0

I want to download a file in groovy over a connection that is both using single sign on (SSO) over HTTPS (SSL) is there an easy way to do this. I'm not intending to build a full blown application so security is not as much of a concern.

def data =  new URL("https://server/context/servlet?param1=value1").getText()
print data

I currently do the download using curl but would ideally not have to call curl. current used call below. 

curl --negotiate -u user:pass -L --insecure -o filename.txt  "https://server/context/servlet?param1=value1"

enter image description here

Two key points to the solution i'm looking for - It does not involve making a system call to curl - It does not include manually setting up a certificate.

Would consider libraries.

albciff
  • 18,112
  • 4
  • 64
  • 89
user1605665
  • 3,771
  • 10
  • 36
  • 54
  • 1
    Possible duplicate of [telling java to accept self-signed ssl certificate](http://stackoverflow.com/questions/2893819/telling-java-to-accept-self-signed-ssl-certificate) – Strelok Feb 09 '16 at 22:48
  • 1
    You could use httpbuilder and set it to ignore SSL issues https://github.com/jgritman/httpbuilder/wiki/SSL#ignoresslissues – tim_yates Feb 09 '16 at 22:59

1 Answers1

1

To avoid the SSL PKIX validation check, in Groovy, you can implement a X509TrustManager in the same way that you do it in Java.

Note that this disable the validation server certificate validation, therefore it's a security risk:

import javax.net.ssl.*
    
// create a TrustManager to avoid PKIX path validation
def trustManager = [
  checkClientTrusted: { chain, authType ->  },
  checkServerTrusted: { chain, authType ->  },
  getAcceptedIssuers: { null }
] as X509TrustManager

// creat a sslCtx to use "lax" trustManager     
def context = SSLContext.getInstance("TLS")
context.init(null, [trustManager] as TrustManager[], null)
// set as default ssl context   
HttpsURLConnection.setDefaultSSLSocketFactory(context.getSocketFactory())

// finally you can connect to the server "insecurely"
def data =  new URL("https://server/context/servlet?param1=value1").getText()
print data

About your second question, to provide a basic authentication like curl does with --user argument, you can set a default user/password for your connections using Authenticator class:

Authenticator.setDefault (new Authenticator() {
    protected PasswordAuthentication getPasswordAuthentication() {
        return new PasswordAuthentication ("user", "pass".toCharArray())
    }
})

Note that is possible to do so on other ways in Groovy using some libraries, but this is a possible way using standard Java classes.

albciff
  • 18,112
  • 4
  • 64
  • 89