Skip to content
Snippets Groups Projects
Commit 644d4a63 authored by NOUMANE's avatar NOUMANE Committed by Makhtar DIAGNE
Browse files

[US TRTL-246] feedback PR : modification of SSL configuration for Interco

parent bffa9448
No related branches found
No related tags found
No related merge requests found
......@@ -46,9 +46,6 @@ import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import org.springframework.http.client.reactive.ClientHttpConnector;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.util.Assert;
......@@ -56,6 +53,9 @@ import org.springframework.util.ResourceUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.reactive.function.client.WebClient;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManagerFactory;
import fr.gouv.vitamui.commons.api.exception.ApplicationServerException;
import fr.gouv.vitamui.commons.api.logger.VitamUILogger;
import fr.gouv.vitamui.commons.api.logger.VitamUILoggerFactory;
......@@ -150,8 +150,14 @@ public class BaseWebClientFactory implements WebClientFactory {
SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
sslContextBuilder = sslContextBuilder.clientAuth(ClientAuth.NONE);
if (ks != null && restClientConfig.isKeystoreNeeded()) {
sslContextBuilder = sslContextBuilder.keyManager(createKeyManagerFactory(ks.getType(), ks.getKeyPath(), ks.getKeyPassword().toCharArray()));
if (restClientConfig.isNoClientAuthentication()) {
LOGGER.warn("By deactivating the authentication client we deprive ourselves of two-way authentication.");
} else {
if (ks != null) {
sslContextBuilder = sslContextBuilder.keyManager(createKeyManagerFactory(ks.getType(), ks.getKeyPath(), ks.getKeyPassword().toCharArray()));
}
}
if (restClientConfig.getSslConfiguration().isHostnameVerification()) {
......
......@@ -59,7 +59,7 @@ public class RestClientConfiguration {
private boolean secure;
private boolean keystoreNeeded = true;
private boolean noClientAuthentication = false;
private SSLConfiguration sslConfiguration;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment