Red Hat Training
A Red Hat training course is available for JBoss Enterprise SOA Platform
13.9.14. Configuring the HttpClient
You configure the HttpClient by specifying a set of properties. Here is an example configuration file:
- EasySSLProtocolSocketFactory can be used to create SSL connections that allow the target server to authenticate with a self-signed certificate.
- StrictSSLProtocolSocketFactory can be used to create SSL connections that can optionally perform host name verification in order to help preventing man-in-the-middle type of attacks.
- AuthSSLProtocolSocketFactory can be used to optionally enforce mutual client/server authentication. This is the most flexible implementation of a protocol socket factory. It allows for customization of most, if not all, aspects of the SSL authentication.
The only property that the HttpClientFactory requires is configurators, which specifies a comma-separated list of configurator implementations. Each configurator implementation configures different aspects of the HttpClient instance, extending the
org.jboss.soa.esb.http.Configurator
class and providing a configure(HttpClient, Properties)
method.
Table 13.31. Out-of-the-box implementations
Configurator | Description | Required |
---|---|---|
HttpProtocol |
Configure the HttpClient host, port and protocol information, including the socket factory and SSL keystore information.
| Yes |
AuthBasic |
Configure HTTP Basic authentication for the HttpClient.
| No |
AuthNTLM |
Configure NTLM authentication for the HttpClient.
| No |
Additional configurators can be created and configured by appending their class names to the list specified in the configurators property.
Configuration of the HTTP transport properties:
Table 13.32. Properties
Property | Description | Required |
---|---|---|
HttpProtocol |
Configure the HttpClient host, port and protocol information, including the socket factory and SSL keystore information.
| Yes |
target-host-url |
Target URL for http/https endpoint
| Yes |
https.proxyHost |
Proxy Host for https connections
| No |
https.proxyPort |
Proxy Port for https connections, defaulting to port 443
| No |
http.proxyHost |
Proxy Host for http connections
| No |
http.proxyPort |
Proxy Port for http connections, defaulting to port 80
| No |
protocol-socket-factory |
Override socket factory, implementing the
ProtocolSocketFactory or ProtocolSocketFactoryBuilder interface.
The default value for http is the httpclient
DefaultProtocolSocketFactory whereas the default value for https is the contributed StrictSSLProtocolSocketFactory .
There are two implementations of
ProtocolSocketFactoryBuilder provided in the ESB codebase, AuthSSLProtocolSocketFactoryBuilder and SelfSignedSSLProtocolSocketFactoryBuilder , for configuring the AuthSSLProtocolSocketFactory factory and self signed SSLContext respectively.
| No |
keystore |
KeyStore location
| No |
keystore-passw |
KeyStore password or encrypted file
| No |
keystore-type |
KeyStore type, defaulting to jks
| No |
truststore |
TrustStore location
| No |
truststore-passw |
TrustStore password or encrypted file
| No |
truststore-type |
TrustStore type, defaulting to jks
| No |
Configuration of the HTTP Basic Authentication properties:
Table 13.33. Properties
Property | Description | Required |
---|---|---|
auth-username |
Authentication Username
| Yes |
auth-password |
Authentication Password
| Yes |
authscope-host |
Authentication Scope Host
| Yes |
authscope-port |
Authentication Scope Port
| Yes |
authscope-domain |
Authentication Scope Domain
| Yes |
Configuration of the HTTP Basic Authentication NTLM properties:
Table 13.34. Properties
Property | Description | Required |
---|---|---|
ntauth-username |
Authentication Username
| Yes |
ntauth-password |
Authentication Password
| Yes |
ntauthscope-host |
Authentication Scope Host
| Yes |
ntauthscope-port |
Authentication Scope Port
| Yes |
ntauthscope-domain |
Authentication Scope Domain
| Yes |
ntauthscope-realm |
Authentication Scope Realm
| No |