HttpClient 4.3 had three static variables in org.apache.http.conn.ssl.SSLConnectionSocketFactory
:
When upgrading the dependency to version 4.4 of HttpClient, I see that all the above constants are deprecated. The deprecation note in JavaDoc mentioned to use org.apache.http.conn.ssl.DefaultHostnameVerifier
. Reading the docs, I assume that DefaultHostnameVerifier
is a direct replacement to STRICT_HOSTNAME_VERIFIER
. Also the ALLOW_ALL__HOSTNAME_VERIFIER
is easy to implement:
package org.wiztools.restclient.http;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
/**
*
* @author subwiz
*/
public class AllowAllHostnameVerifier implements HostnameVerifier {
@Override
public boolean verify(String string, SSLSession ssls) {
return true;
}
}
There is a subtle distinction between the STRICT_HOSTNAME_VERIFIER
and BROWSER_COMPATIBLE_HOSTNAME_VERIFIER
(from JavaDoc):
The only difference between BROWSER_COMPATIBLE and STRICT is that a wildcard (such as "*.foo.com") with BROWSER_COMPATIBLE matches all subdomains, including "a.b.foo.com".
Do we have a readily available BROWSER_COMPATIBLE
hostname verifier for httpclient 4.4?
Actually, the javadoc of AllowAllHostnameVerifier gives a direct replacement for ALLOW_ALL__HOSTNAME_VERIFIER
, which is NoopHostnameVerifier .
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With