001    /*
002     * $Header$
003     * $Revision: 129 $
004     * $Date: 2007-11-14 19:21:33 -0800 (Wed, 14 Nov 2007) $
005     * 
006     * ====================================================================
007     *
008     *  Copyright 2002-2004 The Apache Software Foundation
009     *
010     *  Licensed under the Apache License, Version 2.0 (the "License");
011     *  you may not use this file except in compliance with the License.
012     *  You may obtain a copy of the License at
013     *
014     *      http://www.apache.org/licenses/LICENSE-2.0
015     *
016     *  Unless required by applicable law or agreed to in writing, software
017     *  distributed under the License is distributed on an "AS IS" BASIS,
018     *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
019     *  See the License for the specific language governing permissions and
020     *  limitations under the License.
021     * ====================================================================
022     *
023     * This software consists of voluntary contributions made by many
024     * individuals on behalf of the Apache Software Foundation.  For more
025     * information on the Apache Software Foundation, please see
026     * <http://www.apache.org/>.
027     *
028     */
029    
030    package org.apache.commons.httpclient.contrib.ssl;
031    
032    import org.apache.commons.ssl.HttpSecureProtocol;
033    import org.apache.commons.ssl.TrustMaterial;
034    
035    import java.io.IOException;
036    import java.net.Socket;
037    import java.security.GeneralSecurityException;
038    
039    /**
040     * <p/>
041     * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s
042     * that accept self-signed certificates.
043     * </p>
044     * <p/>
045     * This socket factory SHOULD NOT be used for productive systems
046     * due to security reasons, unless it is a concious decision and
047     * you are perfectly aware of security implications of accepting
048     * self-signed certificates
049     * </p>
050     * <p/>
051     * <p/>
052     * Example of using custom protocol socket factory for a specific host:
053     * <pre>
054     *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
055     * <p/>
056     *     HttpClient client = new HttpClient();
057     *     client.getHostConfiguration().setHost("localhost", 443, easyhttps);
058     *     // use relative url only
059     *     GetMethod httpget = new GetMethod("/");
060     *     client.executeMethod(httpget);
061     *     </pre>
062     * </p>
063     * <p/>
064     * Example of using custom protocol socket factory per default instead of the standard one:
065     * <pre>
066     *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
067     *     Protocol.registerProtocol("https", easyhttps);
068     * <p/>
069     *     HttpClient client = new HttpClient();
070     *     GetMethod httpget = new GetMethod("https://localhost/");
071     *     client.executeMethod(httpget);
072     *     </pre>
073     * </p>
074     *
075     * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
076     *         <p/>
077     *         <p/>
078     *         DISCLAIMER: HttpClient developers DO NOT actively support this component.
079     *         The component is provided as a reference material, which may be inappropriate
080     *         for use without additional customization.
081     *         </p>
082     */
083    
084    public class EasySSLProtocolSocketFactory extends HttpSecureProtocol {
085    
086        /**
087         * Constructor for EasySSLProtocolSocketFactory.
088         *
089         * @throws GeneralSecurityException GeneralSecurityException
090         * @throws IOException              IOException
091         */
092        public EasySSLProtocolSocketFactory()
093            throws GeneralSecurityException, IOException {
094            super();
095            super.useDefaultJavaCiphers();
096            super.setTrustMaterial(TrustMaterial.TRUST_ALL);
097            super.setCheckHostname(false);
098            super.setCheckExpiry(false);
099            super.setCheckCRL(false );
100            }
101    
102    }