users@jersey.java.net

[Jersey] Re: Skip SSL Config - Glassfish jersey client

From: Marek Potociar <marek.potociar_at_oracle.com>
Date: Wed, 2 Apr 2014 13:34:09 +0200

Just do not invoke any SSL config related methods on the the client builder:

> Client client = ClientBuilder.newClient(c);

Marek

On 02 Apr 2014, at 08:53, karthick r <karthikch53_at_gmail.com> wrote:

> Hi Team,
> Earlier, I was using Sun's jersey client to test my rest end points. I used this to skip ssl validations https://gist.github.com/outbounder/1069465
> Now, I have a requirement to use Glassfish's jersey 2.x client apis.
> Is there a way to skip the ssl configuration ? I am not concerned about security as this is going to run in a test environment. I tried setting the ssl config to make use of the default settings. No luck with that.
>
> What am I missing?
>
> Dependencies
> <dependency>
> <groupId>org.glassfish.jersey.core</groupId>
> <artifactId>jersey-client</artifactId>
> <version>2.5.1</version>
> </dependency>
> <dependency>
> <groupId>org.glassfish.jersey.connectors</groupId>
> <artifactId>jersey-apache-connector</artifactId>
> <version>2.5.1</version>
> </dependency>
> <dependency>
> <groupId>org.glassfish.jersey</groupId>
> <artifactId>jax-rs-ri</artifactId>
> <version>2.0-rc1</version>
> </dependency>
>
> public static Client getClient() throws NoSuchAlgorithmException, KeyManagementException{
> TrustManager[] trustAllCerts = new TrustManager[] {
> new X509TrustManager() {
>
> public java.security.cert.X509Certificate[] getAcceptedIssuers() {
> return new X509Certificate[0];
> }
>
> public void checkServerTrusted(java.security.cert.X509Certificate[] arg0,
> String arg1) throws CertificateException {
>
> }
>
> public void checkClientTrusted(java.security.cert.X509Certificate[] arg0,
> String arg1) throws CertificateException {
>
> }
> }};
>
> HostnameVerifier hv = new HostnameVerifier() {
> public boolean verify(String hostname, SSLSession session) {
> return true; }
> };
>
> SSLContext sc = SSLContext.getInstance("SSL");
> sc.init(null, trustAllCerts, new SecureRandom());
>
> ClientConfig c = new ClientConfig();
> c.register(LoggingFilter.class);
>
> Client client = new JerseyClientBuilder().sslContext(sc).withConfig(c).hostnameVerifier(hv).build();
> return client;
> --
> regards,
> r.karthick
>