001// *************************************************************************************************************************** 002// * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file * 003// * distributed with this work for additional information regarding copyright ownership. The ASF licenses this file * 004// * to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance * 005// * with the License. You may obtain a copy of the License at * 006// * * 007// * http://www.apache.org/licenses/LICENSE-2.0 * 008// * * 009// * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an * 010// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the * 011// * specific language governing permissions and limitations under the License. * 012// *************************************************************************************************************************** 013package org.apache.juneau.rest.client; 014 015import static org.apache.juneau.internal.StringUtils.*; 016 017/** 018 * @deprecated Use {@link RestClientBuilder#sslSocketFactory(org.apache.http.conn.socket.LayeredConnectionSocketFactory)} and others. 019 */ 020@Deprecated 021public class SSLOpts { 022 023 private String protocols = getDefaultProtocols(); 024 private CertValidate certValidate = CertValidate.DEFAULT; 025 private HostVerify hostVerify = HostVerify.DEFAULT; 026 027 /** 028 * Reusable SSL options for lenient SSL (no cert validation or hostname verification). 029 */ 030 public static final SSLOpts LAX = new SSLOpts(null, CertValidate.LAX, HostVerify.LAX); 031 032 /** 033 * Reusable SSL options for normal SSL (default cert validation and hostname verification). 034 */ 035 public static final SSLOpts DEFAULT = new SSLOpts(null, CertValidate.DEFAULT, HostVerify.DEFAULT); 036 037 /** 038 * Constructor. 039 */ 040 public SSLOpts() {} 041 042 /** 043 * Constructor. 044 * 045 * @param protocols 046 * A comma-delimited list of supported SSL protocols. 047 * If <jk>null</jk>, uses the value returned by {@link #getDefaultProtocols()}. 048 * @param certValidate Certificate validation setting. 049 * @param hostVerify Host verification setting. 050 */ 051 public SSLOpts(String protocols, CertValidate certValidate, HostVerify hostVerify) { 052 if (protocols != null) 053 this.protocols = protocols; 054 this.certValidate = certValidate; 055 this.hostVerify = hostVerify; 056 } 057 058 /** 059 * Returns the default list of SSL protocols to support when the <code>protocols</code> parameter on the constructor 060 * is <jk>null</jk>. 061 * 062 * <p> 063 * The default value is <jk>"SSL_TLS,TLS,SSL"</js> unless overridden by one of the following system properties: 064 * <ul> 065 * <li><js>"transport.client.protocol"</js> 066 * </ul> 067 * 068 * <p> 069 * Subclasses can override this method to provide their own logic for determining default supported protocols. 070 * 071 * @return The comma-delimited list of supported protocols. 072 */ 073 protected String getDefaultProtocols() { 074 String sp = System.getProperty("transport.client.protocol"); 075 if (isEmpty(sp)) 076 sp = "SSL_TLS,TLS,SSL"; 077 return sp; 078 } 079 080 081 //-------------------------------------------------------------------------------- 082 // Bean properties 083 //-------------------------------------------------------------------------------- 084 085 /** 086 * Bean property getter: <property>protocols</property>. 087 * 088 * @return The value of the <property>protocols</property> property on this bean, or <jk>null</jk> if it is not set. 089 */ 090 public String getProtocols() { 091 return protocols; 092 } 093 094 /** 095 * Bean property setter: <property>protocols</property>. 096 * 097 * @param protocols The new value for the <property>protocols</property> property on this bean. 098 * @return This object (for method chaining). 099 */ 100 public SSLOpts setProtocols(String protocols) { 101 this.protocols = protocols; 102 return this; 103 } 104 105 /** 106 * Bean property getter: <property>certValidate</property>. 107 * 108 * @return The value of the <property>certValidate</property> property on this bean, or <jk>null</jk> if it is not set. 109 */ 110 public CertValidate getCertValidate() { 111 return certValidate; 112 } 113 114 /** 115 * Bean property setter: <property>certValidate</property>. 116 * 117 * @param certValidate The new value for the <property>certValidate</property> property on this bean. 118 * @return This object (for method chaining). 119 */ 120 public SSLOpts setCertValidate(CertValidate certValidate) { 121 this.certValidate = certValidate; 122 return this; 123 } 124 125 /** 126 * Bean property getter: <property>hostVerify</property>. 127 * 128 * @return The value of the <property>hostVerify</property> property on this bean, or <jk>null</jk> if it is not set. 129 */ 130 public HostVerify getHostVerify() { 131 return hostVerify; 132 } 133 134 /** 135 * Bean property setter: <property>hostVerify</property>. 136 * 137 * @param hostVerify The new value for the <property>hostVerify</property> property on this bean. 138 * @return This object (for method chaining). 139 */ 140 public SSLOpts setHostVerify(HostVerify hostVerify) { 141 this.hostVerify = hostVerify; 142 return this; 143 } 144 145 146 //-------------------------------------------------------------------------------- 147 // Enums 148 //-------------------------------------------------------------------------------- 149 150 /** 151 * Certificate validation options. 152 * 153 * <p> 154 * Used as enum for {@link SSLOpts#getCertValidate()} property. 155 */ 156 public static enum CertValidate { 157 158 /** 159 * Verify that the certificate is valid, but allow for self-signed certificates. 160 */ 161 LAX, 162 163 /** 164 * Do normal certificate chain validation. 165 */ 166 DEFAULT 167 } 168 169 /** 170 * Certificate host verification options. 171 * 172 * <p> 173 * Used as enum for {@link SSLOpts#getHostVerify()} property. 174 */ 175 public enum HostVerify { 176 177 /** 178 * Don't verify the hostname in the certificate. 179 */ 180 LAX, 181 182 /** 183 * Do normal hostname verification. 184 */ 185 DEFAULT 186 } 187}