Examples for Using the Secure Connection Factory (SAP Library - SAP NetWeaver Composition Environment Library)

Examples for Using the Secure Connection Factory

Creating HTTPS Connections Using URLs

The following examples show how to use the secure connection factory to set up HTTPS connections. The first example shows how to establish the connection using SSL server authentication only. The second example shows the same connection using mutual authentication. The third example shows the same connection using user ID and password for the client authentication.

Using SSL Server Authentication

The following example shows how to set up the connection to the site www.mycompany.com using SSL with server authentication only. The keystore used to verify the server’s certificate is the keystore named keystoreCAs, which is located in an arbitrary location, for example, in a file in the file system.

Code Example for Establishing an HTTPS Connection Using SSL Server Authentication

Using SSL Mutual Authentication

The following example establishes the connection to www.mycompany.com using SSL with mutual authentication. The keystore used to verify the server’s certificate is the keystore named keystoreCAs. The client’s own key pair and certificate are stored in the keystore keystoreMyKeys. Both of these keystores are located in an arbitrary location, for example in a file in the file system.

Code Example for Establishing an HTTPS Connection Using SSL Mutual Authentication

//  keystoreCAs        keystore instance with trusted certificates
// ... is an arbitrary location for your keystore
KeyStore keystoreCAs = ...

//  keystoreMyKeys     keystore instance with key+certs for the
// application (for client authentication)
KeyStore keystoreMyKeys = ...

// Create factory
SecureConnectionFactory factory = new SecureConnectionFactory
    (keystoreCAs, keystoreMyKeys);

// Create the HTTPS connection
HttpURLConnection con = factory.createURLConnection
     ("https://www.mycompany.com");
// see JAVADOC for java.net.HttpURLConnection for details

Using User ID and Password for Client Authentication

The following example establishes the connection to www.mycompany.com using SSL with server authentication. To authenticate the client, it uses user ID and password.

Code Example for Using User ID and Password for Client Authentication

//  keystoreCAs        keystore instance with trusted certificates
// ... is an arbitrary location for your keystore
KeyStore keystoreCAs = ...

// Create factory
SecureConnectionFactory factory = new SecureConnectionFactory
    (keystoreCAs, null);

// Create the HTTPS connection
HttpURLConnection con = factory.createURLConnection
     ("https://www.mycompany.com");
// see JAVADOC for java.net.HttpURLConnection for details

// Set Basic Authentication Header with username and password to
// use for client authentication
com.sap.security.core.server.https.Utils.setBasicAuthenticationHeader(con, username, password);

Creating an SSL Socket Instance

The following example creates an SSL socket instance using the method createSocket. It returns a socket instance for port 443.

Code Example for Creating an SSL Socket Instance

// Create (SSL)socket
Socket socket = factory.createSocket("www.mycompany.com", 443);
// see JAVADOC for java.net.Socket for details

Additional Methods

The following example shows some of the functions available for managing the connection as follows:

● Using the method setRequestMethod, we set the HTTP request method to POST.

● Using the method connect, we connect to the site using our HTTPS connection.

● Using the method getResponseCode, we can obtain the return code to use for error handling.

● Using the Util class’s method loadAsBytes., we can read the HTML page as bytes.

Code Example for Establishing the HTTPS Connection Using a URL

// set request method if necessary (default: GET)
con.setRequestMethod("POST");

// connect
con.connect ();

// read response code
rc = con.getResponseCode ();

// read html
byte [] bhtml = Utils.loadAsBytes(con);