A Java client for the WebSphere CloudBurst REST API


A while back I wrote a simple Java application (based on the Apache Wink project) that acted as an aggregator for RESTful request to a WebSphere CloudBurst Appliance. This was my simple, yet effective, workaround for cross-domain scripting challenges.

Part of that Java application is a client that, based on the request sent to the application, sends a similar request to the actual WebSphere CloudBurst Appliance at a specified host. For instance, a request may come in with the following path and query string:

/resources/virtualSystems?wcaHost=ibmwcaex.com&wcaUser=dustin

The client portion of my application will send a request with the path /resources/virtualSystems to the WebSphere CloudBurst Appliance at the ibmwcaex.com host, and do so as the dustin user (the way the application retrieves the password for the user is not pertinent to this post). Pretty simple stuff, but it allows me to receive requests from lots of different front-ends and disperse those to a target appliance anywhere.

My client is based on the Apache Wink and  Apache HTTPClient project. It is really simple. Just a disclaimer right up front. In my case I was not really focused on writing a secure, hardened client as you can well see. Many of my security classes (HostnameVerifier and TrustManager) are essentially no-ops. In a production setting, you would obviously want to tighten this up. That being said, here’s a snippet of the client code:

TrustManager easyTrustManager = new X509TrustManager() {
 
 public X509Certificate[] getAcceptedIssuers() {
 // no-op
 return null;
 }
 
 public void checkServerTrusted(X509Certificate[] chain, String authType)
 throws CertificateException {
 // no-op
 }
 
 public void checkClientTrusted(X509Certificate[] chain, String authType)
 throws CertificateException {
 // no-op
 }
 };
 
 SSLContext sslContext = SSLContext.getInstance("TLS");
 sslContext.init(null, new TrustManager[] {easyTrustManager}, null);
 SSLSocketFactory sf = new SSLSocketFactory(sslContext);
 sf.setHostnameVerifier(new X509HostnameVerifier() {
 
 public boolean verify(String hostname, SSLSession session) {
 return true;
 }
 
 public void verify(String arg0, String[] arg1, String[] arg2)
 throws SSLException {
 }
 
 public void verify(String arg0, X509Certificate arg1) throws SSLException {

 }
 
 public void verify(String arg0, SSLSocket socket) throws IOException {
 }
 });
 SSLSocket socket = (SSLSocket) sf.createSocket();
 socket.setEnabledCipherSuites(new String[] { "SSL_RSA_WITH_RC4_128_MD5" });

 HttpParams params = new BasicHttpParams();
 params.setParameter(CoreConnectionPNames.CONNECTION_TIMEOUT, 1000);
 sf.connectSocket(socket, wcaHost, 443, null, -1, params);
 Scheme scheme = new Scheme("https", sf, 443);
 DefaultHttpClient client = new DefaultHttpClient();
 client.getConnectionManager().getSchemeRegistry().register(scheme);      
 ClientConfig config = new ApacheHttpClientConfig(client);
 config.applications(new WCAApplication());
 RestClient restClient = new RestClient(config);
 Resource resource = restClient.resource(uri);
 resource.header("Accept", "application/json");
 resource.header("Accept-Language", "en");
 resource.header("X-CloudBurst-API-Version", "1.1");
 resource.header("Authorization", getAuthHeader(wcaUser));

Just a few notes about the above. In my application since I’m using the Apache Wink client-side API, there are a few things that you would not need if you were using the plain Apache HTTPClient API. Namely, I had to create a RestClient, add my javax.ws.rs.core.Application subclass, and create a new Resource instance. If you do not want to use the Apache Wink client-side API, simply drive the Apache HTTPClient APIs to initiate the request.

Also, notice that I’m directly setting the Authorization header. The value is based on the rules laid out in the HTTP specification, which is basically of the form: Authorization: Basic base64(username:password). You can do it any number of ways, including using Apache HTTPClient APIs. If you choose to go the Apache HTTPClient API route, beware that setting up preemptive authentication can be a bit tricky.

The code snippet above is only an as-is sample, so please treat it that way. As always, please let me know if you have any questions or feedback.

Advertisements

One Response to “A Java client for the WebSphere CloudBurst REST API”

  1. Ruby Says:

    Very good blog! Do you have any recommendations for
    aspiring writers? I’m hoping to start my own site soon but I’m
    a little lost on everything. Would you recommend starting with a free platform like WordPress or go for
    a paid option? There are so many options out there that I’m totally confused .. Any suggestions? Cheers!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: