user1605665
user1605665

Reputation: 4161

Download file over HTTPS and SSO in groovy avoiding server certificate validation

I want to download a file in groovy over a connection that is both using single sign on (SSO) over HTTPS (SSL) is there an easy way to do this. I'm not intending to build a full blown application so security is not as much of a concern.

def data =  new URL("https://server/context/servlet?param1=value1").getText()
print data

I currently do the download using curl but would ideally not have to call curl. current used call below.

curl --negotiate -u user:pass -L --insecure -o filename.txt  "https://server/context/servlet?param1=value1" 

enter image description here

Two key points to the solution i'm looking for - It does not involve making a system call to curl - It does not include manually setting up a certificate.

Would consider libraries.

Upvotes: 0

Views: 749

Answers (1)

albciff
albciff

Reputation: 18517

To avoid the SSL PKIX validation check, in Groovy, you can implement a X509TrustManager in the same way that you do it in Java.

Note that this disable the validation server certificate validation, therefore it's a security risk:

import javax.net.ssl.*
    
// create a TrustManager to avoid PKIX path validation
def trustManager = [
  checkClientTrusted: { chain, authType ->  },
  checkServerTrusted: { chain, authType ->  },
  getAcceptedIssuers: { null }
] as X509TrustManager

// creat a sslCtx to use "lax" trustManager     
def context = SSLContext.getInstance("TLS")
context.init(null, [trustManager] as TrustManager[], null)
// set as default ssl context   
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory())

// finally you can connect to the server "insecurely"
def data =  new URL("https://server/context/servlet?param1=value1").getText()
print data

About your second question, to provide a basic authentication like curl does with --user argument, you can set a default user/password for your connections using Authenticator class:

Authenticator.setDefault (new Authenticator() {
    protected PasswordAuthentication getPasswordAuthentication() {
        return new PasswordAuthentication ("user", "pass".toCharArray())
    }
})

Note that is possible to do so on other ways in Groovy using some libraries, but this is a possible way using standard Java classes.

Upvotes: 1

Related Questions