13.9.14. Configuring the HttpClient

You configure the HttpClient by specifying a set of properties. Here is an example configuration file:
  • EasySSLProtocolSocketFactory can be used to create SSL connections that allow the target server to authenticate with a self-signed certificate.
  • StrictSSLProtocolSocketFactory can be used to create SSL connections that can optionally perform host name verification in order to help preventing man-in-the-middle type of attacks.
  • AuthSSLProtocolSocketFactory can be used to optionally enforce mutual client/server authentication. This is the most flexible implementation of a protocol socket factory. It allows for customization of most, if not all, aspects of the SSL authentication.
The only property that the HttpClientFactory requires is configurators, which specifies a comma-separated list of configurator implementations. Each configurator implementation configures different aspects of the HttpClient instance, extending the org.jboss.soa.esb.http.Configurator class and providing a configure(HttpClient, Properties) method.

Table 13.31. Out-of-the-box implementations

Configurator Description Required
HttpProtocol
Configure the HttpClient host, port and protocol information, including the socket factory and SSL keystore information.
Yes
AuthBasic
Configure HTTP Basic authentication for the HttpClient.
No
AuthNTLM
Configure NTLM authentication for the HttpClient.
No

Additional configurators can be created and configured by appending their class names to the list specified in the configurators property.
Configuration of the HTTP transport properties:

Table 13.32. Properties

Property Description Required
HttpProtocol
Configure the HttpClient host, port and protocol information, including the socket factory and SSL keystore information.
Yes
target-host-url
Target URL for http/https endpoint
Yes
https.proxyHost
Proxy Host for https connections
No
https.proxyPort
Proxy Port for https connections, defaulting to port 443
No
http.proxyHost
Proxy Host for http connections
No
http.proxyPort
Proxy Port for http connections, defaulting to port 80
No
protocol-socket-factory
Override socket factory, implementing the ProtocolSocketFactory or ProtocolSocketFactoryBuilder interface.
The default value for http is the httpclient DefaultProtocolSocketFactory whereas the default value for https is the contributed StrictSSLProtocolSocketFactory.
There are two implementations of ProtocolSocketFactoryBuilder provided in the ESB codebase, AuthSSLProtocolSocketFactoryBuilder and SelfSignedSSLProtocolSocketFactoryBuilder, for configuring the AuthSSLProtocolSocketFactory factory and self signed SSLContext respectively.
No
keystore
KeyStore location
No
keystore-passw
KeyStore password or encrypted file
No
keystore-type
KeyStore type, defaulting to jks
No
truststore
TrustStore location
No
truststore-passw
TrustStore password or encrypted file
No
truststore-type
TrustStore type, defaulting to jks
No

Configuration of the HTTP Basic Authentication properties:

Table 13.33. Properties

Property Description Required
auth-username
Authentication Username
Yes
auth-password
Authentication Password
Yes
authscope-host
Authentication Scope Host
Yes
authscope-port
Authentication Scope Port
Yes
authscope-domain
Authentication Scope Domain
Yes

Configuration of the HTTP Basic Authentication NTLM properties:

Table 13.34. Properties

Property Description Required
ntauth-username
Authentication Username
Yes
ntauth-password
Authentication Password
Yes
ntauthscope-host
Authentication Scope Host
Yes
ntauthscope-port
Authentication Scope Port
Yes
ntauthscope-domain
Authentication Scope Domain
Yes
ntauthscope-realm
Authentication Scope Realm
No