scala - how to ignore Play Framework WS SSL certs without making my entire application insecure? -

-

newb alert! i'll try describe clear , concise.

scala 2.10.3, play 2.2.1.

i have play application gets used on https. have setting in conf/application.conf file making sure play app uses ssl (and it's been tested , it's fine):

session.secure=true

but now, want play app connect webservice, using ws library. webservice on https self-signed ssl certificate. can set following setting in conf/application.conf file don't have deal webservice certificates - i'd prefer that. (the webservice flavor of special, prefer not deal certificates @ all):

ws.acceptanycertificate=true

when set both of these true appears compile , run. dow these 2 different settings interact, overlap, and/or interfere? more secure app if use asynchttpclient, , set sslcontext?

i tried setting keymanager , keystore in conf/application.conf ws call results in sslengine error - think due me using play 2.2.1 , ssl support ws available on play 2.3.x +

note: make following kind of call using ws. need future response complete, , function return boolean value. should instead using 

def myfun : boolean = {     var ret : boolean = false     val futureresult = ws.url("https://somewhere.com").post(jsoninput) oncomplete {        case success(response) => {          ret = true       }       case failure(e) => {          log.error("badness")       }     }     ret }

ref:

how ignore ssl validation in play framework scala ws calls

https://www.playframework.com/documentation/2.2.x/scalaws

https://www.playframework.com/documentation/2.3.x/wsquickstart

you should not set ws.acceptanycertificate. , need keymanager , key store if intend client authentication.

add self signed certificate trust store instead, or define custom trust store on command line "javax.net.ssl.truststore" -- see http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/jsserefguide.html#customization details.

https://www.playframework.com/documentation/2.3.x/certificategeneration walk through how add certificate truststore.

there activator template should help: http://typesafe.com/activator/template/play-tls-example


Comments

Post a Comment

Popular posts from this blog

python - mat is not a numerical tuple : openCV error -

-
i have write down code showing error ma not getting it: please help: showing mat not numerical tuple: import cv import cv2 capture = cv2.videocapture("j.3gp") while(1): _, frame1 = capture.read() grayimage1 = cv2.cvtcolor(frame1, cv2.color_bgr2gray) _, frame2 = capture.read() grayimage2 = cv2.cvtcolor(frame2, cv2.color_bgr2gray) differenceimage = cv2.absdiff(grayimage1,grayimage2) thresholdimage = cv2.threshold(differenceimage,25,255,cv2.thresh_binary) cv2.imshow("difference image", differenceimage) cv2.imshow("threshold image", thresholdimage) cv2.imshow("image", frame1) k = cv2.waitkey(30) & 0xff error arising : ----------------------------------------------------------------------------------------- traceback (most recent call last): file "desk.py", line 15, in <module> cv2.imshow("threshold image", thresholdimage) typeerror: mat not numerical tuple ...
Read more

c# - MSAA finds controls UI Automation doesn't -

-
i'm working on automating windows application. i'm using teststack white framework. i've hit problem. program has 'window' object cannot see inside of. white shows no controls inside of it. inspect.exe shows no controls inside of either when running in ui automation mode. if switch inspect msaa see controls inside fine. there anyway me use msaa c# handle on these controls? if can identify msaa functions need, can use p/invoke call them c#. here's example article doing msaa: http://www.codeproject.com/articles/38906/ui-automation-using-microsoft-active-accessibility also, pinvoke.net can used identify iaccessible (msaa) functions: http://www.pinvoke.net/search.aspx?search=iaccessible&namespace=[all] here's answer along lines: msaa com-based? finally, alternative p/invoke, might able use tlbimp.exe create wrapper assembly oleacc.dll, , access msaa functions through it. i'm not sure if works msaa, it's worth try. as e...
Read more

wordpress - .htaccess: RewriteRule: bad flag delimiters -

-
pulling hair out on one. have following .htaccess file custom redirects in addition wordpress's default settings. when tested on local wamp server worked fine after moving production i'm not getting rewriterule: bad flag delimiters error in server log , after while site goes down internal server error any appreciated. in advance! <ifmodule mod_rewrite.c> rewriteengine on rewritebase / rewriterule ^rockford_weddings___welcome\.html$ /wedding/ [r=301,l] rewriterule ^blog/?$ /journal/ [r=301,l] rewriterule ^blog/(.*)$ /$1 [r=301,l] rewriterule ^portraitinvestment/?$ /portraitinvestment\.pdf [r=301,l] rewriterule ^weddinginvestment/?$ /weddinginvestment\.pdf [r=301,l] rewriterule ^holidaycards2014/?$ /holidaycards2014\.pdf [r=301,l] </ifmodule> # begin wordpress <ifmodule mod_rewrite.c> rewriteengine on rewritebase / rewriterule ^index\.php$ - [l] rewritecond %{request_filename} !-f rewritecond %{request_filename} !-d rewriterule . /index.php [l] </...
Read more