[HTTPCLIENT-2381] Respect system properties by default

The practical effect of this change is that default JVM configuration
for key stores (for mutual TLS) and proxy selection will be respected by
default. This change has two goals.

First, applications and libraries built on the client will work with
proxies much more reliably, since their authors no longer need to opt in
to a non-default setting in order for things like proxies to be
configurable in the usual manner (i.e. without code changes).

Second, this change, along with the change in 5.6 to make `BUILTIN` the
default `HostnameVerificationPolicy`, makes the client's configuration
philosophy fully consistent across all supported features. To wit:

1. HttpComponents _itself_ is always configured programmatically and
   does not directly read system properties to obtain config values.
2. For a given feature, the default behavior is to delegate to the JDK
   implementation. This implementation may support out-of-band
   configuration via system properties, static methods, the
   `java.security` file, system-wide OS configuration, etc.
3. This delegation behavior can be overridden by a programmatic config
   option, either to directly customize the JDK-supplied implementation
   or to supply an alternate implementation.

This table shows what this philosophy looks like concretely across
various features:

| Feature               | Default JDK behavior                           | Example JDK config property | Override strategy                                                               |
| --------------------- | ---------------------------------------------- | --------------------------- | ------------------------------------------------------------------------------- |
| Trust store           | Load from OS                                   | `javax.net.ssl.trustStore`  | Set a `TrustManager[]`                                                          |
| Key store             | Load nothing                                   | `javax.net.ssl.keyStore`    | Set a `KeyManager[]`                                                            |
| Hostname verification | Run `HostnameChecker` from `sun.security.util` | None                        | Set a `HostnameVerifier` and `HostnameVerificationPolicy`                       |
| Proxy config          | Use system properties or load from OS          | `java.net.useSystemProxies` | Set a `ProxySelector` or `HttpRoutePlanner`                                     |
| Client cipher suites  | Send all supported cipher suites               | `java.security.properties`  | Set an `SSLContext`                                                             |
| IP family selection   | Prefer IPv6                                    | `java.net.preferIPv4Stack`  | Set a `DetachedSocketFactory` or `DnsResolver`, call `setUnixDomainSocket`, etc |
| DNS resolution        | Use built-in resolver                          | `networkaddress.cache.ttl`  | Set a `DnsResolver`                                                             |

See also the previous discussion at:

#773

Author: rschmitt

httpclient5-fluent/src/main/java/org/apache/hc/client5/http/fluent/Executor.java

@@ -77,14 +77,12 @@ static CloseableHttpClient GET_CLASSIC_CLIENT() {
             if (CLIENT == null) {
                 CLIENT = HttpClientBuilder.create()
                         .setConnectionManager(PoolingHttpClientConnectionManagerBuilder.create()
-                                .useSystemProperties()
                                 .setMaxConnPerRoute(100)
                                 .setMaxConnTotal(200)
                                 .setDefaultConnectionConfig(ConnectionConfig.custom()
                                         .setValidateAfterInactivity(TimeValue.ofSeconds(10))
                                         .build())
                                 .build())
-                        .useSystemProperties()
                         .evictExpiredConnections()
                         .evictIdleConnections(TimeValue.ofMinutes(1))
                         .build();
@@ -105,15 +103,13 @@ static CloseableHttpClient GET_ASYNC_CLIENT() {
             if (ASYNC_CLIENT == null) {
                 ASYNC_CLIENT = new ClassicToAsyncAdaptor(HttpAsyncClientBuilder.create()
                         .setConnectionManager(PoolingAsyncClientConnectionManagerBuilder.create()
-                                .useSystemProperties()
                                 .setMaxConnPerRoute(100)
                                 .setMaxConnTotal(200)
                                 .setMessageMultiplexing(true)
                                 .setDefaultConnectionConfig(ConnectionConfig.custom()
                                         .setValidateAfterInactivity(TimeValue.ofSeconds(10))
                                         .build())
                                 .build())
-                        .useSystemProperties()
                         .evictExpiredConnections()
                         .evictIdleConnections(TimeValue.ofMinutes(1))
                         .build(), Timeout.ofMinutes(5));

