Package org.forgerock.openig.handler

Class ClientHandler

  • All Implemented Interfaces:
    org.forgerock.http.Handler
    public class ClientHandler
extends Object
implements org.forgerock.http.Handler
    Submits requests to remote servers. In this implementation, requests are dispatched through a CHF HttpClient. 
       
   {
     "name": "ClientHandler",
     "type": "ClientHandler",
     "config": {
       "connections": 64,
       "disableReuseConnection": true,
       "disableRetries": true,
       "hostnameVerifier": "ALLOW_ALL",
       "sslContextAlgorithm": "TLS",
       "soTimeout": "10 seconds",
       "connectionTimeout": "10 seconds",
       "numberOfWorkers": 6,
       "keyManager": [ "RefToKeyManager", ... ],
       "trustManager": [ "RefToTrustManager", ... ],
       "sslEnabledProtocols": [ "SSLv2", ... ],
       "sslCipherSuites": [ "TLS_DH_anon_WITH_AES_256_CBC_SHA256", ... ],
       "temporaryStorage": {reference to or inline declaration of a TemporaryStorage}
     }
   }
    Note: This implementation does not verify hostnames for outgoing SSL connections by default. This is because the gateway will usually access the SSL endpoint using a raw IP address rather than a fully-qualified hostname.
    It's possible to override this behavior using the hostnameVerifier attribute (case is not important, but unknown values will produce an error).
    Accepted values are:
    • ALLOW_ALL (the default)
    • STRICT

    The sslContextAlgorithm optional attribute used to set the SSL Context Algorithm for SSL/TLS connections, it defaults to TLS. See the JavaSE docs for the full list of supported values.
    The keyManager and trustManager optional attributes are referencing a list of KeyManager (and TrustManager respectively). They support singleton value (use a single reference) as well as multi-valued references (a list): 
     
     "keyManager": "SingleKeyManagerReference",
     "trustManager": [ "RefOne", "RefTwo" ]
    The soTimeout optional attribute specifies a socket timeout (the given amount of time a connection will live before being considered a stalled and automatically destroyed). It defaults to 10 seconds.
    The connectionTimeout optional attribute specifies a connection timeout (the given amount of time to wait until the connection is established). It defaults to 10 seconds.

    The numberOfWorkers optional attribute specifies the number of threads dedicated to process outgoing requests. It defaults to the number of CPUs available to the JVM. This attribute is only used if an asynchronous Http client engine is used (that is the default).

    The sslEnabledProtocols optional attribute specifies the protocol versions to be enabled for use on the connection.

    The sslCipherSuites optional attribute specifies cipher suite names used by the SSL connection.

    See Also:
    Duration, KeyManagerHeaplet, TrustManagerHeaplet

    • Nested Class Summary

      Nested Classes 
      Modifier and Type Class Description
      static class  ClientHandler.Heaplet
      Creates and initializes a client handler in a heap environment.

    • Constructor Summary

      Constructors 
      Constructor Description
      ClientHandler​(org.forgerock.http.Handler delegate)
      Creates a new client handler.

    • Constructor Detail

      • ClientHandler

        public ClientHandler​(org.forgerock.http.Handler delegate)
        Creates a new client handler.
        Parameters:
        delegate - The HTTP Handler delegate.

    • Method Detail

      • handle

        public org.forgerock.util.promise.Promise<org.forgerock.http.protocol.Response,​org.forgerock.util.promise.NeverThrowsException> handle​(org.forgerock.services.context.Context context,
                                                                                                                                             org.forgerock.http.protocol.Request request)
        Specified by:
        handle in interface org.forgerock.http.Handler