + " -- " +
091         connection.getResponseMessage() + "\n\t\t" +
092         connection.getContent().getClass().getName() + "\n";
093
094     connection.disconnect();
095
096     printOut(responseStr, stream);
097   }
098
099
100   /*
101    * This method contains an example of how to use the URL and
102    *  URLConnection objects to create a new SSL connection, using
103    *  WebLogic SSL client classes.
104    */
105   public void wlsURLConnect(String host, String port,
106                             String sport, String query,
107                             OutputStream out)
108       throws Exception {
109     try {
110
111       if (query == null)
112         query = "/examplesWebApp/index.jsp";
113
114       // The following protocol registeration is taken care of in the
115       //  normal startup sequence of WebLogic. It can be turned off
116       //  using the console SSL panel.
117       //
118       // We duplicate it here as a proof of concept in a stand alone
119       //  java application. Using the URL object for a new connection
120       //  inside of WebLogic would work as expected.
121       java.util.Properties p = System.getProperties();
122       String s = p.getProperty("java.protocol.handler.pkgs");
123       if (s == null) {
124         s = "weblogic.net";
125       } else if (s.indexOf("weblogic.net") == -1) {
126         s += "|weblogic.net";
127       }
128       p.put("java.protocol.handler.pkgs", s);
129       System.setProperties(p);
130       printSecurityProviders(out);
131       // end of protocol registration
132
133
134       printOut(" Trying a new HTTP connection using WLS client classes - \n\thttp://" +
135           host + ":" + port + query + "\n", out);
136       URL wlsUrl = null;
137       try {
138         wlsUrl = new URL("http", host, Integer.valueOf(port).intValue(), query);
139         weblogic.net.http.HttpURLConnection connection =
140             new weblogic.net.http.HttpURLConnection(wlsUrl);
141         tryConnection(connection, out);
142       } catch (Exception e) {
143         printOut(e.getMessage(), out);
144         printSecurityProviders(System.out);
145         log("----");
146       }
147
148       printOut(" Trying a new HTTPS connection using WLS client classes - \n\thttps://" +
149           host + ":" + sport + query + "\n", out);
150       wlsUrl = new URL("https", host, Integer.valueOf(sport).intValue(), query);
151       weblogic.net.http.HttpsURLConnection sconnection =
152           new weblogic.net.http.HttpsURLConnection(wlsUrl);
153
154       // Only when one has a two-way SSL connection, i.e. ClientCertificateEnforced is selected
155       // in the server under the SSL tab, the following private key and the client cert chain is used.
156
157
158       File ClientKeyFile = new File("clientkey.pem");
159       File ClientCertsFile = new File("client2certs.pem");
160       if (!ClientKeyFile.exists() || !ClientCertsFile.exists()) {
161         log("Error : clientkey.pem/client2certs.pem is not present in this directory.");
162         log("To create it run - ant createmycerts.");
163         System.exit(0);
164       }
165
166       InputStream[] ins = new InputStream[2];
167       ins[0] = new FileInputStream("client2certs.pem");
168       ins[1] = new FileInputStream("clientkey.pem");
169       String pwd = "clientkey";
170       sconnection.loadLocalIdentity(ins[0], ins[1], pwd.toCharArray());
171
172
173       tryConnection(sconnection, out);
174
175     } catch (Exception ioe) {
176       printOut(ioe.getMessage(), out);
177     }
178   }
179
180   private static void log(String str) {
181     System.out.println(str);
182   }
183 }