httpclient5-sse/src/main/java/org/apache/hc/client5/http/sse/SseExecutor.java

@@ -103,12 +103,10 @@ static CloseableHttpAsyncClient getSharedClient() {
             if (c == null) {
                 c = HttpAsyncClientBuilder.create()
                         .setConnectionManager(PoolingAsyncClientConnectionManagerBuilder.create()
-                                .useSystemProperties()
                                 .setMaxConnPerRoute(100)
                                 .setMaxConnTotal(200)
                                 .setMessageMultiplexing(true)
                                 .build())
-                        .useSystemProperties()
                         .evictExpiredConnections()
                         .evictIdleConnections(TimeValue.ofMinutes(1))
                         .build();

httpclient5-sse/src/test/java/org/apache/hc/client5/http/sse/example/ClientSseExample.java

@@ -67,7 +67,6 @@ public static void main(final String[] args) throws Exception {
 
         final PoolingAsyncClientConnectionManager connMgr =
                 PoolingAsyncClientConnectionManagerBuilder.create()
-                        .useSystemProperties()
                         .setMessageMultiplexing(true)      // HTTP/2 stream multiplexing
                         .setMaxConnPerRoute(32)
                         .setMaxConnTotal(256)
@@ -84,7 +83,6 @@ public static void main(final String[] args) throws Exception {
                         .setPushEnabled(false)
                         .setMaxConcurrentStreams(256)
                         .build())
-                .useSystemProperties()
                 .evictExpiredConnections()
                 .evictIdleConnections(TimeValue.ofMinutes(1))
                 .build();

httpclient5-sse/src/test/java/org/apache/hc/client5/http/sse/example/ClientSseH2Example.java

@@ -145,7 +145,6 @@ public static void main(final String[] args) throws Exception {
 
         final PoolingAsyncClientConnectionManager connMgr =
                 PoolingAsyncClientConnectionManagerBuilder.create()
-                        .useSystemProperties()
                         .setMessageMultiplexing(true)
                         .setMaxConnPerRoute(1)
                         .setMaxConnTotal(4)
@@ -161,7 +160,6 @@ public static void main(final String[] args) throws Exception {
                         .setPushEnabled(false)
                         .setMaxConcurrentStreams(Math.max(64, streamCount * 8))
                         .build())
-                .useSystemProperties()
                 .evictExpiredConnections()
                 .evictIdleConnections(TimeValue.ofMinutes(1))
                 .build();

httpclient5-sse/src/test/java/org/apache/hc/client5/http/sse/example/SsePerfClient.java

@@ -107,7 +107,6 @@ public static void main(final String[] args) throws Exception {
 
         final PoolingAsyncClientConnectionManager connMgr =
                 PoolingAsyncClientConnectionManagerBuilder.create()
-                        .useSystemProperties()
                         .setMessageMultiplexing(true)
                         .setMaxConnPerRoute(16)
                         .setMaxConnTotal(16)
@@ -123,7 +122,6 @@ public static void main(final String[] args) throws Exception {
                         .setPushEnabled(false)
                         .setMaxConcurrentStreams(Math.max(64, streams * 4))
                         .build())
-                .useSystemProperties()
                 .evictExpiredConnections()
                 .evictIdleConnections(TimeValue.ofMinutes(1))
                 .build();

httpclient5-sse/src/test/java/org/apache/hc/client5/http/sse/example/performance/SsePerfClient.java

@@ -90,7 +90,6 @@ public static void main(final String[] args) throws Exception {
 
         final PoolingAsyncClientConnectionManager connMgr =
                 PoolingAsyncClientConnectionManagerBuilder.create()
-                        .useSystemProperties()
                         .setMessageMultiplexing(true) // enable H2 multiplexing if negotiated
                         .setMaxConnPerRoute(Math.max(64, connections))
                         .setMaxConnTotal(Math.max(128, connections))
@@ -107,7 +106,6 @@ public static void main(final String[] args) throws Exception {
                         .setPushEnabled(false)
                         .setMaxConcurrentStreams(512)
                         .build())
-                .useSystemProperties()
                 .evictExpiredConnections()
                 .evictIdleConnections(TimeValue.ofMinutes(1))
                 .build();

httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/H2AsyncClientBuilder.java

