[keycloak-dev] Reuse Apache HTTP client in the quickstarts and examples?

Stian Thorgersen sthorger at redhat.com
Fri May 6 07:13:32 EDT 2016


I've actually got more of an issue with the fact that it disables SSL:

SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new
TrustStrategy() {
            public boolean isTrusted(X509Certificate[] arg0, String arg1)
throws CertificateException {
                return true;
            }
        }).build();
        b.setSslcontext( sslContext);

        // don't check Hostnames, either.
        //      -- use
SSLConnectionSocketFactory.getDefaultHostnameVerifier(), if you don't want
to weaken
        HostnameVerifier hostnameVerifier =
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER;

On 6 May 2016 at 11:24, Marek Posolda <mposolda at redhat.com> wrote:

> Right now, we always create new instance of Apache HTTP Client per each
> request. Like in the quickstarts [1] or in the examples [2] .
>
> This is anti-pattern and not very good usage of Apache HTTP Client,
> which is supposed to be application-scoped object though. I know the
> point is to have examples as easy as possible. However shouldn't we
> avoid anti-patterns? Otherwise there might be possible risk that people
> will inspire and use the same pattern in their production apps :-)
>
> [1]
>
> https://github.com/keycloak/keycloak-examples/blob/master/app-jee/src/main/java/org/keycloak/quickstart/appjee/ServiceClient.java#L148
> [2]
>
> https://github.com/keycloak/keycloak/blob/master/examples/demo-template/customer-app/src/main/java/org/keycloak/example/CustomerDatabaseClient.java#L67
>
> Marek
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20160506/987514ce/attachment.html 


More information about the keycloak-dev mailing list