org.codice.ddf.cxf

Class SecureCxfClientFactory<T>

java.lang.Object

org.codice.ddf.cxf.SecureCxfClientFactory<T>

public class SecureCxfClientFactory<T>
extends Object

This factory helps construct clients for secure restful communication. For now, the getForSubject methods should only be used to support DDF<->DDF interop, because:

1. Most non-DDF systems do not know how to handle SAML assertions in the auth header.

Constructor Summary

Constructors

Constructor and Description
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass)
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass, List<?> providers, org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor, boolean disableCnCheck, boolean allowRedirects)
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass, List<?> providers, org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor, boolean disableCnCheck, boolean allowRedirects, Integer connectionTimeout, Integer receiveTimeout) Constructs a factory that will return security-aware cxf clients.
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass, List<?> providers, org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor, boolean disableCnCheck, boolean allowRedirects, Integer connectionTimeout, Integer receiveTimeout, String username, String password) Constructs a factory that will return security-aware cxf clients.
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass, List<?> providers, org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor, boolean disableCnCheck, boolean allowRedirects, PropertyResolver propertyResolver) Constructs a factory that will return security-aware cxf clients.
SecureCxfClientFactory(String endpointUrl, Class<T> interfaceClass, String username, String password)

Method Summary

Modifier and Type	Method and Description
void	addOutInterceptors(org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> inteceptor)
protected void	configureTimeouts(org.apache.cxf.jaxrs.client.ClientConfiguration clientConfiguration, Integer connectionTimeout, Integer receiveTimeout) Configures the connection and receive timeouts.
T	getClient()
T	getClientForSubject(org.apache.shiro.subject.Subject subject) Clients produced by this method will be secured with two-way ssl and the provided security subject.
org.apache.cxf.jaxrs.client.WebClient	getWebClient()
org.apache.cxf.jaxrs.client.WebClient	getWebClientForSubject(org.apache.shiro.subject.Subject subject) Convenience method to get a WebClient instead of a ClientProxyImpl.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass)

See Also:

SecureCxfClientFactory(String, Class, java.util.List, Interceptor, boolean, boolean)

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass,
                              String username,
                              String password)

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass,
                              List<?> providers,
                              org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor,
                              boolean disableCnCheck,
                              boolean allowRedirects)

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass,
                              List<?> providers,
                              org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor,
                              boolean disableCnCheck,
                              boolean allowRedirects,
                              PropertyResolver propertyResolver)

Constructs a factory that will return security-aware cxf clients. Once constructed, use the getClient* methods to retrieve a fresh client with the same configuration. Providing WebClient to interfaceClass will create a generic web client.

This factory can and should be cached. The clients it constructs should not be.

Parameters:

endpointUrl - the remote url to connect to

interfaceClass - an interface representing the resource at the remote url

providers - optional list of providers to further configure the client

interceptor - optional message interceptor for the client

disableCnCheck - disable ssl check for common name / host name match

allowRedirects - allow this client to follow redirects

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass,
                              List<?> providers,
                              org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor,
                              boolean disableCnCheck,
                              boolean allowRedirects,
                              Integer connectionTimeout,
                              Integer receiveTimeout)

Constructs a factory that will return security-aware cxf clients. Once constructed, use the getClient* methods to retrieve a fresh client with the same configuration. Providing WebClient to interfaceClass will create a generic web client.

This factory can and should be cached. The clients it constructs should not be.

Parameters:

endpointUrl - the remote url to connect to

interfaceClass - an interface representing the resource at the remote url

providers - optional list of providers to further configure the client

interceptor - optional message interceptor for the client

disableCnCheck - disable ssl check for common name / host name match

allowRedirects - allow this client to follow redirects

connectionTimeout - timeout for the connection

receiveTimeout - timeout for receiving responses

SecureCxfClientFactory

public SecureCxfClientFactory(String endpointUrl,
                              Class<T> interfaceClass,
                              List<?> providers,
                              org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> interceptor,
                              boolean disableCnCheck,
                              boolean allowRedirects,
                              Integer connectionTimeout,
                              Integer receiveTimeout,
                              String username,
                              String password)

Constructs a factory that will return security-aware cxf clients. Once constructed, use the getClient* methods to retrieve a fresh client with the same configuration. Providing WebClient to interfaceClass will create a generic web client.

This factory can and should be cached. The clients it constructs should not be.

This constructor represents a quick fix only.

Parameters:

endpointUrl - the remote url to connect to

interfaceClass - an interface representing the resource at the remote url

providers - optional list of providers to further configure the client

interceptor - optional message interceptor for the client

disableCnCheck - disable ssl check for common name / host name match

allowRedirects - allow this client to follow redirects

connectionTimeout - timeout for the connection

receiveTimeout - timeout for receiving responses

username - a String representing the username

password - a String representing a password

Method Detail

getClient

public T getClient()

getWebClient

public org.apache.cxf.jaxrs.client.WebClient getWebClient()

getClientForSubject

public T getClientForSubject(org.apache.shiro.subject.Subject subject)

Clients produced by this method will be secured with two-way ssl and the provided security subject.

The returned client should NOT be reused between requests! This method should be called for each new request in order to ensure that the security token is up-to-date each time.

getWebClientForSubject

public org.apache.cxf.jaxrs.client.WebClient getWebClientForSubject(org.apache.shiro.subject.Subject subject)

Convenience method to get a WebClient instead of a ClientProxyImpl.

See Also:

getClientForSubject(Subject subject)

configureTimeouts

protected void configureTimeouts(org.apache.cxf.jaxrs.client.ClientConfiguration clientConfiguration,
                                 Integer connectionTimeout,
                                 Integer receiveTimeout)

Configures the connection and receive timeouts. If any of the parameters are null, the timeouts will be set to the system default.

Parameters:

clientConfiguration - Client configuration used for outgoing requests.

connectionTimeout - Connection timeout in milliseconds.

receiveTimeout - Receive timeout in milliseconds.

addOutInterceptors

public void addOutInterceptors(org.apache.cxf.interceptor.Interceptor<? extends org.apache.cxf.message.Message> inteceptor)