@@ -55,7 +55,6 @@
 import org.apache.hc.client5.http.impl.DefaultHttpRequestRetryStrategy;
 import org.apache.hc.client5.http.impl.DefaultRedirectStrategy;
 import org.apache.hc.client5.http.impl.DefaultSchemePortResolver;
-import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
 import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
@@ -201,7 +200,6 @@ private ExecInterceptorEntry(
     private boolean evictIdleConnections;
     private TimeValue maxIdleTime;
 
-    private boolean systemProperties;
     private boolean automaticRetriesDisabled;
     private boolean redirectHandlingDisabled;
     private boolean cookieManagementDisabled;
@@ -669,13 +667,13 @@ public final H2AsyncClientBuilder setDefaultConnectionConfig(final ConnectionCon
     }
 
     /**
-     * Use system properties when creating and configuring default
-     * implementations.
+     * Ignored.
      *
+     * @deprecated This method is now redundant and calls to it can be removed.
      * @return this instance.
      */
+    @Deprecated
     public final H2AsyncClientBuilder useSystemProperties() {
-        this.systemProperties = true;
         return this;
     }
 
@@ -964,20 +962,12 @@ public CloseableHttpAsyncClient build() {
 
         CredentialsProvider credentialsProviderCopy = this.credentialsProvider;
         if (credentialsProviderCopy == null) {
-            if (systemProperties) {
-                credentialsProviderCopy = new SystemDefaultCredentialsProvider();
-            } else {
-                credentialsProviderCopy = new BasicCredentialsProvider();
-            }
+            credentialsProviderCopy = new SystemDefaultCredentialsProvider();
         }
 
         TlsStrategy tlsStrategyCopy = this.tlsStrategy;
         if (tlsStrategyCopy == null) {
-            if (systemProperties) {
-                tlsStrategyCopy = DefaultClientTlsStrategy.createSystemDefault();
-            } else {
-                tlsStrategyCopy = DefaultClientTlsStrategy.createDefault();
-            }
+            tlsStrategyCopy = DefaultClientTlsStrategy.createDefault();
         }
 
         final MultihomeConnectionInitiator connectionInitiator = new MultihomeConnectionInitiator(ioReactor, dnsResolver);

httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClientBuilder.java

@@ -65,15 +65,13 @@
 import org.apache.hc.client5.http.impl.DefaultUserTokenHandler;
 import org.apache.hc.client5.http.impl.IdleConnectionEvictor;
 import org.apache.hc.client5.http.impl.NoopUserTokenHandler;
-import org.apache.hc.client5.http.impl.auth.BasicCredentialsProvider;
 import org.apache.hc.client5.http.impl.auth.BasicSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.BearerSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.DigestSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.ScramSchemeFactory;
 import org.apache.hc.client5.http.impl.auth.SystemDefaultCredentialsProvider;
 import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
 import org.apache.hc.client5.http.impl.routing.DefaultProxyRoutePlanner;
-import org.apache.hc.client5.http.impl.routing.DefaultRoutePlanner;
 import org.apache.hc.client5.http.impl.routing.SystemDefaultRoutePlanner;
 import org.apache.hc.client5.http.nio.AsyncClientConnectionManager;
 import org.apache.hc.client5.http.protocol.H2RequestPriority;
@@ -137,20 +135,6 @@
  * separate connections leased from the connection pool.
  * </p>
  * <p>
- * When a particular component is not explicitly set this class will
- * use its default implementation. System properties will be taken
- * into account when configuring the default implementations when
- * {@link #useSystemProperties()} method is called prior to calling
- * {@link #build()}.
- * </p>
- * <ul>
- *  <li>http.proxyHost</li>
- *  <li>http.proxyPort</li>
- *  <li>https.proxyHost</li>
- *  <li>https.proxyPort</li>
- *  <li>http.nonProxyHosts</li>
- * </ul>
- * <p>
  * Please note that some settings used by this class can be mutually
  * exclusive and may not apply when building {@link CloseableHttpAsyncClient}
  * instances.
@@ -252,7 +236,6 @@ private ExecInterceptorEntry(
     private boolean evictIdleConnections;
     private TimeValue maxIdleTime;
 
