Ask Question
« General Questions on Nuxeo

Java Automation Client over SSL

This post is kind of a copy paste from this resource.

If you're running nuxeo platform over https, you may face this exception the first time you try HttpAutomationClient, following the example provided in REST API documentation :

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated

Here is how i went through it and finally could have fun with AutomationClient :

First, you need a wrapper class to update the HttpClient reference of your HttpAutomationClient :

import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

public class SSLClientWrapper {

    @SuppressWarnings("deprecation")
    public static HttpClient wrapClient(HttpClient client) {

        DefaultHttpClient clientReference = null;

        try {
            SSLContext context = SSLContext.getInstance("TLS");
            X509TrustManager trustManager = new X509TrustManager() {

                public void checkClientTrusted(X509Certificate[] xcs, String string) {
                }

                public void checkServerTrusted(X509Certificate[] xcs, String string) {
                }

                public X509Certificate[] getAcceptedIssuers() {
                    return null;
                }
            };
            context.init(null, new TrustManager[]{trustManager}, null);
            SSLSocketFactory socketFactory = new SSLSocketFactory(context);
            socketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
            ClientConnectionManager connectionManager = client.getConnectionManager();
            SchemeRegistry schemeRegistry = connectionManager.getSchemeRegistry();
            schemeRegistry.register(new Scheme("https", socketFactory, 443));
            clientReference = new DefaultHttpClient(connectionManager,client.getParams());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();

        } catch (KeyManagementException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
        return clientReference;
    }
}

Then you just need to use the static method to update Nuxeo HttpAutomationClient HttpClient reference :

        HttpAutomationClient client = new HttpAutomationClient("https://my-server.com/nuxeo/site/automation"); 
        SSLClientWrapper.wrapClient(client.http()); 
        Session session = client.getSession("user", "pass");

(Of course you will need to update authentication with a correct user and password)

Hope this helps,

Antoine

Antoine Cordier
Member (2.7K)   3   5   7 		01/11/2013 ( History)
2 votes
0 answers
2909 views
ANSWER
Laurent Doguin
Thank you Antoine!
01/14/2013
Antoine Cordier
Niceeeeeeee, got a badge :)
01/18/2013
Follow
Tags
Linked Questions
Related Questions
How do I compose the Automation Client request for Picture.Create (in 5.4.3)
Java Automation Client used from multiple threads
Java clinet blob
session is null when trying to get it from event
How to make an event listener in nuxeo IDE
Nuxeo 5.5 + SSO Cas installation problem
Why doen't this SEAM injection work?
Problem with SecurityPolicy
Nuxeo IDE Issue