Package com.github.nhenneaux.resilienthttpclient.singlehostclient

Class SingleHostHttpClientBuilder

  • public class SingleHostHttpClientBuilder
extends Object
    Create an HttpClient to target a single host. It validates the certificate to authenticate the server in TLS communication with this single name. It can be used to target a single host using its IP address(es) instead of its hostname while keeping a high protection against Man-in-the-middle attack.

    -Djdk.internal.httpclient.disableHostnameVerification is needed to use a custom TLS name matching based on the requested host instead of the one from the URL.

    -Djdk.httpclient.allowRestrictedHeaders=Host is needed to customize the HTTP Host header.

    • Method Detail

      • newHttpClient

        public static HttpClient newHttpClient​(String hostname,
                                       InetAddress hostAddress)
        Build a single hostname client with default configuration. It uses TLS matching based on the given hostname. It also provides the given hostname in SNI extension. The returned java.net.http.HttpClient is wrapped to force the HTTP header Host with the given hostname.

      • builder

        public static SingleHostHttpClientBuilder builder​(String hostname,
                                                  InetAddress hostAddress,
                                                  HttpClient.Builder builder)
        Build a single hostname client builder. It could override the following elements of the builder.
        • java.net.http.HttpClient.Builder#sslContext(javax.net.ssl.SSLContext) with a custom SSLContext using the given truststore disabling default name validation and using the given hostname
        • java.net.http.HttpClient.Builder#sslParameters(javax.net.ssl.SSLParameters) to force the SNI server name expected

      • buildWithHostHeader

        public HttpClient buildWithHostHeader()
        Build a client with HTTP header host overridden in Java 13+