-    private boolean systemProperties;
     private boolean automaticRetriesDisabled;
     private boolean redirectHandlingDisabled;
     private boolean cookieManagementDisabled;
@@ -776,13 +759,13 @@ public final HttpAsyncClientBuilder setDefaultRequestConfig(final RequestConfig
     }
 
     /**
-     * Use system properties when creating and configuring default
-     * implementations.
+     * Ignored.
      *
+     * @deprecated This method is now redundant and calls to it can be removed.
      * @return this instance.
      */
+    @Deprecated
     public final HttpAsyncClientBuilder useSystemProperties() {
-        this.systemProperties = true;
         return this;
     }
 
@@ -1010,11 +993,7 @@ public AsyncClientConnectionManager getConnManager() {
     public CloseableHttpAsyncClient build() {
         AsyncClientConnectionManager connManagerCopy = this.connManager;
         if (connManagerCopy == null) {
-            final PoolingAsyncClientConnectionManagerBuilder connectionManagerBuilder = PoolingAsyncClientConnectionManagerBuilder.create();
-            if (systemProperties) {
-                connectionManagerBuilder.useSystemProperties();
-            }
-            connManagerCopy = connectionManagerBuilder.build();
+            connManagerCopy = PoolingAsyncClientConnectionManagerBuilder.create().build();
         }
 
         ConnectionKeepAliveStrategy keepAliveStrategyCopy = this.keepAliveStrategy;
@@ -1166,11 +1145,9 @@ public CloseableHttpAsyncClient build() {
                 routePlannerCopy = new DefaultProxyRoutePlanner(proxy, schemePortResolverCopy);
             } else if (this.proxySelector != null) {
                 routePlannerCopy = new SystemDefaultRoutePlanner(schemePortResolverCopy, this.proxySelector);
-            } else if (systemProperties) {
+            } else {
                 final ProxySelector defaultProxySelector = ProxySelector.getDefault();
                 routePlannerCopy = new SystemDefaultRoutePlanner(schemePortResolverCopy, defaultProxySelector);
-            } else {
-                routePlannerCopy = new DefaultRoutePlanner(schemePortResolverCopy);
             }
         }
 
@@ -1276,11 +1253,7 @@ public CloseableHttpAsyncClient build() {
 
         CredentialsProvider credentialsProviderCopy = this.credentialsProvider;
         if (credentialsProviderCopy == null) {
-            if (systemProperties) {
-                credentialsProviderCopy = new SystemDefaultCredentialsProvider();
-            } else {
-                credentialsProviderCopy = new BasicCredentialsProvider();
-            }
+            credentialsProviderCopy = new SystemDefaultCredentialsProvider();
         }
 
         return new InternalHttpAsyncClient(

httpclient5/src/main/java/org/apache/hc/client5/http/impl/async/HttpAsyncClients.java

@@ -89,9 +89,12 @@ public static CloseableHttpAsyncClient createDefault() {
     /**
      * Creates {@link CloseableHttpAsyncClient} instance with default
      * configuration and system properties.
+     *
+     * @deprecated This is now a synonym for {@link #createDefault}; call that instead.
      */
+    @Deprecated
     public static CloseableHttpAsyncClient createSystem() {
-        return HttpAsyncClientBuilder.create().useSystemProperties().build();
+        return createDefault();
     }
 
     /**
@@ -112,11 +115,13 @@ public static CloseableHttpAsyncClient createHttp2Default() {
     }
 
     /**
-     * Creates HTTP/2 {@link CloseableHttpAsyncClient} instance with default configuration and
-     * system properties optimized for HTTP/2 protocol and message multiplexing.
+     * Creates HTTP/2 {@link CloseableHttpAsyncClient} instance with default configuration.
+     *
+     * @deprecated This is now a synonym for {@link #createHttp2Default}; call that instead.
      */
+    @Deprecated
     public static CloseableHttpAsyncClient createHttp2System() {
-        return H2AsyncClientBuilder.create().useSystemProperties().build();
+        return createHttp2Default();
     }
 
     private static HttpProcessor createMinimalProtocolProcessor() {