org.forgerock.openig.handler

Class ClientHandler

java.lang.Object

org.forgerock.openig.handler.ClientHandler

All Implemented Interfaces:

org.forgerock.http.Handler

public class ClientHandler
extends Object
implements org.forgerock.http.Handler

Submits requests to remote servers. In this implementation, requests are dispatched through a CHF HttpClient.

   
   {
     "name": "ClientHandler",
     "type": "ClientHandler",
     "config": {
       "connections": 64,
       "disableReuseConnection": true,
       "disableRetries": true,
       "hostnameVerifier": "ALLOW_ALL",
       "sslContextAlgorithm": "TLS",
       "soTimeout": "10 seconds",
       "connectionTimeout": "10 seconds",
       "numberOfWorkers": 6,
       "keyManager": [ "RefToKeyManager", ... ],
       "trustManager": [ "RefToTrustManager", ... ],
       "sslEnabledProtocols": [ "SSLv2", ... ],
       "sslCipherSuites": [ "TLS_DH_anon_WITH_AES_256_CBC_SHA256", ... ],
       "temporaryStorage": {reference to or inline declaration of a TemporaryStorage}
     }
   }
   
 

Note: This implementation does not verify hostnames for outgoing SSL connections by default. This is because the gateway will usually access the SSL endpoint using a raw IP address rather than a fully-qualified hostname.
It's possible to override this behavior using the hostnameVerifier attribute (case is not important, but unknown values will produce an error).
Accepted values are:

• ALLOW_ALL (the default)
• STRICT

The sslContextAlgorithm optional attribute used to set the SSL Context Algorithm for SSL/TLS connections, it defaults to TLS. See the JavaSE docs for the full list of supported values.
The keyManager and trustManager optional attributes are referencing a list of KeyManager (and TrustManager respectively). They support singleton value (use a single reference) as well as multi-valued references (a list):

 
     "keyManager": "SingleKeyManagerReference",
     "trustManager": [ "RefOne", "RefTwo" ]
 
 

The soTimeout optional attribute specifies a socket timeout (the given amount of time a connection will live before being considered a stalled and automatically destroyed). It defaults to 10 seconds.
The connectionTimeout optional attribute specifies a connection timeout (the given amount of time to wait until the connection is established). It defaults to 10 seconds.

The numberOfWorkers optional attribute specifies the number of threads dedicated to process outgoing requests. It defaults to the number of CPUs available to the JVM. This attribute is only used if an asynchronous Http client engine is used (that is the default).

The sslEnabledProtocols optional attribute specifies the protocol versions to be enabled for use on the connection.

The sslCipherSuites optional attribute specifies cipher suite names used by the SSL connection.

See Also:

Duration, KeyManagerHeaplet, TrustManagerHeaplet

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ClientHandler.Heaplet Creates and initializes a client handler in a heap environment.

Constructor Summary

Constructors

Constructor and Description
ClientHandler(org.forgerock.http.Handler delegate) Creates a new client handler.

Method Summary

Modifier and Type	Method and Description
org.forgerock.util.promise.Promise<org.forgerock.http.protocol.Response,org.forgerock.util.promise.NeverThrowsException>	handle(org.forgerock.services.context.Context context, org.forgerock.http.protocol.Request request)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

ClientHandler

public ClientHandler(org.forgerock.http.Handler delegate)

Creates a new client handler.

Parameters:

delegate - The HTTP Handler delegate.

Method Detail

handle

public org.forgerock.util.promise.Promise<org.forgerock.http.protocol.Response,org.forgerock.util.promise.NeverThrowsException> handle(org.forgerock.services.context.Context context,
                                                                                                                                       org.forgerock.http.protocol.Request request)

Specified by:

handle in interface org.forgerock.http.Handler