CODEWITHSUNDEEP
javaspringspring-bootsslspring-webflux
Ulfnir
Ulfnir

Reputation: 11

Disable webclient ssl validation springboot 2.0.4

On springboot 2.1 you can disable webclient ssl validation using snippet below, but how do you do this on springboot 2.0? Where the ReactorClientHttpConnector does not have this constructor that accpets the HttpClient, instead it has the constructor below

public ReactorClientHttpConnector(Consumer<? super HttpClientOptions.Builder> clientOptions) {
        this.httpClient = HttpClient.create(clientOptions);
    }

Snipppet below works on 2.1 but not on 2.0

SslContext context = SslContextBuilder.forClient()
            .trustManager(InsecureTrustManagerFactory.INSTANCE)
            .build();
HttpClient httpClient = HttpClient.create().secure(t -> t.sslContext(context));
WebClient.builder()
            .clientConnector(new ReactorClientHttpConnector(httpClient))

Upvotes: 1

Views: 1845

Answers (1)

Andreas
Andreas

Reputation: 5309

The api evolved a bit between 2.0 and 2.1. Find below a sample that works with 2.0.4:

package com.example.webclienttest;

import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import javax.net.ssl.SSLException;
import org.junit.Test;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.web.reactive.function.client.WebClient;

public class WebClientTest {

  @Test
  public void test() throws SSLException {
    SslContext context = SslContextBuilder.forClient()
        .trustManager(InsecureTrustManagerFactory.INSTANCE).build();
    WebClient webClient = WebClient.builder()
        .clientConnector(new ReactorClientHttpConnector(builder -> builder.sslContext(context)))
        .build();
    String stringMono = webClient.get().uri("https://expired.badssl.com/").retrieve()
        .bodyToMono(String.class).block();
    System.out.println(stringMono);
  }
}

Upvotes: 1

Related Questions