users@jersey.java.net

[Jersey] Skip SSL Config - Glassfish jersey client

From: karthick r <karthikch53_at_gmail.com>
Date: Wed, 2 Apr 2014 12:23:26 +0530

Hi Team,
Earlier, I was using Sun's jersey client to test my rest end points. I used
this to skip ssl validations https://gist.github.com/outbounder/1069465
Now, I have a requirement to use Glassfish's jersey 2.x client apis.
Is there a way to skip the ssl configuration ? I am not concerned about
security as this is going to run in a test environment. I tried setting the
ssl config to make use of the default settings. No luck with that.

What am I missing?

Dependencies
<dependency>
            <groupId>org.glassfish.jersey.core</groupId>
            <artifactId>jersey-client</artifactId>
            <version>2.5.1</version>
        </dependency>
        <dependency>
            <groupId>org.glassfish.jersey.connectors</groupId>
            <artifactId>jersey-apache-connector</artifactId>
            <version>2.5.1</version>
        </dependency>
        <dependency>
            <groupId>org.glassfish.jersey</groupId>
            <artifactId>jax-rs-ri</artifactId>
            <version>2.0-rc1</version>
        </dependency>

public static Client getClient() throws NoSuchAlgorithmException,
KeyManagementException{
        TrustManager[] trustAllCerts = new TrustManager[] {
                new X509TrustManager() {

                    public java.security.cert.X509Certificate[]
getAcceptedIssuers() {
                         return new X509Certificate[0];
                    }

                    public void
checkServerTrusted(java.security.cert.X509Certificate[] arg0,
                            String arg1) throws CertificateException {

                    }

                    public void
checkClientTrusted(java.security.cert.X509Certificate[] arg0,
                            String arg1) throws CertificateException {

                    }
                }};

         HostnameVerifier hv = new HostnameVerifier() {
                public boolean verify(String hostname, SSLSession session)
{
                    return true; }
              };

        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, trustAllCerts, new SecureRandom());

        ClientConfig c = new ClientConfig();
        c.register(LoggingFilter.class);

        Client client = new
JerseyClientBuilder().sslContext(sc).withConfig(c).hostnameVerifier(hv).build();
        return client;
-- 
regards,
r.karthick