001/**
002 *
003 * Licensed to the Apache Software Foundation (ASF) under one or more
004 * contributor license agreements.  See the NOTICE file distributed with
005 * this work for additional information regarding copyright ownership.
006 * The ASF licenses this file to You under the Apache License, Version 2.0
007 * (the "License"); you may not use this file except in compliance with
008 * the License.  You may obtain a copy of the License at
009 *
010 * http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software
013 * distributed under the License is distributed on an "AS IS" BASIS,
014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
015 * See the License for the specific language governing permissions and
016 * limitations under the License.
017 */
018package org.apache.activemq.transport.https;
019
020import java.io.IOException;
021import java.net.URI;
022
023import org.apache.activemq.broker.SslContext;
024import org.apache.activemq.transport.http.HttpClientTransport;
025import org.apache.activemq.transport.util.TextWireFormat;
026import org.apache.activemq.util.IOExceptionSupport;
027import org.apache.http.conn.ClientConnectionManager;
028import org.apache.http.conn.scheme.Scheme;
029import org.apache.http.conn.scheme.SchemeRegistry;
030import org.apache.http.conn.ssl.SSLSocketFactory;
031import org.apache.http.impl.conn.PoolingClientConnectionManager;
032
033public class HttpsClientTransport extends HttpClientTransport {
034
035    public HttpsClientTransport(TextWireFormat wireFormat, URI remoteUrl) {
036        super(wireFormat, remoteUrl);
037    }
038
039    @Override
040    protected ClientConnectionManager createClientConnectionManager() {
041        PoolingClientConnectionManager connectionManager = new PoolingClientConnectionManager(createSchemeRegistry());
042        return connectionManager;
043    }
044
045    private SchemeRegistry createSchemeRegistry() {
046
047        SchemeRegistry schemeRegistry = new SchemeRegistry();
048        try {
049            SSLSocketFactory sslSocketFactory = new SSLSocketFactory(createSocketFactory(),
050                    SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
051            schemeRegistry.register(new Scheme("https", getRemoteUrl().getPort(), sslSocketFactory));
052            return schemeRegistry;
053        } catch (Exception e) {
054            throw new IllegalStateException("Failure trying to create scheme registry", e);
055        }
056    }
057
058    /**
059     * Creates a new SSL SocketFactory. The given factory will use user-provided
060     * key and trust managers (if the user provided them).
061     *
062     * @return Newly created (Ssl)SocketFactory.
063     * @throws IOException
064     */
065    protected javax.net.ssl.SSLSocketFactory createSocketFactory() throws IOException {
066        if (SslContext.getCurrentSslContext() != null) {
067            SslContext ctx = SslContext.getCurrentSslContext();
068            try {
069                return ctx.getSSLContext().getSocketFactory();
070            } catch (Exception e) {
071                throw IOExceptionSupport.create(e);
072            }
073        } else {
074            return (javax.net.ssl.SSLSocketFactory) javax.net.ssl.SSLSocketFactory.getDefault();
075        }
076
077    }
078}